mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
Browse Source

SONAR-2084 fix the key of the property sonar.secretKeyPath

tags/3.0
Simon Brandhof 12 years ago
parent
9f81f51592
commit
38094d45fc
3 changed files with 9 additions and 10 deletions
Split View Show Diff Stats
  1. 1
    1
      sonar-plugin-api/src/main/java/org/sonar/api/CoreProperties.java
  2. 3
    3
      sonar-plugin-api/src/main/java/org/sonar/api/config/AesCipher.java
  3. 5
    6
      sonar-plugin-api/src/test/java/org/sonar/api/config/AesCipherTest.java

+ 1
- 1
sonar-plugin-api/src/main/java/org/sonar/api/CoreProperties.java View File

@@ -30,7 +30,7 @@ public interface CoreProperties {
/**
* @since 2.15
*/
String ENCRYPTION_SECRET_KEY_FILE = "sonar.secretKeyFile";
String ENCRYPTION_SECRET_KEY_PATH = "sonar.secretKeyPath";


/**

+ 3
- 3
sonar-plugin-api/src/main/java/org/sonar/api/config/AesCipher.java View File

@@ -95,11 +95,11 @@ final class AesCipher extends Cipher {
@VisibleForTesting
Key loadSecretFileFromFile(@Nullable String path) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, InvalidKeyException {
if (StringUtils.isBlank(path)) {
throw new IllegalStateException("Secret key not found. Please set the property " + CoreProperties.ENCRYPTION_SECRET_KEY_FILE);
throw new IllegalStateException("Secret key not found. Please set the property " + CoreProperties.ENCRYPTION_SECRET_KEY_PATH);
}
File file = new File(path);
if (!file.exists() || !file.isFile()) {
throw new IllegalStateException("The property " + CoreProperties.ENCRYPTION_SECRET_KEY_FILE + " does not link to a valid file: " + path);
throw new IllegalStateException("The property " + CoreProperties.ENCRYPTION_SECRET_KEY_PATH + " does not link to a valid file: " + path);
}
String s = FileUtils.readFileToString(file);
if (StringUtils.isBlank(s)) {
@@ -122,7 +122,7 @@ final class AesCipher extends Cipher {

@VisibleForTesting
String getPathToSecretKey() {
String path = settings.getClearString(CoreProperties.ENCRYPTION_SECRET_KEY_FILE);
String path = settings.getClearString(CoreProperties.ENCRYPTION_SECRET_KEY_PATH);
if (StringUtils.isBlank(path)) {
path = new File(FileUtils.getUserDirectoryPath(), ".sonar/sonar-secret.txt").getPath();
}

+ 5
- 6
sonar-plugin-api/src/test/java/org/sonar/api/config/AesCipherTest.java View File

@@ -20,7 +20,6 @@
package org.sonar.api.config;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang.StringUtils;
import org.junit.Test;
import org.sonar.api.CoreProperties;
@@ -51,7 +50,7 @@ public class AesCipherTest {
@Test
public void encrypt() throws Exception {
Settings settings = new Settings();
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_FILE, pathToSecretKey());
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_PATH, pathToSecretKey());
AesCipher cipher = new AesCipher(settings);

String encryptedText = cipher.encrypt("this is a secret");
@@ -63,7 +62,7 @@ public class AesCipherTest {
@Test
public void decrypt() throws Exception {
Settings settings = new Settings();
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_FILE, pathToSecretKey());
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_PATH, pathToSecretKey());
AesCipher cipher = new AesCipher(settings);

// the following value has been encrypted with the key /org/sonar/api/config/AesCipherTest/aes_secret_key.txt
@@ -76,7 +75,7 @@ public class AesCipherTest {
public void decrypt_bad_key() throws Exception {
URL resource = getClass().getResource("/org/sonar/api/config/AesCipherTest/bad_secret_key.txt");
Settings settings = new Settings();
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_FILE, new File(resource.toURI()).getCanonicalPath());
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_PATH, new File(resource.toURI()).getCanonicalPath());
AesCipher cipher = new AesCipher(settings);

try {
@@ -92,7 +91,7 @@ public class AesCipherTest {
public void decrypt_other_key() throws Exception {
URL resource = getClass().getResource("/org/sonar/api/config/AesCipherTest/other_secret_key.txt");
Settings settings = new Settings();
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_FILE, new File(resource.toURI()).getCanonicalPath());
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_PATH, new File(resource.toURI()).getCanonicalPath());
AesCipher cipher = new AesCipher(settings);

try {
@@ -108,7 +107,7 @@ public class AesCipherTest {
@Test
public void encryptThenDecrypt() throws Exception {
Settings settings = new Settings();
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_FILE, pathToSecretKey());
settings.setProperty(CoreProperties.ENCRYPTION_SECRET_KEY_PATH, pathToSecretKey());
AesCipher cipher = new AesCipher(settings);

assertThat(cipher.decrypt(cipher.encrypt("foo")), is("foo"));

Write Preview
Loading…
Cancel
Save