Removed VerifyKeysAreNotTooSimilar check as it can result in false po…

…sitives.
Particular · Oct 16, 2015 · d28f3b4 · d28f3b4
1 parent 02b6d86
commit d28f3b4
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 50 deletions.
diff --git a/src/impl/encryption/NServiceBus.Encryption.Rijndael.Tests/EncryptionServiceTests.cs b/src/impl/encryption/NServiceBus.Encryption.Rijndael.Tests/EncryptionServiceTests.cs
@@ -76,22 +76,5 @@ public void Should_throw_when_decrypt_with_wrong_key()
                 Assert.IsInstanceOf<CryptographicException>(inner);
             }
         }
-
-        [Test]
-        public void Should_throw_when_encrypt_and_decrypt_keys_are_too_similar()
-        {
-            var key = Encoding.ASCII.GetBytes("gdDbqRpqdRbTs3mhdZh9qCaDaxJXl+e6");
-
-            var exception = Assert.Throws<Exception>(() =>
-            {
-                new EncryptionService
-                {
-                    Key = key,
-                    ExpiredKeys = new List<byte[]> { key } //note that we use the same key to get the code to throw
-                };
-            });
-
-            Assert.AreEqual("The new Encryption Key is too similar to the Expired Key at index 0. This can cause issues when decrypting data. To fix this issue please ensure the new encryption key is not too similar to the existing Expired Keys.", exception.Message);
-        }
     }
 }
diff --git a/src/impl/encryption/NServiceBus.Encryption.Rijndael/EncryptionService.cs b/src/impl/encryption/NServiceBus.Encryption.Rijndael/EncryptionService.cs
@@ -23,7 +23,6 @@ public byte[] Key
             set
             {
                 key = value;
-                VerifyKeysAreNotTooSimilar();
             }
         }
 
@@ -37,7 +36,6 @@ public List<byte[]> ExpiredKeys
             set
             {
                 expiredKeys = value;
-                VerifyKeysAreNotTooSimilar();
             }
         }
 
@@ -118,37 +116,6 @@ EncryptedValue IEncryptionService.Encrypt(string value)
             }
         }
 
-        void VerifyKeysAreNotTooSimilar()
-        {
-            if (ExpiredKeys == null)
-            {
-                return;
-            }
-            if (Key == null)
-            {
-                return;
-            }
-            for (var index = 0; index < ExpiredKeys.Count; index++)
-            {
-                var decryption = ExpiredKeys[index];
-                CryptographicException exception = null;
-                var encryptedValue = ((IEncryptionService)this).Encrypt("a");
-                try
-                {
-                    Decrypt(encryptedValue, decryption);
-                }
-                catch (CryptographicException cryptographicException)
-                {
-                    exception = cryptographicException;
-                }
-                if (exception == null)
-                {
-                    var message = string.Format("The new Encryption Key is too similar to the Expired Key at index {0}. This can cause issues when decrypting data. To fix this issue please ensure the new encryption key is not too similar to the existing Expired Keys.", index);
-                    throw new Exception(message);
-                }
-            }
-        }
-
         static readonly ILog Logger = LogManager.GetLogger(typeof(EncryptionService));
     }
 }