2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
21 package org.onap.aaf.auth.cm.ca;
23 import java.io.IOException;
24 import java.io.Reader;
25 import java.security.Principal;
26 import java.security.cert.Certificate;
27 import java.security.cert.CertificateException;
28 import java.security.cert.X509Certificate;
29 import java.util.Collection;
30 import java.util.List;
32 import org.onap.aaf.cadi.configure.CertException;
33 import org.onap.aaf.cadi.configure.Factory;
35 public class X509ChainWithIssuer extends X509andChain {
36 private String issuerDN;
37 public X509Certificate caX509;
39 public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
40 super(x509,orig.trustChain);
41 issuerDN=orig.issuerDN;
44 public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
45 // Trust Chain. Last one should be the CA
46 Collection<? extends Certificate> certs;
48 for (Reader rdr : rdrs) {
49 if (rdr==null) { // cover for badly formed array
53 byte[] bytes = Factory.decode(rdr,null);
55 certs = Factory.toX509Certificate(bytes);
56 } catch (CertificateException e) {
57 throw new CertException(e);
59 for (Certificate c : certs) {
60 x509=(X509Certificate)c;
61 Principal subject = x509.getSubjectDN();
65 if (cert==null) { // first in Trust Chain
66 issuerDN = subject.toString();
67 cert=x509; // adding each time makes sure last one is signer.
69 addTrustChainEntry(x509);
74 public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
76 for (int i=certs.length-1; i>=0; --i) {
77 x509=(X509Certificate)certs[i];
78 Principal subject = x509.getSubjectDN();
80 addTrustChainEntry(x509);
81 if (i==0) { // last one is signer
83 issuerDN= subject.toString();
89 public String getIssuerDN() {