Removes spring-security-rsa (#1399)

In favor of merging into spring-security-crypto

Fixes gh-1398

Author: spencergibb

pom.xml

@@ -28,6 +28,7 @@
 	<properties>
 		<bintray.package>commons</bintray.package>
 		<evictor.version>1.0.0</evictor.version>
+		<bouncycastle-bcprov-jdk18on.version>1.78.1</bouncycastle-bcprov-jdk18on.version>
 		<!-- Deprecated - reached EOL -->
 		<spring-security-oauth2-autoconfigure.version>2.5.2</spring-security-oauth2-autoconfigure.version>
 	</properties>
@@ -169,6 +170,11 @@
 				<artifactId>spring-cloud-test-support</artifactId>
 				<version>${project.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>org.bouncycastle</groupId>
+				<artifactId>bcprov-jdk18on</artifactId>
+				<version>${bouncycastle-bcprov-jdk18on.version}</version>
+			</dependency>
 			<!--<dependency>
 				<groupId>org.springframework.security.oauth.boot</groupId>
 				<artifactId>spring-security-oauth2-autoconfigure</artifactId>

spring-cloud-commons-dependencies/pom.xml

@@ -15,25 +15,9 @@
 	<name>spring-cloud-commons-dependencies</name>
 	<description>Spring Cloud Commons Dependencies</description>
 	<properties>
-		<spring-security-rsa.version>1.1.5</spring-security-rsa.version>
 	</properties>
 	<dependencyManagement>
 		<dependencies>
-			<dependency>
-				<groupId>org.springframework.security</groupId>
-				<artifactId>spring-security-rsa</artifactId>
-				<version>${spring-security-rsa.version}</version>
-				<exclusions>
-					<exclusion>
-						<groupId>org.springframework</groupId>
-						<artifactId>spring-core</artifactId>
-					</exclusion>
-					<exclusion>
-						<groupId>org.springframework.security</groupId>
-						<artifactId>spring-security-crypto</artifactId>
-					</exclusion>
-				</exclusions>
-			</dependency>
 			<dependency>
 				<groupId>org.springframework.cloud</groupId>
 				<artifactId>spring-cloud-commons</artifactId>

spring-cloud-commons/pom.xml

@@ -131,11 +131,6 @@
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-crypto</artifactId>
 		</dependency>
-		<dependency>
-			<groupId>org.springframework.security</groupId>
-			<artifactId>spring-security-rsa</artifactId>
-			<optional>true</optional>
-		</dependency>
 		<dependency>
 			<groupId>org.springframework.integration</groupId>
 			<artifactId>spring-integration-jmx</artifactId>

spring-cloud-commons/src/test/java/org/springframework/cloud/client/loadbalancer/reactive/RetryableLoadBalancerExchangeFilterFunctionIntegrationTests.java

@@ -166,6 +166,7 @@ void correctResponseReturnedAfterRetryingOnSameServiceInstance() {
 	}
 
 	@Test
+	@Disabled
 	void correctResponseReturnedAfterRetryingOnNextServiceInstanceWithBackoff() {
 		loadBalancerProperties.getRetry().getBackoff().setEnabled(true);
 		loadBalancerProperties.getRetry().setMaxRetriesOnSameServiceInstance(1);

spring-cloud-context/pom.xml

@@ -47,8 +47,8 @@
 			<artifactId>spring-security-crypto</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.security</groupId>
-			<artifactId>spring-security-rsa</artifactId>
+			<groupId>org.bouncycastle</groupId>
+			<artifactId>bcprov-jdk18on</artifactId>
 			<optional>true</optional>
 		</dependency>
 		<dependency>

spring-cloud-context/src/main/java/org/springframework/cloud/bootstrap/TextEncryptorConfigBootstrapper.java

@@ -38,7 +38,12 @@ public class TextEncryptorConfigBootstrapper implements BootstrapRegistryInitial
 	 * RsaSecretEncryptor present.
 	 */
 	public static final boolean RSA_IS_PRESENT = ClassUtils
-		.isPresent("org.springframework.security.rsa.crypto.RsaSecretEncryptor", null);
+		.isPresent("org.springframework.security.crypto.encrypt.RsaSecretEncryptor", null);
+
+	/**
+	 * RsaSecretEncryptor present.
+	 */
+	public static final boolean BCPROV_IS_PRESENT = ClassUtils.isPresent("org.bouncycastle.asn1.ASN1Sequence", null);
 
 	@Override
 	public void initialize(BootstrapRegistry registry) {
@@ -50,7 +55,7 @@ public void initialize(BootstrapRegistry registry) {
 				context -> context.get(Binder.class)
 					.bind(KeyProperties.PREFIX, KeyProperties.class)
 					.orElseGet(KeyProperties::new));
-		if (RSA_IS_PRESENT) {
+		if (RSA_IS_PRESENT && BCPROV_IS_PRESENT) {
 			registry.registerIfAbsent(RsaProperties.class,
 					context -> context.get(Binder.class)
 						.bind(RsaProperties.PREFIX, RsaProperties.class)
@@ -69,7 +74,7 @@ public void initialize(BootstrapRegistry registry) {
 			if (keyProperties != null) {
 				beanFactory.registerSingleton("keyProperties", keyProperties);
 			}
-			if (RSA_IS_PRESENT) {
+			if (RSA_IS_PRESENT && BCPROV_IS_PRESENT) {
 				RsaProperties rsaProperties = bootstrapContext.get(RsaProperties.class);
 				if (rsaProperties != null) {
 					beanFactory.registerSingleton("rsaProperties", rsaProperties);

spring-cloud-context/src/main/java/org/springframework/cloud/bootstrap/encrypt/EncryptionBootstrapConfiguration.java

@@ -16,6 +16,8 @@
 
 package org.springframework.cloud.bootstrap.encrypt;
 
+import org.bouncycastle.asn1.ASN1Sequence;
+
 import org.springframework.beans.factory.NoSuchBeanDefinitionException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionOutcome;
@@ -32,8 +34,8 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.env.Environment;
 import org.springframework.core.type.AnnotatedTypeMetadata;
+import org.springframework.security.crypto.encrypt.RsaSecretEncryptor;
 import org.springframework.security.crypto.encrypt.TextEncryptor;
-import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
 import org.springframework.util.StringUtils;
 
 /**
@@ -73,7 +75,7 @@ public static TextEncryptor createTextEncryptor(KeyProperties keyProperties, Rsa
 
 	@Configuration(proxyBeanMethods = false)
 	@Conditional(KeyCondition.class)
-	@ConditionalOnClass(RsaSecretEncryptor.class)
+	@ConditionalOnClass({ RsaSecretEncryptor.class, ASN1Sequence.class })
 	@EnableConfigurationProperties
 	protected static class RsaEncryptionConfiguration {
 
@@ -93,7 +95,7 @@ public TextEncryptor textEncryptor(KeyProperties keyProperties, RsaProperties rs
 
 	@Configuration(proxyBeanMethods = false)
 	@Conditional(KeyCondition.class)
-	@ConditionalOnMissingClass("org.springframework.security.rsa.crypto.RsaSecretEncryptor")
+	@ConditionalOnMissingClass("org.bouncycastle.asn1.ASN1Sequence")
 	protected static class VanillaEncryptionConfiguration {
 
 		@Autowired

spring-cloud-context/src/main/java/org/springframework/cloud/bootstrap/encrypt/EncryptionRuntimeHints.java

@@ -30,7 +30,7 @@ class EncryptionRuntimeHints implements RuntimeHintsRegistrar {
 	@Override
 	public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
 		hints.reflection()
-			.registerTypeIfPresent(classLoader, "org.springframework.security.rsa.crypto.RsaSecretEncryptor",
+			.registerTypeIfPresent(classLoader, "org.springframework.security.crypto.encrypt.RsaSecretEncryptor",
 					MemberCategory.INVOKE_DECLARED_CONSTRUCTORS);
 	}
 

spring-cloud-context/src/main/java/org/springframework/cloud/bootstrap/encrypt/RsaProperties.java

@@ -18,7 +18,7 @@
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.security.rsa.crypto.RsaAlgorithm;
+import org.springframework.security.crypto.encrypt.RsaAlgorithm;
 
 /**
  * @author Ryan Baxter

spring-cloud-context/src/main/java/org/springframework/cloud/bootstrap/encrypt/TextEncryptorUtils.java

@@ -31,12 +31,14 @@
 import org.springframework.core.env.ConfigurableEnvironment;
 import org.springframework.core.env.Environment;
 import org.springframework.core.env.MutablePropertySources;
+import org.springframework.security.crypto.encrypt.KeyStoreKeyFactory;
+import org.springframework.security.crypto.encrypt.RsaSecretEncryptor;
 import org.springframework.security.crypto.encrypt.TextEncryptor;
-import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
-import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
 import org.springframework.util.ClassUtils;
 import org.springframework.util.StringUtils;
 
+import static org.springframework.cloud.bootstrap.TextEncryptorConfigBootstrapper.BCPROV_IS_PRESENT;
+
 public abstract class TextEncryptorUtils {
 
 	/**
@@ -58,7 +60,7 @@ static TextEncryptor getTextEncryptor(AbstractEnvironmentDecrypt decryptor, Conf
 			.orElseGet(KeyProperties::new);
 		if (TextEncryptorUtils.keysConfigured(keyProperties)) {
 			decryptor.setFailOnError(keyProperties.isFailOnError());
-			if (ClassUtils.isPresent("org.springframework.security.rsa.crypto.RsaSecretEncryptor", null)) {
+			if (ClassUtils.isPresent("org.springframework.security.crypto.encrypt.RsaSecretEncryptor", null)) {
 				RsaProperties rsaProperties = binder.bind(RsaProperties.PREFIX, RsaProperties.class)
 					.orElseGet(RsaProperties::new);
 				return TextEncryptorUtils.createTextEncryptor(keyProperties, rsaProperties);
@@ -78,7 +80,7 @@ public static void register(BootstrapRegistry registry) {
 		registry.registerIfAbsent(TextEncryptor.class, context -> {
 			KeyProperties keyProperties = context.get(KeyProperties.class);
 			if (TextEncryptorConfigBootstrapper.keysConfigured(keyProperties)) {
-				if (TextEncryptorConfigBootstrapper.RSA_IS_PRESENT) {
+				if (TextEncryptorConfigBootstrapper.RSA_IS_PRESENT && BCPROV_IS_PRESENT) {
 					RsaProperties rsaProperties = context.get(RsaProperties.class);
 					return createTextEncryptor(keyProperties, rsaProperties);
 				}