2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
21 package org.onap.aaf.auth.cm.ca;
23 import java.io.IOException;
24 import java.io.Reader;
25 import java.security.Principal;
26 import java.security.cert.Certificate;
27 import java.security.cert.CertificateException;
28 import java.security.cert.X509Certificate;
29 import java.util.Collection;
30 import java.util.List;
32 import org.onap.aaf.cadi.configure.CertException;
33 import org.onap.aaf.cadi.configure.Factory;
35 public class X509ChainWithIssuer extends X509andChain {
36 private String issuerDN;
38 public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
39 super(x509,orig.trustChain);
40 issuerDN=orig.issuerDN;
43 public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
44 // Trust Chain. Last one should be the CA
45 Collection<? extends Certificate> certs;
47 for (Reader rdr : rdrs) {
48 if (rdr==null) { // cover for badly formed array
52 byte[] bytes = Factory.decode(rdr,null);
54 certs = Factory.toX509Certificate(bytes);
55 } catch (CertificateException e) {
56 throw new CertException(e);
58 for (Certificate c : certs) {
59 x509=(X509Certificate)c;
60 Principal subject = x509.getSubjectDN();
64 if (cert==null) { // first in Trust Chain
65 issuerDN = subject.toString();
66 cert=x509; // adding each time makes sure last one is signer.
68 addTrustChainEntry(x509);
73 public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
75 for (int i=certs.length-1; i>=0; --i) {
76 x509=(X509Certificate)certs[i];
77 Principal subject = x509.getSubjectDN();
79 addTrustChainEntry(x509);
80 if (i==0) { // last one is signer
82 issuerDN= subject.toString();
88 public String getIssuerDN() {