From 4df5717012d5de386d39de391dbabbfd3d7d56a5 Mon Sep 17 00:00:00 2001 From: Jim Hahn Date: Wed, 26 Jun 2019 09:27:51 -0400 Subject: Speed up CryptoUtilsTest CryptoUtilsTest runs slowly because the SecureRandom that CryptoUtils uses to generate an "iv" takes a while to create enough randomness. However, as the "iv" is only used as a "salt", it is not necessary to use SecureRandom; the values generated by Random are sufficient. Change-Id: I1f3b03b85d28852a7969d3a83802a2691308caa5 Issue-ID: POLICY-1791 Signed-off-by: Jim Hahn --- .../onap/policy/common/utils/security/CryptoUtils.java | 17 ++++++++++++----- .../policy/common/utils/security/CryptoUtilsTest.java | 2 ++ 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java b/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java index 579eed9f..94b367ec 100644 --- a/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java +++ b/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java @@ -22,7 +22,7 @@ package org.onap.policy.common.utils.security; import java.nio.charset.StandardCharsets; import java.security.GeneralSecurityException; -import java.security.SecureRandom; +import java.util.Random; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; @@ -54,11 +54,18 @@ public class CryptoUtils { */ private static final int IV_BLOCK_SIZE_IN_BYTES = IV_BLOCK_SIZE_IN_BITS / 8; - private static int validSize = (2 * IV_BLOCK_SIZE_IN_BYTES) + 4; + /** + * Minimum length of an encrypted value. + */ + private static final int MIN_VALUE_SIZE = (2 * IV_BLOCK_SIZE_IN_BYTES) + 4; private SecretKeySpec secretKeySpec; - private static final String RANDOM_NUMBER_GENERATOR = "SHA1PRNG"; + /** + * Used to generate a random "iv". Strong randomness is not needed, as this is only + * used as a "salt". + */ + private static final Random RANDOM = new Random(); /** * CryptoUtils - encryption tool constructor. @@ -115,7 +122,7 @@ public class CryptoUtils { try { Cipher cipher = Cipher.getInstance(ALGORITHM_DETAILS); byte[] iv = new byte[IV_BLOCK_SIZE_IN_BYTES]; - SecureRandom.getInstance(RANDOM_NUMBER_GENERATOR).nextBytes(iv); + RANDOM.nextBytes(iv); IvParameterSpec ivspec = new IvParameterSpec(iv); cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivspec); @@ -164,7 +171,7 @@ public class CryptoUtils { if (value == null || value.isEmpty() || !isEncrypted(value)) { return value; } - if (value.length() < validSize) { + if (value.length() < MIN_VALUE_SIZE) { throw new IllegalArgumentException("Invalid size on input value"); } try { diff --git a/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java b/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java index 9a88918d..a9924152 100644 --- a/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java +++ b/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java @@ -22,6 +22,7 @@ package org.onap.policy.common.utils.security; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertTrue; import java.security.GeneralSecurityException; import org.junit.Test; @@ -46,6 +47,7 @@ public class CryptoUtilsTest { CryptoUtils cryptoUtils = new CryptoUtils(SECRET_KEY); String encryptedValue = cryptoUtils.encrypt(PASS); logger.info(ENCRYPTED_MSG, PASS, encryptedValue); + assertTrue(encryptedValue.startsWith("enc:")); String decryptedValue = cryptoUtils.decrypt(encryptedValue); logger.info(DECRYPTED_MSG, encryptedValue, decryptedValue); -- cgit 1.2.3-korg