CII badging issue resolution

Pwd detected in this expression is potentially hardcoded credential
CryptoHandler.java:L31

Sonar link:https://sonar.onap.org/issues?myIssues=true&open=AWHCr-PVEU5FCDfKtl8E&resolved=false

Change-Id: I29aaa489a4b1f2e472eb11ed8ba811d31a4d6809
Issue-ID: SO-478
Signed-off-by: Manamohan Satapathy <MS00534989@techmahindra.com>

1 files changed, 7 insertions, 3 deletions

diff --git a/bpmn/MSOCommonBPMN/src/main/java/org/openecomp/mso/bpmn/common/util/CryptoHandler.java b/bpmn/MSOCommonBPMN/src/main/java/org/openecomp/mso/bpmn/common/util/CryptoHandler.java
index 787453ed28..13cff65018 100644
--- a/bpmn/MSOCommonBPMN/src/main/java/org/openecomp/mso/bpmn/common/util/CryptoHandler.java
+++ b/bpmn/MSOCommonBPMN/src/main/java/org/openecomp/mso/bpmn/common/util/CryptoHandler.java
@@ -20,21 +20,25 @@
  */

 

 package org.openecomp.mso.bpmn.common.util;

-

+import java.io.IOException;

 import java.security.GeneralSecurityException;

 import org.openecomp.mso.logger.MsoLogger;

+import java.util.Properties;

 

 public class CryptoHandler implements ICryptoHandler {

 	private static final MsoLogger LOGGER = MsoLogger.getMsoLogger(MsoLogger.Catalog.BPEL);

 

 	private static String msoKey = "aa3871669d893c7fb8abbcda31b88b4f";

-	private static String msoAaiEncryptedPwd = "C1FC4A39E16419DD41DFC1212843F440";

+	private static String msoAaiEncryptedPwd;

 

         @Override

 	public String getMsoAaiPassword() {

+	Properties keyProp = new Properties ();

 		try {

+		keyProp.load (Thread.currentThread ().getContextClassLoader ().getResourceAsStream ("urn.properties"));

+			msoAaiEncryptedPwd =(String) keyProp.get ("mso.AaiEncrypted.Pwd");

 			return CryptoUtils.decrypt(msoAaiEncryptedPwd, msoKey);

-		} catch (GeneralSecurityException e) {

+		} catch (GeneralSecurityException | IOException e) {

 			LOGGER.debug("GeneralSecurityException :",e);

 			return null;

 		}