diff options
author | Duarte Meneses <duarte.meneses@sonarsource.com> | 2020-12-15 10:04:53 -0600 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2020-12-15 20:07:25 +0000 |
commit | 57560c08f68186de1d8f8a9c681c3acb9c49b4fa (patch) | |
tree | 7035e9949f05081456fb6f7b1c35d35232fa4d7e /server | |
parent | 316c95e86b0215f99d313e56964659cb3a25ece5 (diff) | |
download | sonarqube-57560c08f68186de1d8f8a9c681c3acb9c49b4fa.tar.gz sonarqube-57560c08f68186de1d8f8a9c681c3acb9c49b4fa.zip |
Remove dead code generating secret AES key
Diffstat (limited to 'server')
-rw-r--r-- | server/sonar-process/src/main/java/org/sonar/process/AesCipher.java | 21 | ||||
-rw-r--r-- | server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java | 20 |
2 files changed, 4 insertions, 37 deletions
diff --git a/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java b/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java index 0e8bada17c6..3d19e1d322f 100644 --- a/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java +++ b/server/sonar-process/src/main/java/org/sonar/process/AesCipher.java @@ -22,10 +22,7 @@ package org.sonar.process; import java.io.File; import java.io.IOException; import java.security.Key; -import java.security.SecureRandom; import javax.annotation.Nullable; -import javax.crypto.KeyGenerator; -import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.FileUtils; @@ -34,12 +31,6 @@ import org.apache.commons.lang.StringUtils; import static java.nio.charset.StandardCharsets.UTF_8; final class AesCipher implements Cipher { - - // Can't be increased because of Java 6 policy files : - // https://confluence.terena.org/display/~visser/No+256+bit+ciphers+for+Java+apps - // http://java.sun.com/javase/6/webnotes/install/jre/README - public static final int KEY_SIZE_IN_BITS = 128; - private static final String CRYPTO_KEY = "AES"; /** @@ -112,18 +103,6 @@ final class AesCipher implements Cipher { return new SecretKeySpec(Base64.decodeBase64(StringUtils.trim(s)), CRYPTO_KEY); } - String generateRandomSecretKey() { - try { - KeyGenerator keyGen = KeyGenerator.getInstance(CRYPTO_KEY); - keyGen.init(KEY_SIZE_IN_BITS, new SecureRandom()); - SecretKey secretKey = keyGen.generateKey(); - return Base64.encodeBase64String(secretKey.getEncoded()); - - } catch (Exception e) { - throw new IllegalStateException("Fail to generate secret key", e); - } - } - String getPathToSecretKey() { if (StringUtils.isBlank(pathToSecretKey)) { pathToSecretKey = new File(System.getProperty("user.home"), ".sonar/sonar-secret.txt").getPath(); diff --git a/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java b/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java index bb1bc5c902a..25cf6ed0671 100644 --- a/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java +++ b/server/sonar-process/src/test/java/org/sonar/process/AesCipherTest.java @@ -20,37 +20,25 @@ package org.sonar.process; import com.google.common.io.Resources; +import java.io.File; +import java.security.InvalidKeyException; +import java.security.Key; +import javax.crypto.BadPaddingException; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang.StringUtils; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; -import javax.crypto.BadPaddingException; -import java.io.File; -import java.security.InvalidKeyException; -import java.security.Key; - import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.fail; - public class AesCipherTest { @Rule public ExpectedException thrown = ExpectedException.none(); @Test - public void generateRandomSecretKey() { - AesCipher cipher = new AesCipher(null); - - String key = cipher.generateRandomSecretKey(); - - assertThat(StringUtils.isNotBlank(key)).isTrue(); - assertThat(Base64.isBase64(key.getBytes())).isTrue(); - } - - @Test public void encrypt() { AesCipher cipher = new AesCipher(pathToSecretKey()); |