Speed up CryptoUtilsTest
CryptoUtilsTest runs slowly because the SecureRandom that CryptoUtils
uses to generate an "iv" takes a while to create enough randomness.
However, as the "iv" is only used as a "salt", it is not necessary
to use SecureRandom; the values generated by Random are sufficient.
Change-Id: I1f3b03b85d28852a7969d3a83802a2691308caa5
Issue-ID: POLICY-1791
Signed-off-by: Jim Hahn <jrh3@att.com>
diff --git a/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java b/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java
index 579eed9..94b367e 100644
--- a/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java
+++ b/utils/src/main/java/org/onap/policy/common/utils/security/CryptoUtils.java
@@ -22,7 +22,7 @@
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
-import java.security.SecureRandom;
+import java.util.Random;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
@@ -54,11 +54,18 @@
*/
private static final int IV_BLOCK_SIZE_IN_BYTES = IV_BLOCK_SIZE_IN_BITS / 8;
- private static int validSize = (2 * IV_BLOCK_SIZE_IN_BYTES) + 4;
+ /**
+ * Minimum length of an encrypted value.
+ */
+ private static final int MIN_VALUE_SIZE = (2 * IV_BLOCK_SIZE_IN_BYTES) + 4;
private SecretKeySpec secretKeySpec;
- private static final String RANDOM_NUMBER_GENERATOR = "SHA1PRNG";
+ /**
+ * Used to generate a random "iv". Strong randomness is not needed, as this is only
+ * used as a "salt".
+ */
+ private static final Random RANDOM = new Random();
/**
* CryptoUtils - encryption tool constructor.
@@ -115,7 +122,7 @@
try {
Cipher cipher = Cipher.getInstance(ALGORITHM_DETAILS);
byte[] iv = new byte[IV_BLOCK_SIZE_IN_BYTES];
- SecureRandom.getInstance(RANDOM_NUMBER_GENERATOR).nextBytes(iv);
+ RANDOM.nextBytes(iv);
IvParameterSpec ivspec = new IvParameterSpec(iv);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivspec);
@@ -164,7 +171,7 @@
if (value == null || value.isEmpty() || !isEncrypted(value)) {
return value;
}
- if (value.length() < validSize) {
+ if (value.length() < MIN_VALUE_SIZE) {
throw new IllegalArgumentException("Invalid size on input value");
}
try {
diff --git a/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java b/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java
index 9a88918..a992415 100644
--- a/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java
+++ b/utils/src/test/java/org/onap/policy/common/utils/security/CryptoUtilsTest.java
@@ -22,6 +22,7 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
import java.security.GeneralSecurityException;
import org.junit.Test;
@@ -46,6 +47,7 @@
CryptoUtils cryptoUtils = new CryptoUtils(SECRET_KEY);
String encryptedValue = cryptoUtils.encrypt(PASS);
logger.info(ENCRYPTED_MSG, PASS, encryptedValue);
+ assertTrue(encryptedValue.startsWith("enc:"));
String decryptedValue = cryptoUtils.decrypt(encryptedValue);
logger.info(DECRYPTED_MSG, encryptedValue, decryptedValue);