diff options
author | Duarte Meneses <duarte.meneses@sonarsource.com> | 2020-08-11 15:08:01 -0500 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2020-08-14 20:16:19 +0000 |
commit | 4cd01804400e980415379551053374e2ee9694a5 (patch) | |
tree | f7be6a9a04e8681d843823e309c4056eaf562478 | |
parent | 670f78693c7c0bdb780baa01c749df6c3fa19aa8 (diff) | |
download | sonarqube-4cd01804400e980415379551053374e2ee9694a5.tar.gz sonarqube-4cd01804400e980415379551053374e2ee9694a5.zip |
SONAR-12841 Support AES 256 Settings Encryption
3 files changed, 5 insertions, 7 deletions
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java index 8991237379a..89194a4895e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java @@ -20,6 +20,7 @@ package org.sonar.server.setting.ws; import java.io.File; +import java.nio.charset.StandardCharsets; import javax.annotation.Nullable; import org.apache.commons.io.FileUtils; import org.junit.Before; @@ -59,7 +60,7 @@ public class EncryptActionTest { logInAsSystemAdministrator(); File secretKeyFile = folder.newFile(); - FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g=="); + FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g==", StandardCharsets.UTF_8); encryption.setPathToSecretKey(secretKeyFile.getAbsolutePath()); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java index 48016199784..ffa3862a6fb 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java @@ -21,6 +21,7 @@ package org.sonar.server.setting.ws; import java.io.File; import java.io.IOException; +import java.nio.charset.StandardCharsets; import org.apache.commons.io.FileUtils; import org.junit.Rule; import org.junit.Test; @@ -55,7 +56,7 @@ public class GenerateSecretKeyActionTest { String secretKey = result.getSecretKey(); File file = temporaryFolder.newFile(); - FileUtils.writeStringToFile(file, secretKey); + FileUtils.writeStringToFile(file, secretKey, StandardCharsets.UTF_8); encryption.setPathToSecretKey(file.getAbsolutePath()); String encryptedValue = encryption.encrypt("my value"); String decryptedValue = encryption.decrypt(encryptedValue); diff --git a/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java b/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java index e6b14f3d9db..b67640a1e5f 100644 --- a/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java +++ b/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java @@ -36,11 +36,7 @@ import org.sonar.api.CoreProperties; import static java.nio.charset.StandardCharsets.UTF_8; final class AesCipher implements Cipher { - - // Can't be increased because of Java 6 policy files : - // https://confluence.terena.org/display/~visser/No+256+bit+ciphers+for+Java+apps - // http://java.sun.com/javase/6/webnotes/install/jre/README - static final int KEY_SIZE_IN_BITS = 128; + static final int KEY_SIZE_IN_BITS = 256; private static final String CRYPTO_KEY = "AES"; |