Fix for security hotspot related to wek cyptography

https://sonarcloud.io/project/security_hotspots?id=onap_cps&hotspots=AXfObcurA2pnU4Plp4-j

Issue-ID: CPS-286
Signed-off-by: puthuparambil.aditya <aditya.puthuparambil@bell.ca>
Change-Id: I31012f81797396682dbccae0e4992a33bac806c7

2 files changed, 6 insertions, 5 deletions

diff --git a/cps-ri/src/main/java/org/onap/cps/spi/impl/CpsModulePersistenceServiceImpl.java b/cps-ri/src/main/java/org/onap/cps/spi/impl/CpsModulePersistenceServiceImpl.java
index b28beb42c..9a8ea6af4 100755
--- a/cps-ri/src/main/java/org/onap/cps/spi/impl/CpsModulePersistenceServiceImpl.java
+++ b/cps-ri/src/main/java/org/onap/cps/spi/impl/CpsModulePersistenceServiceImpl.java
@@ -28,6 +28,7 @@ import java.util.Map;
 import java.util.Set;
 import java.util.stream.Collectors;
 import javax.transaction.Transactional;
+import org.apache.commons.codec.digest.DigestUtils;
 import org.onap.cps.spi.CascadeDeleteAllowed;
 import org.onap.cps.spi.CpsAdminPersistenceService;
 import org.onap.cps.spi.CpsModulePersistenceService;
@@ -46,7 +47,7 @@ import org.onap.cps.spi.repository.YangResourceRepository;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.dao.DataIntegrityViolationException;
 import org.springframework.stereotype.Component;
-import org.springframework.util.DigestUtils;
+
 
 @Component
 public class CpsModulePersistenceServiceImpl implements CpsModulePersistenceService {
@@ -90,7 +91,7 @@ public class CpsModulePersistenceServiceImpl implements CpsModulePersistenceServ
     private Set<YangResourceEntity> synchronizeYangResources(final Map<String, String> yangResourcesNameToContentMap) {
         final Map<String, YangResourceEntity> checksumToEntityMap = yangResourcesNameToContentMap.entrySet().stream()
             .map(entry -> {
-                final String checksum = DigestUtils.md5DigestAsHex(entry.getValue().getBytes(StandardCharsets.UTF_8));
+                final String checksum = DigestUtils.sha256Hex(entry.getValue().getBytes(StandardCharsets.UTF_8));
                 final YangResourceEntity yangResourceEntity = new YangResourceEntity();
                 yangResourceEntity.setName(entry.getKey());
                 yangResourceEntity.setContent(entry.getValue());
diff --git a/cps-ri/src/main/resources/changelog/db/changes/data/yang_resource.csv b/cps-ri/src/main/resources/changelog/db/changes/data/yang_resource.csv
index 4dd312745..93db7df78 100644
--- a/cps-ri/src/main/resources/changelog/db/changes/data/yang_resource.csv
+++ b/cps-ri/src/main/resources/changelog/db/changes/data/yang_resource.csv
@@ -455,7 +455,7 @@ ietf-inet-types.yang|"module ietf-inet-types {
                 Identifiers (URIs)\";
   }
 
-}"|fd06e465f26f1e7d0253bbf77e7e55e1
+}"|417a7b14944f6236ad0e2b1ef956158c050cff9b74e3561ca80af32d11be240b
 cps-ran-schema-model2021-01-28.yang|"module cps-ran-schema-model {
   yang-version 1.1;
   namespace \"org:onap:ccsdk:features:sdnr:northbound:cps-ran-schema-model\";
@@ -1753,7 +1753,7 @@ cps-ran-schema-model2021-01-28.yang|"module cps-ran-schema-model {
         \"Target NR Cell Identifier. It consists of NR Cell
          Identifier (NCI) and Physical Cell Identifier of the target NR cell
          (nRPCI).\";
-    "|0337045143fa2e592243243f82699b93
+    "|436fef591eba7f38d1a0c5e3cbd3c122f01ab41dfab37cc5a9cbca1ed53b29fb
 ietf-yang-types.yang|"module ietf-yang-types {
 
   namespace \"urn:ietf:params:xml:ns:yang:ietf-yang-types\";
@@ -2233,4 +2233,4 @@ ietf-yang-types.yang|"module ietf-yang-types {
        notation, i.e., four octets written as decimal numbers
        and separated with the ''.'' (full stop) character.\";
   }
-}"|57d603ee9ab0c49355ad0695c0709c93
+}"|25516798613f862ad20831e59ba02b75ecdc9c6f5547ed5d90bda76143bf0112