Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
1.7.2
-
None
Description
After adding JSafe JCE povider to java.security I get HTTP response code 401 and the message "Invalid signature for user or client '<chefClient>'" from chef server when trying to connect using jclouds-chef api. The reason is that this provider generates the signature using RSA algortihm with different mode and/or padding that is used for decryption on chef server (and standard SunJCE). The generated signature is then considered bad by the chef server. The problem is in method org.jclouds.chef.filters.SignedHeaderAuth#sign which uses org.jclouds.io.payloads.RSAEncryptingPayload from jcloud-core. This class does not specify the mode and padding of RSA transformation and thus provider defaults are used.