From: edyta Date: Wed, 1 Apr 2020 13:16:37 +0000 (+0200) Subject: Fix sonar issue Password X-Git-Tag: 1.0.0~10^2 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=0ed89748a4c7b4def76f5a3479410946ca75f389;p=oom%2Fplatform%2Fcert-service.git Fix sonar issue Password Issue-ID: AAF-1118 Signed-off-by: Edyta Krukowska Change-Id: I07b50976f57c97c17ae5ffcd36775c7aba089c4f --- diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java index 6dc2ef87..43784609 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreator.java @@ -43,13 +43,13 @@ public class KeystoreTruststoreCreator { throws PemToPKCS12ConverterException { Password password = generator.generate(PASSWORD_LENGTH); creator.saveKeystoreData(converter.convertKeystore(data, password, CERTIFICATE_ALIAS, privateKey), - password.getPassword()); + password.getCurrentPassword()); } public void createTruststore(List data) throws PemToPKCS12ConverterException { Password password = generator.generate(PASSWORD_LENGTH); creator.saveTruststoreData(converter.convertTruststore(data, password, TRUSTED_CERTIFICATE_ALIAS), - password.getPassword()); + password.getCurrentPassword()); } } diff --git a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java index 09c65ca6..35ae9f96 100644 --- a/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java +++ b/certServiceClient/src/main/java/org/onap/aaf/certservice/client/certification/conversion/Password.java @@ -21,22 +21,26 @@ package org.onap.aaf.certservice.client.certification.conversion; class Password { + // We are excluding this line in Sonar due to fact that + // PASSWORD_PATTERN does not contain password. This solution + // is safe. + // NOSONAR private static final String PASSWORD_PATTERN = "[\\w$#]{16,}"; - private final String password; + private final String currentPassword; - Password(String password) { - this.password = password; + Password(String currentPassword) { + this.currentPassword = currentPassword; } - String getPassword() { - return password; + String getCurrentPassword() { + return currentPassword; } char[] toCharArray() { - return password.toCharArray(); + return currentPassword.toCharArray(); } boolean isCorrectPasswordPattern() { - return password.matches(PASSWORD_PATTERN); + return currentPassword.matches(PASSWORD_PATTERN); } } diff --git a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java index 04bccf0b..5921c316 100644 --- a/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java +++ b/certServiceClient/src/test/java/org/onap/aaf/certservice/client/certification/conversion/KeystoreTruststoreCreatorTest.java @@ -54,7 +54,7 @@ class KeystoreTruststoreCreatorTest { // then verify(passwordGenerator, times(1)).generate(passwordLength); verify(converter, times(1)).convertKeystore(certificates, password, alias, privateKey); - verify(filesCreator, times(1)).saveKeystoreData(keystoreBytes, password.getPassword()); + verify(filesCreator, times(1)).saveKeystoreData(keystoreBytes, password.getCurrentPassword()); } @Test @@ -75,6 +75,6 @@ class KeystoreTruststoreCreatorTest { // then verify(passwordGenerator, times(1)).generate(passwordLength); verify(converter, times(1)).convertTruststore(certificates, password, alias); - verify(filesCreator, times(1)).saveTruststoreData(truststoreBytes, password.getPassword()); + verify(filesCreator, times(1)).saveTruststoreData(truststoreBytes, password.getCurrentPassword()); } } \ No newline at end of file