From: hariharan97 <rh20085046@wipro.com>
Date: Wed, 10 Mar 2021 09:47:26 +0000 (+0530)
Subject: Fix CRITICAL weak-cryptography issues identified in sonarcloud
X-Git-Tag: 2.1.5~2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=5df9fcffab2024f2dfc5c7fda6c151de92b1b5b3;p=optf%2Fhas.git

Fix CRITICAL weak-cryptography issues identified in sonarcloud

Issue-ID: OPTFRA-924
Signed-off-by: hariharan97 <rh20085046@wipro.com>
Change-Id: Iba9f12d2c5aae0ff4cf14a34ec51a4f4fa0bfaf9
---

diff --git a/conductor/conductor/common/utils/cipherUtils.py b/conductor/conductor/common/utils/cipherUtils.py
index 0daf8ba..94c2649 100644
--- a/conductor/conductor/common/utils/cipherUtils.py
+++ b/conductor/conductor/common/utils/cipherUtils.py
@@ -61,13 +61,13 @@ class AESCipher(object):
     def encrypt(self, raw):
         raw = self._pad(raw)
         iv = Random.new().read(AES.block_size)
-        cipher = AES.new(self.key, AES.MODE_CBC, iv)
+        cipher = AES.new(self.key, AES.MODE_GCM, iv)
         return base64.b64encode(iv + cipher.encrypt(raw))
 
     def decrypt(self, enc):
         enc = base64.b64decode(enc)
         iv = enc[:AES.block_size]
-        cipher = AES.new(self.key, AES.MODE_CBC, iv)
+        cipher = AES.new(self.key, AES.MODE_GCM, iv)
         return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')
 
     def _pad(self, s):