+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.cadi.cm;\r
-\r
-import java.io.File;\r
-import java.io.FileOutputStream;\r
-import java.io.FileWriter;\r
-import java.io.IOException;\r
-import java.io.PrintStream;\r
-import java.io.PrintWriter;\r
-import java.security.KeyStore;\r
-import java.util.ArrayList;\r
-import java.util.HashMap;\r
-import java.util.List;\r
-import java.util.Map;\r
-\r
-import org.onap.aaf.cadi.CadiException;\r
-import org.onap.aaf.cadi.Symm;\r
-import org.onap.aaf.cadi.config.Config;\r
-import org.onap.aaf.cadi.util.Chmod;\r
-\r
-import org.onap.aaf.inno.env.Trans;\r
-import org.onap.aaf.inno.env.util.Chrono;\r
-\r
-import certman.v1_0.Artifacts.Artifact;\r
-import certman.v1_0.CertInfo;\r
-\r
-public abstract class ArtifactDir implements PlaceArtifact {\r
-\r
- protected static final String C_R = "\n";\r
- protected File dir;\r
- private List<String> encodeds = new ArrayList<String>();\r
- \r
- private Symm symm;\r
- // This checks for multiple passes of Dir on the same objects. Run clear after done.\r
- protected static Map<String,Object> processed = new HashMap<String,Object>();\r
-\r
-\r
- /**\r
- * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and \r
- * then "placeProperties(arti)" just after they implement\r
- */\r
- @Override\r
- public final boolean place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {\r
- validate(arti);\r
- \r
- try {\r
- // Obtain/setup directory as required\r
- dir = new File(arti.getDir());\r
- if(processed.get("dir")==null) {\r
- if(!dir.exists()) {\r
- Chmod.to755.chmod(dir);\r
- if(!dir.mkdirs()) {\r
- throw new CadiException("Could not create " + dir);\r
- }\r
- }\r
- \r
- // Also place cm_url and Host Name\r
- addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));\r
- addProperty(Config.HOSTNAME,arti.getMachine());\r
- //addProperty(Config.AAF_ENV,certInfo.getEnv());\r
- // Obtain Issuers\r
- boolean first = true;\r
- StringBuilder issuers = new StringBuilder();\r
-// for(String dn : certInfo.getCaIssuerDNs()) {\r
-// if(first) {\r
-// first=false;\r
-// } else {\r
-// issuers.append(':');\r
-// }\r
-// issuers.append(dn);\r
-// }\r
- addProperty(Config.CADI_X509_ISSUERS,issuers.toString());\r
- }\r
- symm = (Symm)processed.get("symm");\r
- if(symm==null) {\r
- // CADI Key Gen\r
- File f = new File(dir,arti.getAppName() + ".keyfile");\r
- if(!f.exists()) {\r
- write(f,Chmod.to400,Symm.baseCrypt().keygen());\r
- }\r
- symm = Symm.obtain(f); \r
-\r
- addEncProperty("ChallengePassword", certInfo.getChallenge());\r
- \r
- processed.put("symm",symm);\r
- }\r
-\r
- _place(trans, certInfo,arti);\r
- \r
- placeProperties(arti);\r
- \r
- processed.put("dir",dir);\r
-\r
- } catch (Exception e) {\r
- throw new CadiException(e);\r
- }\r
- return true;\r
- }\r
-\r
- /**\r
- * Derived Classes implement this instead, so Dir can process first, and write any Properties last\r
- * @param cert\r
- * @param arti\r
- * @return\r
- * @throws CadiException\r
- */\r
- protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;\r
-\r
- protected void addProperty(String tag, String value) throws IOException {\r
- StringBuilder sb = new StringBuilder();\r
- sb.append(tag);\r
- sb.append('=');\r
- sb.append(value);\r
- encodeds.add(sb.toString());\r
- }\r
-\r
- protected void addEncProperty(String tag, String value) throws IOException {\r
- StringBuilder sb = new StringBuilder();\r
- sb.append(tag);\r
- sb.append('=');\r
- sb.append("enc:???");\r
- sb.append(symm.enpass(value));\r
- encodeds.add(sb.toString());\r
- }\r
-\r
- protected void write(File f, Chmod c, String ... data) throws IOException {\r
- f.setWritable(true,true);\r
- \r
- FileOutputStream fos = new FileOutputStream(f);\r
- PrintStream ps = new PrintStream(fos);\r
- try {\r
- for(String s : data) {\r
- ps.print(s);\r
- }\r
- } finally {\r
- ps.close();\r
- c.chmod(f);\r
- }\r
- }\r
-\r
- protected void write(File f, Chmod c, byte[] bytes) throws IOException {\r
- f.setWritable(true,true);\r
- \r
- FileOutputStream fos = new FileOutputStream(f);\r
- try {\r
- fos.write(bytes);\r
- } finally {\r
- fos.close();\r
- c.chmod(f);\r
- }\r
- }\r
- \r
- protected void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {\r
- f.setWritable(true,true);\r
- \r
- FileOutputStream fos = new FileOutputStream(f);\r
- try {\r
- ks.store(fos, pass);\r
- } catch (Exception e) {\r
- throw new CadiException(e);\r
- } finally {\r
- fos.close();\r
- c.chmod(f);\r
- }\r
- }\r
-\r
-\r
- private void validate(Artifact a) throws CadiException {\r
- StringBuilder sb = new StringBuilder();\r
- if(a.getDir()==null) {\r
- sb.append("File Artifacts require a path");\r
- }\r
-\r
- if(a.getAppName()==null) {\r
- if(sb.length()>0) {\r
- sb.append('\n');\r
- }\r
- sb.append("File Artifacts require an AAF Namespace");\r
- }\r
- \r
- if(sb.length()>0) {\r
- throw new CadiException(sb.toString());\r
- }\r
- }\r
-\r
- private boolean placeProperties(Artifact arti) throws CadiException {\r
- if(encodeds.size()==0) {\r
- return true;\r
- }\r
- boolean first=processed.get("dir")==null;\r
- try {\r
- File f = new File(dir,arti.getAppName()+".props");\r
- if(f.exists()) {\r
- if(first) {\r
- f.delete();\r
- } else {\r
- f.setWritable(true);\r
- }\r
- }\r
- // Append if not first\r
- PrintWriter pw = new PrintWriter(new FileWriter(f,!first));\r
- \r
- // Write a Header\r
- if(first) {\r
- for(int i=0;i<60;++i) {\r
- pw.print('#');\r
- }\r
- pw.println();\r
- pw.println("# Properties Generated by AT&T Certificate Manager");\r
- pw.print("# by ");\r
- pw.println(System.getProperty("user.name"));\r
- pw.print("# on ");\r
- pw.println(Chrono.dateStamp());\r
- pw.println("# @copyright 2016, AT&T");\r
- for(int i=0;i<60;++i) {\r
- pw.print('#');\r
- }\r
- pw.println();\r
- for(String prop : encodeds) {\r
- if( prop.startsWith("cm_") \r
- || prop.startsWith(Config.HOSTNAME)\r
- || prop.startsWith(Config.AAF_ENV)) {\r
- pw.println(prop);\r
- }\r
- }\r
- }\r
- \r
- try {\r
- for(String prop : encodeds) {\r
- if(prop.startsWith("cadi")) {\r
- pw.println(prop);\r
- }\r
- }\r
- } finally {\r
- pw.close();\r
- }\r
- Chmod.to644.chmod(f);\r
- \r
- if(first) {\r
- // Challenge\r
- f = new File(dir,arti.getAppName()+".chal");\r
- if(f.exists()) {\r
- f.delete();\r
- }\r
- pw = new PrintWriter(new FileWriter(f));\r
- try {\r
- for(String prop : encodeds) {\r
- if(prop.startsWith("Challenge")) {\r
- pw.println(prop);\r
- }\r
- }\r
- } finally {\r
- pw.close();\r
- }\r
- Chmod.to400.chmod(f);\r
- }\r
- } catch(Exception e) {\r
- throw new CadiException(e);\r
- }\r
- return true;\r
- }\r
- \r
- public static void clear() {\r
- processed.clear();\r
- }\r
-\r
-}\r
Code Review / aaf / cadi.git / blobdiff