aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-process
diff options
context:
space:
mode:
authorDuarte Meneses <duarte.meneses@sonarsource.com>2020-12-15 10:04:53 -0600
committersonartech <sonartech@sonarsource.com>2020-12-15 20:07:25 +0000
commit57560c08f68186de1d8f8a9c681c3acb9c49b4fa (patch)
tree7035e9949f05081456fb6f7b1c35d35232fa4d7e /server/sonar-process
parent316c95e86b0215f99d313e56964659cb3a25ece5 (diff)
downloadsonarqube-57560c08f68186de1d8f8a9c681c3acb9c49b4fa.tar.gz
sonarqube-57560c08f68186de1d8f8a9c681c3acb9c49b4fa.zip
Remove dead code generating secret AES key
Diffstat (limited to 'server/sonar-process')
-rw-r--r--server/sonar-process/src/main/java/org/sonar/process/AesCipher.java21
-rw-r--r--server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java20
2 files changed, 4 insertions, 37 deletions
diff --git a/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java b/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java
index 0e8bada17c6..3d19e1d322f 100644
--- a/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java
+++ b/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java
@@ -22,10 +22,7 @@ package org.sonar.process;
import java.io.File;
import java.io.IOException;
import java.security.Key;
-import java.security.SecureRandom;
import javax.annotation.Nullable;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
@@ -34,12 +31,6 @@ import org.apache.commons.lang.StringUtils;
import static java.nio.charset.StandardCharsets.UTF_8;
final class AesCipher implements Cipher {
-
- // Can't be increased because of Java 6 policy files :
- // https://confluence.terena.org/display/~visser/No+256+bit+ciphers+for+Java+apps
- // http://java.sun.com/javase/6/webnotes/install/jre/README
- public static final int KEY_SIZE_IN_BITS = 128;
-
private static final String CRYPTO_KEY = "AES";
/**
@@ -112,18 +103,6 @@ final class AesCipher implements Cipher {
return new SecretKeySpec(Base64.decodeBase64(StringUtils.trim(s)), CRYPTO_KEY);
}
- String generateRandomSecretKey() {
- try {
- KeyGenerator keyGen = KeyGenerator.getInstance(CRYPTO_KEY);
- keyGen.init(KEY_SIZE_IN_BITS, new SecureRandom());
- SecretKey secretKey = keyGen.generateKey();
- return Base64.encodeBase64String(secretKey.getEncoded());
-
- } catch (Exception e) {
- throw new IllegalStateException("Fail to generate secret key", e);
- }
- }
-
String getPathToSecretKey() {
if (StringUtils.isBlank(pathToSecretKey)) {
pathToSecretKey = new File(System.getProperty("user.home"), ".sonar/sonar-secret.txt").getPath();
diff --git a/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java b/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java
index bb1bc5c902a..25cf6ed0671 100644
--- a/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java
+++ b/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java
@@ -20,37 +20,25 @@
package org.sonar.process;
import com.google.common.io.Resources;
+import java.io.File;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import javax.crypto.BadPaddingException;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
-import javax.crypto.BadPaddingException;
-import java.io.File;
-import java.security.InvalidKeyException;
-import java.security.Key;
-
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
-
public class AesCipherTest {
@Rule
public ExpectedException thrown = ExpectedException.none();
@Test
- public void generateRandomSecretKey() {
- AesCipher cipher = new AesCipher(null);
-
- String key = cipher.generateRandomSecretKey();
-
- assertThat(StringUtils.isNotBlank(key)).isTrue();
- assertThat(Base64.isBase64(key.getBytes())).isTrue();
- }
-
- @Test
public void encrypt() {
AesCipher cipher = new AesCipher(pathToSecretKey());