From d248d6fbbaaa2466d9e28c74d0ede2aa64cede00 Mon Sep 17 00:00:00 2001
From: ravishanigarapu <133210792+ravishanigarapu@users.noreply.github.com>
Date: Wed, 16 Oct 2024 12:21:11 +0530
Subject: [PATCH] Visit Category and reason for visit not patching (#56)

* AMM-988 : After download master customization page is not reflecting in
Local MMU

* AMM-941 : Visit Category and Reason For Visit not patching

* Update build-on-pull-request.yml

* Update package.yml

* Update sast.yml

* Algorithm and sonar checks

* Update package.yml

* static field
---
 .github/workflows/build-on-pull-request.yml   |  2 +-
 .github/workflows/package.yml                 |  6 +-
 .github/workflows/sast.yml                    |  4 +-
 .../AESEncryptionDecryption.java              | 77 ++++++++++---------
 4 files changed, 46 insertions(+), 43 deletions(-)

diff --git a/.github/workflows/build-on-pull-request.yml b/.github/workflows/build-on-pull-request.yml
index b5c906a7..7371d7ef 100644
--- a/.github/workflows/build-on-pull-request.yml
+++ b/.github/workflows/build-on-pull-request.yml
@@ -1,7 +1,7 @@
 name: Build On Pull Request
 on:
   pull_request:
-    branches: [ "feature/version/upgrade" ]
+    branches: [ "develop","master" ]
     
 jobs:
   Build:
diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml
index d135261c..69ebb11d 100644
--- a/.github/workflows/package.yml
+++ b/.github/workflows/package.yml
@@ -2,12 +2,12 @@ name: Package
 
 on:
   push:
-    branches: [ "feature/version/upgrade"]
+    branches: [ "develop","master"]
     paths-ignore:
      - target/**
      
   pull_request:
-     branches: [ "feature/version/upgrade" ]
+     branches: [ "develop","master" ]
      paths-ignore:
      - target/**
      
@@ -36,7 +36,7 @@ jobs:
       run: mvn -B package --file pom.xml
       
     - name: Upload WAR file as artifact
-      uses: actions/upload-artifact@v2 
+      uses: actions/upload-artifact@v3
       with:
         name: MMU-API
         path: target/mmuapi-v1.0.war
diff --git a/.github/workflows/sast.yml b/.github/workflows/sast.yml
index d5d0d8cf..9e845b57 100644
--- a/.github/workflows/sast.yml
+++ b/.github/workflows/sast.yml
@@ -2,12 +2,12 @@ name: CodeQL
 
 on:
   push:
-    branches: [ "feature/version/upgrade" ]
+    branches: [ "develop","master" ]
     paths-ignore:
      - target/**
      
   pull_request:
-    branches: [ "feature/version/upgrade" ]
+    branches: [ "develop","master" ]
     paths-ignore:
      - target/**
 
diff --git a/src/main/java/com/iemr/mmu/utils/AESEncryption/AESEncryptionDecryption.java b/src/main/java/com/iemr/mmu/utils/AESEncryption/AESEncryptionDecryption.java
index f206a822..189ca779 100644
--- a/src/main/java/com/iemr/mmu/utils/AESEncryption/AESEncryptionDecryption.java
+++ b/src/main/java/com/iemr/mmu/utils/AESEncryption/AESEncryptionDecryption.java
@@ -24,17 +24,18 @@
 import java.io.UnsupportedEncodingException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
 import java.util.Arrays;
 import java.util.Base64;
 
 import javax.crypto.Cipher;
+import javax.crypto.spec.GCMParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Component;
 
-
 /*
 *
 *
@@ -44,56 +45,58 @@
 */
 @Component
 public class AESEncryptionDecryption {
-	
 
-	private  Logger logger = LoggerFactory.getLogger(AESEncryptionDecryption.class);
+	private Logger logger = LoggerFactory.getLogger(AESEncryptionDecryption.class);
 	private static SecretKeySpec secretKey;
-	private  byte[] key;
-	final String secret = "amrith$%2022@&*piramal@@swasthya!#";
+	private byte[] key;
+	private final String secret = "amrith$%2022@&*piramal@@swasthya!#";
+	private static final int IV_SIZE = 12;
+	private static final int TAG_SIZE = 128;
+	private static final String UTF_8 = "UTF-8";
 
-	public  void setKey(String myKey) {
-		MessageDigest sha = null;
+	public void setKey(String myKey) {
 		try {
-			key = myKey.getBytes("UTF-8");
-			sha = MessageDigest.getInstance("SHA-1");
+			key = myKey.getBytes(UTF_8);
+			MessageDigest sha = MessageDigest.getInstance("SHA-512");
 			key = sha.digest(key);
 			key = Arrays.copyOf(key, 16);
 			secretKey = new SecretKeySpec(key, "AES");
 		} catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
-			 logger.error("context", e);
+			logger.error("context", e);
 		}
 	}
 
+	public String encrypt(String strToEncrypt) throws Exception {
+		if (secretKey == null)
+			setKey(secret);
+		Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
 
-	public  String encrypt(String strToEncrypt) throws Exception {
-		 String encryptedString=null;
-		try {
-			if (secretKey == null)
-			     setKey(secret);
-			Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
-			cipher.init(Cipher.ENCRYPT_MODE, secretKey);
-			encryptedString= Base64.getEncoder().encodeToString(cipher.doFinal(strToEncrypt.getBytes("UTF-8")));
-		} catch (Exception e) {
-			logger.error("Error while encrypting: "+e.toString());
-			throw new Exception("Error while encrypting: "+e.toString());
-		}
-		return encryptedString;
-	}
+		// Generate IV
+		byte[] iv = new byte[IV_SIZE];
+		SecureRandom random = new SecureRandom();
+		random.nextBytes(iv);
+		cipher.init(Cipher.ENCRYPT_MODE, secretKey, new GCMParameterSpec(TAG_SIZE, iv));
 
+		byte[] encryptedBytes = cipher.doFinal(strToEncrypt.getBytes(UTF_8));
+		byte[] encryptedIvAndText = new byte[IV_SIZE + encryptedBytes.length];
+		System.arraycopy(iv, 0, encryptedIvAndText, 0, IV_SIZE);
+		System.arraycopy(encryptedBytes, 0, encryptedIvAndText, IV_SIZE, encryptedBytes.length);
 
-	public  String decrypt(String strToDecrypt) throws Exception {
-		 String decryptedString=null;
-		try {
-			if (secretKey == null)
-				setKey(secret);
-			Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
-			cipher.init(Cipher.DECRYPT_MODE, secretKey);
-			decryptedString= new String(cipher.doFinal(Base64.getDecoder().decode(strToDecrypt)));
-		} catch (Exception e) {
-			logger.error("Error while decrypting: "+e.toString());
-			throw new Exception("Error while decrypting: "+e.toString());
-		}
-		return decryptedString;
+		return Base64.getEncoder().encodeToString(encryptedIvAndText);
 	}
 
+	public String decrypt(String strToDecrypt) throws Exception {
+		if (secretKey == null)
+			setKey(secret);
+
+		byte[] encryptedIvAndText = Base64.getDecoder().decode(strToDecrypt);
+		byte[] iv = Arrays.copyOfRange(encryptedIvAndText, 0, IV_SIZE);
+		byte[] encryptedBytes = Arrays.copyOfRange(encryptedIvAndText, IV_SIZE, encryptedIvAndText.length);
+
+		Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
+		cipher.init(Cipher.DECRYPT_MODE, secretKey, new GCMParameterSpec(TAG_SIZE, iv));
+		byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
+
+		return new String(decryptedBytes, UTF_8);
+	}
 }