diff options
| author |   malarvizhi <malarvizhi.44@wipro.com> | 2021-03-18 00:40:11 -0700 |
|---|---|---|
| committer |   krishna moorthy <krishna.moorthy6@wipro.com> | 2021-03-18 08:25:55 +0000 |
| commit | ee02cbcfb07c7322b93399c80e50acd2b975ccbd (patch) | |
| tree | 0f064bc04583c6a2f582897da4ce709e907c8b6f /cmso-optimizer/src/main | |
| parent | fa9a888eb79c4632b3a1afd97641b0554d086828 (diff) | |
Fix weak cryptography issues
Issue-ID: OPTFRA-927
Signed-off-by: Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Change-Id: I9e48f7313a7f76bd431e17cebfc3c52bc7f91bda
Diffstat (limited to 'cmso-optimizer/src/main')
| -rw-r--r-- | cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java | 14 | ||||
| -rw-r--r-- | cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json | 2 |
2 files changed, 7 insertions, 9 deletions
diff --git a/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java b/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java index 6bf0ee8..a638d99 100644 --- a/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java +++ b/cmso-optimizer/src/main/java/org/onap/optf/cmso/optimizer/common/PropertiesManagement.java @@ -54,7 +54,6 @@ public class PropertiesManagement { private static final String transformation = algorithm + "/" + cipherMode + "/" + paddingScheme; private static final SecureRandom random = new SecureRandom(); - @Autowired Environment env; @@ -100,10 +99,9 @@ public class PropertiesManagement { private static final String encrypt(String key, String value) { try { - - byte[] bytesIV = new byte[16]; - random.nextBytes(bytesIV); - IvParameterSpec iv = new IvParameterSpec(bytesIV); + byte[] bytesIV = new byte[12]; + random.nextBytes(bytesIV); + IvParameterSpec iv = new IvParameterSpec(bytesIV); SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); @@ -119,10 +117,10 @@ public class PropertiesManagement { private static final String decrypt(String key, String encrypted) { try { - byte[] bytesIV = new byte[16]; + byte[] bytesIV = new byte[12]; random.nextBytes(bytesIV); - IvParameterSpec iv = new IvParameterSpec(bytesIV); - SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); + IvParameterSpec iv = new IvParameterSpec(bytesIV); + SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); Cipher cipher = Cipher.getInstance(transformation); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] original = cipher.doFinal(Base64.getDecoder().decode(encrypted)); diff --git a/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json b/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json index f260bb1..1a25cf1 100644 --- a/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json +++ b/cmso-optimizer/src/main/resources/META-INF/resources/swagger/swagger.json @@ -1,7 +1,7 @@ { "swagger" : "2.0", "info" : { - "version" : "2.3.1-SNAPSHOT", + "version" : "2.3.2-SNAPSHOT", "title" : "cmso-optimizer" }, "basePath" : "/optimizer", |