From 6137426ec6e7963a150dfc8011198109db730a0b Mon Sep 17 00:00:00 2001 From: shrek2000 Date: Wed, 4 Dec 2019 12:02:27 +0200 Subject: Fix Sonar issues Public class variable fields do not respect the ncapsulation principle https://sonar.onap.org/project/issues?id=org.onap.sdc.sdc-be-common%3Asdc-be-common-parent%3Amaster&open=AW6fpbQilnf4Fh92BMWX&resolved=false&types=VULNERABILITY Issue-ID: SDC-2697 Signed-off-by: shrek2000 Change-Id: I82f9aa980d8a2eb283a11c05a86095a27fad71ab Signed-off-by: shrek2000 --- .../src/main/java/org/onap/sdc/security/SecurityUtil.java | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/security-util-lib/src/main/java/org/onap/sdc/security/SecurityUtil.java b/security-util-lib/src/main/java/org/onap/sdc/security/SecurityUtil.java index 27d946f..349e893 100644 --- a/security-util-lib/src/main/java/org/onap/sdc/security/SecurityUtil.java +++ b/security-util-lib/src/main/java/org/onap/sdc/security/SecurityUtil.java @@ -45,7 +45,7 @@ public class SecurityUtil { public static final String ALGORITHM = "AES"; public static final String CHARSET = UTF_8.name(); - public static Key secKey = null; + private final static Key secKey = generateKey(KEY, ALGORITHM); /** * cmd commands >$PROGRAM_NAME decrypt "$ENCRYPTED_MSG" @@ -55,19 +55,16 @@ public class SecurityUtil { private SecurityUtil() { } - static { + + public static Key generateKey(final byte[] KEY, String algorithm) { try { - secKey = generateKey(KEY, ALGORITHM); + return new SecretKeySpec(KEY, algorithm); } catch (Exception e) { - LOG.warn(EcompLoggerErrorCode.PERMISSION_ERROR,"cannot generate key for {}", ALGORITHM); + LOG.warn(EcompLoggerErrorCode.PERMISSION_ERROR, "cannot generate key for {}, message : {} .", ALGORITHM, e.getMessage()); + return null; } } - - public static Key generateKey(final byte[] KEY, String algorithm) { - return new SecretKeySpec(KEY, algorithm); - } - //obfuscates key prefix -> ********** public String obfuscateKey(String sensitiveData) { -- cgit 1.2.3-korg