Code Review
/
aaf
/
authz.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Update CM to us Local Intermediate Certs
[aaf/authz.git]
/
auth
/
auth-certman
/
src
/
main
/
java
/
org
/
onap
/
aaf
/
auth
/
cm
/
ca
/
X509ChainWithIssuer.java
diff --git
a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index
6ba5a37
..
e31b998
100644
(file)
--- a/
auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/
auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@
-29,13
+29,14
@@
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.List;
import java.util.Collection;
import java.util.List;
-import org.onap.aaf.cadi.c
m
.CertException;
-import org.onap.aaf.cadi.c
m
.Factory;
+import org.onap.aaf.cadi.c
onfigure
.CertException;
+import org.onap.aaf.cadi.c
onfigure
.Factory;
public class X509ChainWithIssuer extends X509andChain {
private String issuerDN;
public class X509ChainWithIssuer extends X509andChain {
private String issuerDN;
+ public X509Certificate caX509;
- public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
+ public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509)
throws IOException, CertException
{
super(x509,orig.trustChain);
issuerDN=orig.issuerDN;
}
super(x509,orig.trustChain);
issuerDN=orig.issuerDN;
}
@@
-48,7
+49,8
@@
public class X509ChainWithIssuer extends X509andChain {
if(rdr==null) { // cover for badly formed array
continue;
}
if(rdr==null) { // cover for badly formed array
continue;
}
- byte[] bytes = Factory.decode(rdr);
+
+ byte[] bytes = Factory.decode(rdr,null);
try {
certs = Factory.toX509Certificate(bytes);
} catch (CertificateException e) {
try {
certs = Factory.toX509Certificate(bytes);
} catch (CertificateException e) {
@@
-62,24
+64,24
@@
public class X509ChainWithIssuer extends X509andChain {
}
if(cert==null) { // first in Trust Chain
issuerDN = subject.toString();
}
if(cert==null) { // first in Trust Chain
issuerDN = subject.toString();
+ cert=x509; // adding each time makes sure last one is signer.
}
addTrustChainEntry(x509);
}
addTrustChainEntry(x509);
- cert=x509; // adding each time makes sure last one is signer.
}
}
}
public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
X509Certificate x509;
}
}
}
public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
X509Certificate x509;
- for(
Certificate c : certs
) {
- x509=(X509Certificate)c;
+ for(
int i=certs.length-1; i>=0; --i
) {
+ x509=(X509Certificate)c
erts[i]
;
Principal subject = x509.getSubjectDN();
if(subject!=null) {
Principal subject = x509.getSubjectDN();
if(subject!=null) {
- if(cert==null) { // first in Trust Chain
- issuerDN= subject.toString();
- }
addTrustChainEntry(x509);
addTrustChainEntry(x509);
- cert=x509; // adding each time makes sure last one is signer.
+ if(i==0) { // last one is signer
+ cert=x509;
+ issuerDN= subject.toString();
+ }
}
}
}
}
}
}