Code Review / policy / common.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 923f855) | patch
Fix sonar security issue in CryptoUtils 74/114374/3
authorJim Hahn <jrh3@att.com>
Wed, 28 Oct 2020 20:22:01 +0000 (16:22 -0400)
committerJim Hahn <jrh3@att.com>
Thu, 29 Oct 2020 12:17:47 +0000 (08:17 -0400)
commitf9c66e100522272543a550736cbe660cad4bfec5
tree3368cf75fad013636e67b9d424bec54e8c02e0b9tree | snapshot
parent923f85537b509bb0befc296c2c8d40807a326296commit | diff
Fix sonar security issue in CryptoUtils

Sonar reports that CryptoUtils is using AES with CBC, which is known
to be insecure.  Switched to "AES/GCM/NoPadding".
Note: values in any property files using encryption or the "enc:"
prefix will have to be re-encrypted.

Issue-ID: POLICY-2801
Change-Id: I41f00d4f3ee67a00b92135150120d1faa621655a
Signed-off-by: Jim Hahn <jrh3@att.com>
utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java diff | blob | history
utils/src/test/java/org/onap/policy/common/utils/coder/PropertyCoderTest.java diff | blob | history
utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java diff | blob | history
Policy common shared modules