SONAR-2084 draft of new page 'Password encryption'

3 files changed, 29 insertions, 5 deletions

diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/config/AesCipher.java b/sonar-plugin-api/src/main/java/org/sonar/api/config/AesCipher.java
index e8ed181966c..51232587bbd 100644
--- a/sonar-plugin-api/src/main/java/org/sonar/api/config/AesCipher.java
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/config/AesCipher.java
@@ -32,7 +32,10 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 import java.io.File;
 import java.io.IOException;
-import java.security.*;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.security.spec.InvalidKeySpecException;
 
 final class AesCipher extends Cipher {
@@ -45,10 +48,9 @@ final class AesCipher extends Cipher {
   }
 
   String encrypt(String clearText) {
-    String path = settings.getClearString(CoreProperties.ENCRYPTION_PATH_TO_SECRET_KEY);
     try {
       javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance("AES");
-      cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, loadSecretFileFromFile(path));
+      cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, loadSecretFile());
       return new String(Base64.encodeBase64(cipher.doFinal(clearText.getBytes(Charsets.UTF_8))));
     } catch (Exception e) {
       throw Throwables.propagate(e);
@@ -57,10 +59,9 @@ final class AesCipher extends Cipher {
 
 
   String decrypt(String encryptedText) {
-    String path = settings.getClearString(CoreProperties.ENCRYPTION_PATH_TO_SECRET_KEY);
     try {
       javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance("AES");
-      cipher.init(javax.crypto.Cipher.DECRYPT_MODE, loadSecretFileFromFile(path));
+      cipher.init(javax.crypto.Cipher.DECRYPT_MODE, loadSecretFile());
       byte[] cipherData = cipher.doFinal(Base64.decodeBase64(StringUtils.trim(encryptedText)));
       return new String(cipherData);
     } catch (Exception e) {
@@ -68,6 +69,19 @@ final class AesCipher extends Cipher {
     }
   }
 
+  public boolean canEncrypt() {
+    try {
+      return loadSecretFile() != null;
+    } catch (Exception e) {
+      return false;
+    }
+  }
+
+  Key loadSecretFile() throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, InvalidKeyException {
+    String path = settings.getClearString(CoreProperties.ENCRYPTION_PATH_TO_SECRET_KEY);
+    return loadSecretFileFromFile(path);
+  }
+
   @VisibleForTesting
   Key loadSecretFileFromFile(String path) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, InvalidKeyException {
     if (StringUtils.isBlank(path)) {
@@ -96,4 +110,6 @@ final class AesCipher extends Cipher {
       throw new IllegalStateException("Fail to generate random RSA keys", e);
     }
   }
+
+
 }
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/config/Encryption.java b/sonar-plugin-api/src/main/java/org/sonar/api/config/Encryption.java
index def3164985f..6cbc08d01d2 100644
--- a/sonar-plugin-api/src/main/java/org/sonar/api/config/Encryption.java
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/config/Encryption.java
@@ -49,6 +49,10 @@ public final class Encryption {
     );
   }
 
+  public boolean canEncrypt() {
+    return aesEncryption.canEncrypt();
+  }
+
   public boolean isEncrypted(String value) {
     return value.startsWith("{") && value.indexOf("}") > 1;
   }
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/config/Settings.java b/sonar-plugin-api/src/main/java/org/sonar/api/config/Settings.java
index 8e88562a2bb..57047d6585c 100644
--- a/sonar-plugin-api/src/main/java/org/sonar/api/config/Settings.java
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/config/Settings.java
@@ -52,6 +52,10 @@ public class Settings implements BatchComponent, ServerComponent {
     this.encryption = new Encryption(this);
   }
 
+  public final Encryption getEncryption() {
+    return encryption;
+  }
+
   public final String getDefaultValue(String key) {
     return definitions.getDefaultValue(key);
   }