Speed up CryptoUtilsTest

CryptoUtilsTest runs slowly because the SecureRandom that CryptoUtils
uses to generate an "iv" takes a while to create enough randomness.
However, as the "iv" is only used as a "salt", it is not necessary
to use SecureRandom; the values generated by Random are sufficient.

Change-Id: I1f3b03b85d28852a7969d3a83802a2691308caa5
Issue-ID: POLICY-1791
Signed-off-by: Jim Hahn <jrh3@att.com>

diff --git a/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java b/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java
index 579eed9..94b367e 100644 (file)
--- a/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java
+++ b/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java
@@ -22,7 +22,7 @@ package org.onap.policy.common.utils.security;
 
 import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
-import java.security.SecureRandom;
+import java.util.Random;
 import javax.crypto.Cipher;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
@@ -54,11 +54,18 @@ public class CryptoUtils {
      */
     private static final int IV_BLOCK_SIZE_IN_BYTES = IV_BLOCK_SIZE_IN_BITS / 8;
 
-    private static int validSize = (2 * IV_BLOCK_SIZE_IN_BYTES) + 4;
+    /**
+     * Minimum length of an encrypted value.
+     */
+    private static final int MIN_VALUE_SIZE = (2 * IV_BLOCK_SIZE_IN_BYTES) + 4;
 
     private SecretKeySpec secretKeySpec;
 
-    private static final String RANDOM_NUMBER_GENERATOR = "SHA1PRNG";
+    /**
+     * Used to generate a random "iv". Strong randomness is not needed, as this is only
+     * used as a "salt".
+     */
+    private static final Random RANDOM = new Random();
 
     /**
      * CryptoUtils - encryption tool constructor.
@@ -115,7 +122,7 @@ public class CryptoUtils {
         try {
             Cipher cipher = Cipher.getInstance(ALGORITHM_DETAILS);
             byte[] iv = new byte[IV_BLOCK_SIZE_IN_BYTES];
-            SecureRandom.getInstance(RANDOM_NUMBER_GENERATOR).nextBytes(iv);
+            RANDOM.nextBytes(iv);
             IvParameterSpec ivspec = new IvParameterSpec(iv);
             cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivspec);
 
@@ -164,7 +171,7 @@ public class CryptoUtils {
         if (value == null || value.isEmpty() || !isEncrypted(value)) {
             return value;
         }
-        if (value.length() < validSize) {
+        if (value.length() < MIN_VALUE_SIZE) {
             throw new IllegalArgumentException("Invalid size on input value");
         }
         try {

diff --git a/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java b/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java
index 9a88918..a992415 100644 (file)
--- a/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java
+++ b/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java
@@ -22,6 +22,7 @@ package org.onap.policy.common.utils.security;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
 
 import java.security.GeneralSecurityException;
 import org.junit.Test;
@@ -46,6 +47,7 @@ public class CryptoUtilsTest {
         CryptoUtils cryptoUtils = new CryptoUtils(SECRET_KEY);
         String encryptedValue = cryptoUtils.encrypt(PASS);
         logger.info(ENCRYPTED_MSG, PASS, encryptedValue);
+        assertTrue(encryptedValue.startsWith("enc:"));
 
         String decryptedValue = cryptoUtils.decrypt(encryptedValue);
         logger.info(DECRYPTED_MSG, encryptedValue, decryptedValue);