2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
21 package org.onap.aaf.auth.cm.ca;
23 import java.io.IOException;
24 import java.io.Reader;
25 import java.security.Principal;
26 import java.security.cert.Certificate;
27 import java.security.cert.CertificateException;
28 import java.security.cert.X509Certificate;
29 import java.util.Collection;
30 import java.util.List;
32 import org.onap.aaf.cadi.cm.CertException;
33 import org.onap.aaf.cadi.cm.Factory;
35 public class X509ChainWithIssuer extends X509andChain {
36 private String issuerDN;
38 public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
39 super(x509,orig.trustChain);
40 issuerDN=orig.issuerDN;
43 public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
44 // Trust Chain. Last one should be the CA
45 Collection<? extends Certificate> certs;
47 for(Reader rdr : rdrs) {
48 if(rdr!=null) { // cover for badly formed array
49 byte[] bytes = Factory.decode(rdr);
51 certs = Factory.toX509Certificate(bytes);
52 } catch (CertificateException e) {
53 throw new CertException(e);
55 for(Certificate c : certs) {
56 x509=(X509Certificate)c;
57 Principal subject = x509.getSubjectDN();
59 if(cert==null) { // first in Trust Chain
60 issuerDN= subject.toString();
62 addTrustChainEntry(x509);
63 cert=x509; // adding each time makes sure last one is signer.
70 public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
72 for(Certificate c : certs) {
73 x509=(X509Certificate)c;
74 Principal subject = x509.getSubjectDN();
76 if(cert==null) { // first in Trust Chain
77 issuerDN= subject.toString();
79 addTrustChainEntry(x509);
80 cert=x509; // adding each time makes sure last one is signer.
85 public String getIssuerDN() {