Source Code of org.jclouds.ec2.compute.functions.WindowsLoginCredentialsFromEncryptedData

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.jclouds.ec2.compute.functions;

import static com.google.common.io.BaseEncoding.base64;

import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.KeySpec;

import javax.crypto.Cipher;
import javax.inject.Inject;

import org.jclouds.crypto.Crypto;
import org.jclouds.crypto.Pems;
import org.jclouds.domain.LoginCredentials;
import org.jclouds.ec2.compute.domain.PasswordDataAndPrivateKey;
import org.jclouds.javax.annotation.Nullable;

import com.google.common.base.Charsets;
import com.google.common.base.Function;
import com.google.common.base.Throwables;
import com.google.inject.Singleton;

/**
 * Given an encrypted Windows Administrator password and the decryption key, return a LoginCredentials instance.
 *
 * @author Richard Downer
 */
@Singleton
public class WindowsLoginCredentialsFromEncryptedData implements Function<PasswordDataAndPrivateKey, LoginCredentials> {

   private final Crypto crypto;

   @Inject
   public WindowsLoginCredentialsFromEncryptedData(Crypto crypto) {
      this.crypto = crypto;
   }

   @Override
   public LoginCredentials apply(@Nullable PasswordDataAndPrivateKey dataAndKey) {
      if (dataAndKey == null)
         return null;

      try {
         KeySpec keySpec = Pems.privateKeySpec(dataAndKey.getPrivateKey());
         KeyFactory kf = crypto.rsaKeyFactory();
         PrivateKey privKey = kf.generatePrivate(keySpec);

         Cipher cipher = crypto.cipher("RSA");
         cipher.init(Cipher.DECRYPT_MODE, privKey);
         byte[] cipherText = base64().decode(dataAndKey.getPasswordData().getPasswordData());
         byte[] plainText = cipher.doFinal(cipherText);
         String password = new String(plainText, Charsets.US_ASCII);

         return LoginCredentials.builder()
                                .user("Administrator")
                                .password(password)
                                .noPrivateKey()
                                .build();
      } catch(Exception e) {
         throw Throwables.propagate(e);
      }
   }
}