Fix CRITICAL weak-cryptography issues identified in sonarcloud

Issue-ID: OPTFRA-924
Signed-off-by: hariharan97 <rh20085046@wipro.com>
Change-Id: Iba9f12d2c5aae0ff4cf14a34ec51a4f4fa0bfaf9

diff --git a/conductor/conductor/common/utils/cipherUtils.py b/conductor/conductor/common/utils/cipherUtils.py
index 0daf8ba..94c2649 100644 (file)
--- a/conductor/conductor/common/utils/cipherUtils.py
+++ b/conductor/conductor/common/utils/cipherUtils.py
@@ -61,13 +61,13 @@ class AESCipher(object):
     def encrypt(self, raw):
         raw = self._pad(raw)
         iv = Random.new().read(AES.block_size)
-        cipher = AES.new(self.key, AES.MODE_CBC, iv)
+        cipher = AES.new(self.key, AES.MODE_GCM, iv)
         return base64.b64encode(iv + cipher.encrypt(raw))
 
     def decrypt(self, enc):
         enc = base64.b64decode(enc)
         iv = enc[:AES.block_size]
-        cipher = AES.new(self.key, AES.MODE_CBC, iv)
+        cipher = AES.new(self.key, AES.MODE_GCM, iv)
         return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')
 
     def _pad(self, s):