stable

Clone or download

Read-only

Encrypted Bugzilla API keys can be used

Existing cleartext keys are marked as such in DB and Tuleap try to remove the cleartext version when the configuration of a Bugzilla reference is edited. A future contribution will add a warning in the web UI for the keys that has been stored in cleartext to encourage administrators to rotate these credentials. This is part of story #10606: encrypt bugzilla credentials (API key) before storing in the DB Change-Id: I26208666f2ad3961021e3c12d4ba9926c3d6ae44

Modified Files

Name
M plugins/bugzilla_reference/db/install.sql +1 −0 Go to diff View file
A plugins/bugzilla_reference/db/updates/2017/201709280900_mark_cleartext_api_key.php +64 −0 Go to diff View file
M plugins/bugzilla_reference/include/Bugzilla/Reference/Dao.php +13 −13 Go to diff View file
M plugins/bugzilla_reference/include/Bugzilla/Reference/RESTReferenceCreator.php +1 −1 Go to diff View file
M plugins/bugzilla_reference/include/Bugzilla/Reference/Reference.php +9 −1 Go to diff View file
M plugins/bugzilla_reference/include/Bugzilla/Reference/ReferenceRetriever.php +17 −3 Go to diff View file
M plugins/bugzilla_reference/include/Bugzilla/Reference/ReferenceSaver.php +23 −10 Go to diff View file
M plugins/bugzilla_reference/include/bugzilla_referencePlugin.class.php +1 −1 Go to diff View file
A src/common/Cryptography/Exception/InvalidCiphertextException.php +29 −0 Go to diff View file
A src/common/Cryptography/Exception/UnexpectedOperationFailureException.php +29 −0 Go to diff View file
M src/common/Cryptography/Symmetric/SymmetricCrypto.php +26 −0 Go to diff View file
M src/common/autoload.php +4 −2 Go to diff View file
M tests/simpletest/common/Cryptography/Symmetric/SymmetricCryptoTest.php +52 −0 Go to diff View file