mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 235 Wiki Activity
Browse Source

SONAR-12841 Support AES 256 Settings Encryption

tags/8.5.0.37579
Duarte Meneses 3 years ago
parent
670f78693c
commit
4cd0180440
3 changed files with 5 additions and 7 deletions
Split View Show Diff Stats
  1. 2
    1
      server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java
  2. 2
    1
      server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java
  3. 1
    5
      sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java

+ 2
- 1
server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java View File

@@ -20,6 +20,7 @@
package org.sonar.server.setting.ws;

import java.io.File;
import java.nio.charset.StandardCharsets;
import javax.annotation.Nullable;
import org.apache.commons.io.FileUtils;
import org.junit.Before;
@@ -59,7 +60,7 @@ public class EncryptActionTest {
logInAsSystemAdministrator();

File secretKeyFile = folder.newFile();
FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g==");
FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g==", StandardCharsets.UTF_8);

encryption.setPathToSecretKey(secretKeyFile.getAbsolutePath());
}

+ 2
- 1
server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java View File

@@ -21,6 +21,7 @@ package org.sonar.server.setting.ws;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import org.apache.commons.io.FileUtils;
import org.junit.Rule;
import org.junit.Test;
@@ -55,7 +56,7 @@ public class GenerateSecretKeyActionTest {

String secretKey = result.getSecretKey();
File file = temporaryFolder.newFile();
FileUtils.writeStringToFile(file, secretKey);
FileUtils.writeStringToFile(file, secretKey, StandardCharsets.UTF_8);
encryption.setPathToSecretKey(file.getAbsolutePath());
String encryptedValue = encryption.encrypt("my value");
String decryptedValue = encryption.decrypt(encryptedValue);

+ 1
- 5
sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java View File

@@ -36,11 +36,7 @@ import org.sonar.api.CoreProperties;
import static java.nio.charset.StandardCharsets.UTF_8;

final class AesCipher implements Cipher {

// Can't be increased because of Java 6 policy files :
// https://confluence.terena.org/display/~visser/No+256+bit+ciphers+for+Java+apps
// http://java.sun.com/javase/6/webnotes/install/jre/README
static final int KEY_SIZE_IN_BITS = 128;
static final int KEY_SIZE_IN_BITS = 256;

private static final String CRYPTO_KEY = "AES";


Write Preview
Loading…
Cancel
Save