diff options
author | Malarvizhi <malarvizhi.44@wipro.com> | 2021-03-09 23:27:01 -0800 |
---|---|---|
committer | Malarvizhi <malarvizhi.44@wipro.com> | 2021-03-09 23:27:01 -0800 |
commit | f11165e00b6633187f8ab0b002ed6f7e196260d5 (patch) | |
tree | 91ebc05684bca4331d06ad958cbdbc77c14a6bb8 /cmso-service | |
parent | 6403adcbac7bd6350310fe0eb7562a378a253b4a (diff) |
Fix weak cryptography issues2.3.2
Issue-ID: OPTFRA-927
Signed-off-by: Malarvizhi Paramasivam <malarvizhi.44@wipro.com>
Change-Id: I2ae9a114b9825c3d3e6faa31afb72a54cdf0c423
Diffstat (limited to 'cmso-service')
3 files changed, 36 insertions, 20 deletions
diff --git a/cmso-service/pom.xml b/cmso-service/pom.xml index 37be396..c642a59 100644 --- a/cmso-service/pom.xml +++ b/cmso-service/pom.xml @@ -30,7 +30,7 @@ <parent>
<groupId>org.onap.optf.cmso</groupId>
<artifactId>cmso</artifactId>
- <version>2.3.1-SNAPSHOT</version>
+ <version>2.3.2-SNAPSHOT</version>
</parent>
<groupId>org.onap.optf.cmso.service</groupId>
diff --git a/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java b/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java index b16c52a..3f7a808 100644 --- a/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java +++ b/cmso-service/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java @@ -40,7 +40,7 @@ import javax.crypto.spec.SecretKeySpec; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Component;
-
+import java.security.SecureRandom;
/**
* The Class PropertiesManagement.
*/
@@ -51,10 +51,10 @@ public class PropertiesManagement { private static EELFLogger errors = EELFManager.getInstance().getErrorLogger();
private static final String algorithm = "AES";
- private static final String cipherMode = "CBC";
- private static final String paddingScheme = "PKCS5Padding";
+ private static final String cipherMode = "GCM";
+ private static final String paddingScheme = "NoPadding";
private static final String transformation = algorithm + "/" + cipherMode + "/" + paddingScheme;
- private static final String initVector = "ONAPCMSOVECTORIV"; // 16 bytes IV
+ private static final SecureRandom random = new SecureRandom();
@Autowired
Environment env;
@@ -81,7 +81,7 @@ public class PropertiesManagement { public static String getDecryptedValue(String value) {
if (value.startsWith("enc:")) {
String secret = getSecret();
- value = decrypt(secret, initVector, value.substring(4));
+ value = decrypt(secret, value.substring(4));
}
return value;
}
@@ -94,13 +94,15 @@ public class PropertiesManagement { */
public static String getEncryptedValue(String value) {
String secret = getSecret();
- value = encrypt(secret, initVector, value);
+ value = encrypt(secret, value);
return value;
}
- private static final String encrypt(String key, String initVector, String value) {
+ private static final String encrypt(String key, String value) {
try {
- IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8"));
+ byte[] bytesIV = new byte[16];
+ random.nextBytes(bytesIV);
+ IvParameterSpec iv = new IvParameterSpec(bytesIV);
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");
Cipher cipher = Cipher.getInstance(transformation);
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
@@ -114,9 +116,11 @@ public class PropertiesManagement { return null;
}
- private static final String decrypt(String key, String initVector, String encrypted) {
+ private static final String decrypt(String key, String encrypted) {
try {
- IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8"));
+ byte[] bytesIV = new byte[16];
+ random.nextBytes(bytesIV);
+ IvParameterSpec iv = new IvParameterSpec(bytesIV);
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");
Cipher cipher = Cipher.getInstance(transformation);
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
diff --git a/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json b/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json index 932e117..eb563ad 100644 --- a/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json +++ b/cmso-service/src/main/resources/META-INF/resources/swagger/swagger.json @@ -1,7 +1,7 @@ { "swagger" : "2.0", "info" : { - "version" : "2.3.0-SNAPSHOT", + "version" : "2.3.1-SNAPSHOT", "title" : "cmso-service" }, "basePath" : "/cmso", @@ -774,15 +774,25 @@ "format" : "int32", "description" : "Maximum number of VNF changes to schedule concurrently" }, - "policyId" : { - "type" : "string", - "description" : "Name of schedule optimization policy used by the change management cmso optimizer to determine available time slot" + "changeWindows" : { + "type" : "array", + "description" : "Lists of desired change windows to schedule the elements.", + "items" : { + "$ref" : "#/definitions/Change Window" + } + }, + "policies" : { + "type" : "array", + "description" : "List of the policies to control optimization.", + "items" : { + "$ref" : "#/definitions/Supported Policy Information" + } }, - "vnfDetails" : { + "elements" : { "type" : "array", "description" : "Lists of the VNFs to be changed and the desired change windows", "items" : { - "$ref" : "#/definitions/VNF Details" + "$ref" : "#/definitions/Optimizer Element" } } }, @@ -793,14 +803,16 @@ "properties" : { "startTime" : { "type" : "string", - "description" : "Earliest time that a set of changes may begin." + "format" : "date-time", + "description" : "Earliest time for which changes may begin." }, "endTime" : { "type" : "string", - "description" : "Latest time by which all changes must be completed" + "format" : "date-time", + "description" : "Latest time by which all changes must be completed." } }, - "description" : "Time window within which the scheduler optimizer can schedule the changes for the group of NVFs" + "description" : "Time window for which tickets are to returned" }, "CmDetailsMessage" : { "type" : "object", |