aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDuarte Meneses <duarte.meneses@sonarsource.com>2020-08-11 15:08:01 -0500
committersonartech <sonartech@sonarsource.com>2020-08-14 20:16:19 +0000
commit4cd01804400e980415379551053374e2ee9694a5 (patch)
treef7be6a9a04e8681d843823e309c4056eaf562478
parent670f78693c7c0bdb780baa01c749df6c3fa19aa8 (diff)
downloadsonarqube-4cd01804400e980415379551053374e2ee9694a5.tar.gz
sonarqube-4cd01804400e980415379551053374e2ee9694a5.zip
SONAR-12841 Support AES 256 Settings Encryption
-rw-r--r--server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java3
-rw-r--r--server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java3
-rw-r--r--sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java6
3 files changed, 5 insertions, 7 deletions
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java
index 8991237379a..89194a4895e 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java
@@ -20,6 +20,7 @@
package org.sonar.server.setting.ws;
import java.io.File;
+import java.nio.charset.StandardCharsets;
import javax.annotation.Nullable;
import org.apache.commons.io.FileUtils;
import org.junit.Before;
@@ -59,7 +60,7 @@ public class EncryptActionTest {
logInAsSystemAdministrator();
File secretKeyFile = folder.newFile();
- FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g==");
+ FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g==", StandardCharsets.UTF_8);
encryption.setPathToSecretKey(secretKeyFile.getAbsolutePath());
}
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java
index 48016199784..ffa3862a6fb 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/GenerateSecretKeyActionTest.java
@@ -21,6 +21,7 @@ package org.sonar.server.setting.ws;
import java.io.File;
import java.io.IOException;
+import java.nio.charset.StandardCharsets;
import org.apache.commons.io.FileUtils;
import org.junit.Rule;
import org.junit.Test;
@@ -55,7 +56,7 @@ public class GenerateSecretKeyActionTest {
String secretKey = result.getSecretKey();
File file = temporaryFolder.newFile();
- FileUtils.writeStringToFile(file, secretKey);
+ FileUtils.writeStringToFile(file, secretKey, StandardCharsets.UTF_8);
encryption.setPathToSecretKey(file.getAbsolutePath());
String encryptedValue = encryption.encrypt("my value");
String decryptedValue = encryption.decrypt(encryptedValue);
diff --git a/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java b/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java
index e6b14f3d9db..b67640a1e5f 100644
--- a/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java
+++ b/sonar-plugin-api-impl/src/main/java/org/sonar/api/config/internal/AesCipher.java
@@ -36,11 +36,7 @@ import org.sonar.api.CoreProperties;
import static java.nio.charset.StandardCharsets.UTF_8;
final class AesCipher implements Cipher {
-
- // Can't be increased because of Java 6 policy files :
- // https://confluence.terena.org/display/~visser/No+256+bit+ciphers+for+Java+apps
- // http://java.sun.com/javase/6/webnotes/install/jre/README
- static final int KEY_SIZE_IN_BITS = 128;
+ static final int KEY_SIZE_IN_BITS = 256;
private static final String CRYPTO_KEY = "AES";