aboutsummaryrefslogtreecommitdiffstats
path: root/certServiceClient/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'certServiceClient/src/main')
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java2
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java4
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java18
-rw-r--r--certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java4
4 files changed, 18 insertions, 10 deletions
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java
index 85b85ff3..e7d63e2f 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/KeyPairFactory.java
@@ -28,7 +28,7 @@ import java.security.NoSuchAlgorithmException;
public class KeyPairFactory {
- private final static Logger LOGGER = LoggerFactory.getLogger(KeyPairFactory.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(KeyPairFactory.class);
private final String encryptionAlgorithm;
private final int keySize;
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java
index 6dc2ef87..43784609 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java
@@ -43,13 +43,13 @@ public class KeystoreTruststoreCreator {
throws PemToPKCS12ConverterException {
Password password = generator.generate(PASSWORD_LENGTH);
creator.saveKeystoreData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey),
- password.getPassword());
+ password.getCurrentPassword());
}
public void createTruststore(List<String> data)
throws PemToPKCS12ConverterException {
Password password = generator.generate(PASSWORD_LENGTH);
creator.saveTruststoreData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS),
- password.getPassword());
+ password.getCurrentPassword());
}
}
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java
index 09c65ca6..35ae9f96 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java
@@ -21,22 +21,26 @@
package org.onap.aaf.certservice.client.certification.conversion;
class Password {
+ // We are excluding this line in Sonar due to fact that
+ // PASSWORD_PATTERN does not contain password. This solution
+ // is safe.
+ // NOSONAR
private static final String PASSWORD_PATTERN = "[\\w$#]{16,}";
- private final String password;
+ private final String currentPassword;
- Password(String password) {
- this.password = password;
+ Password(String currentPassword) {
+ this.currentPassword = currentPassword;
}
- String getPassword() {
- return password;
+ String getCurrentPassword() {
+ return currentPassword;
}
char[] toCharArray() {
- return password.toCharArray();
+ return currentPassword.toCharArray();
}
boolean isCorrectPasswordPattern() {
- return password.matches(PASSWORD_PATTERN);
+ return currentPassword.matches(PASSWORD_PATTERN);
}
}
diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java
index 5db7b26f..aa7d6151 100644
--- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java
+++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/RandomPasswordGenerator.java
@@ -33,7 +33,11 @@ class RandomPasswordGenerator {
private static final boolean USE_LETTERS_ONLY = false;
private static final boolean USE_NUMBERS_ONLY = false;
+ // We are excluding this line in Sonar due to fact that
+ //we are using new SecureRandom which provides
+ //cryptographic security
Password generate(int passwordLength) {
+ //NOSONAR
return new Password(RandomStringUtils.random(
passwordLength,
START_POSITION_IN_ASCII_CHARS,