From: guangxingwang <gw1218@att.com>
Date: Mon, 5 Feb 2018 20:01:00 +0000 (-0600)
Subject: Implement Encryption on Passwords
X-Git-Tag: v1.2.0~157^2~1
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=policy%2Fengine.git;a=commitdiff_plain;h=9b323f102056c57c5dbc10917c9c72ddb929c418

Implement Encryption on Passwords

Fix Fortify scan issue - hardcoded password in properties file

Issue-ID: POLICY-542
Change-Id: Icefd4097dc2e20c0ec2b78c002599defb6034267
Signed-off-by: guangxingwang <gw1218@att.com>
---

diff --git a/LogParser/parserlog.properties b/LogParser/parserlog.properties
index 66ce34d19..76716d589 100644
--- a/LogParser/parserlog.properties
+++ b/LogParser/parserlog.properties
@@ -2,7 +2,7 @@
 # ============LICENSE_START=======================================================
 # LogParser
 # ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -23,13 +23,15 @@ RESOURCE_NAME=logparser_pap01
 javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver
 javax.persistence.jdbc.url=jdbc:mariadb://localhost:3306/onap_sdk
 javax.persistence.jdbc.user=policy_user
-javax.persistence.jdbc.password=policy_user
+#javax.persistence.jdbc.password=policy_user
+javax.persistence.jdbc.password=Za2Xy8XOo9wn8V1EetPgoQ==
 
 #Log Parser application values
 JDBC_DRIVER=org.mariadb.jdbc.Driver
 JDBC_URL=jdbc:mariadb://localhost:3306/log
 JDBC_USER=policy_user
-JDBC_PASSWORD=policy_user
+#JDBC_PASSWORD=policy_user
+JDBC_PASSWORD=Za2Xy8XOo9wn8V1EetPgoQ==
 SERVER=https://localhost:9091/pap/
 LOGTYPE=PAP
 LOGPATH=C:\\Workspaces\\HealthCheck\\pap-rest.log
diff --git a/LogParser/pom.xml b/LogParser/pom.xml
index 8af1dc278..c7b181413 100644
--- a/LogParser/pom.xml
+++ b/LogParser/pom.xml
@@ -3,7 +3,7 @@
   ============LICENSE_START=======================================================
   ONAP Policy Engine
   ================================================================================
-  Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+  Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
   ================================================================================
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
@@ -103,7 +103,34 @@
 		    <groupId>org.mockito</groupId>
 		    <artifactId>mockito-all</artifactId>
 		    <version>1.10.19</version>
-		</dependency>       
+		</dependency> 
+		<dependency>
+			<groupId>org.onap.policy.engine</groupId>
+			<artifactId>PolicyEngineUtils</artifactId>
+			<version>${project.version}</version>
+			<exclusions>
+				<exclusion>
+					<groupId>com.att.aft</groupId>
+					<artifactId>dme2</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.json</groupId>
+					<artifactId>json</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.onap.dmaap.messagerouter.dmaapclient</groupId>
+					<artifactId>dmaapClient</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>com.att.nsa</groupId>
+					<artifactId>cambriaClient</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>com.att.cadi</groupId>
+					<artifactId>cadi-aaf</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>     		           
 	</dependencies>
 	<build>
 		<plugins>
diff --git a/LogParser/src/main/java/org/onap/xacml/parser/ParseLog.java b/LogParser/src/main/java/org/onap/xacml/parser/ParseLog.java
index 1dbe12523..827516e75 100644
--- a/LogParser/src/main/java/org/onap/xacml/parser/ParseLog.java
+++ b/LogParser/src/main/java/org/onap/xacml/parser/ParseLog.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START=======================================================
  * LogParser
  * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -50,6 +50,7 @@ import org.onap.policy.common.im.AdministrativeStateException;
 import org.onap.policy.common.im.IntegrityMonitor;
 import org.onap.policy.common.im.StandbyStatusException;
 import org.onap.policy.common.logging.flexlogger.FlexLogger;
+import org.onap.policy.utils.CryptoUtils;
 import org.onap.xacml.parser.LogEntryObject.LOGTYPE;
 
 /**
@@ -808,7 +809,8 @@ public class ParseLog {
 					jdbcUrl = config.getProperty("JDBC_URL").replace("'", "");
 					jdbcUser = config.getProperty("JDBC_USER");
 					jdbcDriver =  config.getProperty("JDBC_DRIVER");
-					jdbcPassword = config.getProperty("JDBC_PASSWORD");
+					jdbcPassword = CryptoUtils.decryptTxtNoExStr(config.getProperty("JDBC_PASSWORD", ""));
+					config.setProperty("javax.persistence.jdbc.password", CryptoUtils.decryptTxtNoExStr(config.getProperty("javax.persistence.jdbc.password", "")));
 					return config;
 
 				} catch (IOException e) {