Remove dead code generating secret AES key

diff --git a/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java b/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java
index 0e8bada17c698034c373769e5ff41e3c3f56e814..3d19e1d322fbb9a11a6b5dbba3940b24755a1980 100644 (file)
--- a/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java
+++ b/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java
@@ -22,10 +22,7 @@ package org.sonar.process;
 import java.io.File;
 import java.io.IOException;
 import java.security.Key;
-import java.security.SecureRandom;
 import javax.annotation.Nullable;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.io.FileUtils;
@@ -34,12 +31,6 @@ import org.apache.commons.lang.StringUtils;
 import static java.nio.charset.StandardCharsets.UTF_8;
 
 final class AesCipher implements Cipher {
-
-  // Can't be increased because of Java 6 policy files :
-  // https://confluence.terena.org/display/~visser/No+256+bit+ciphers+for+Java+apps
-  // http://java.sun.com/javase/6/webnotes/install/jre/README
-  public static final int KEY_SIZE_IN_BITS = 128;
-
   private static final String CRYPTO_KEY = "AES";
 
   /**
@@ -112,18 +103,6 @@ final class AesCipher implements Cipher {
     return new SecretKeySpec(Base64.decodeBase64(StringUtils.trim(s)), CRYPTO_KEY);
   }
 
-  String generateRandomSecretKey() {
-    try {
-      KeyGenerator keyGen = KeyGenerator.getInstance(CRYPTO_KEY);
-      keyGen.init(KEY_SIZE_IN_BITS, new SecureRandom());
-      SecretKey secretKey = keyGen.generateKey();
-      return Base64.encodeBase64String(secretKey.getEncoded());
-
-    } catch (Exception e) {
-      throw new IllegalStateException("Fail to generate secret key", e);
-    }
-  }
-
   String getPathToSecretKey() {
     if (StringUtils.isBlank(pathToSecretKey)) {
       pathToSecretKey = new File(System.getProperty("user.home"), ".sonar/sonar-secret.txt").getPath();

diff --git a/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java b/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java
index bb1bc5c902afbb7d05526b01cb6507e371074574..25cf6ed06719614f23d9ccefa9a395face845239 100644 (file)
--- a/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java
+++ b/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java
@@ -20,36 +20,24 @@
 package org.sonar.process;
 
 import com.google.common.io.Resources;
+import java.io.File;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import javax.crypto.BadPaddingException;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.StringUtils;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 
-import javax.crypto.BadPaddingException;
-import java.io.File;
-import java.security.InvalidKeyException;
-import java.security.Key;
-
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.fail;
 
-
 public class AesCipherTest {
 
   @Rule
   public ExpectedException thrown = ExpectedException.none();
 
-  @Test
-  public void generateRandomSecretKey() {
-    AesCipher cipher = new AesCipher(null);
-
-    String key = cipher.generateRandomSecretKey();
-
-    assertThat(StringUtils.isNotBlank(key)).isTrue();
-    assertThat(Base64.isBase64(key.getBytes())).isTrue();
-  }
-
   @Test
   public void encrypt() {
     AesCipher cipher = new AesCipher(pathToSecretKey());