Remove Code from cadi, it is now in authz

[aaf/cadi.git] / aaf / src / main / java / org / onap / aaf / cadi / cm / PlaceArtifactInKeystore.java
diff --git a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java b/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java

deleted file mode 100644 (file)

index ddda1db..0000000
--- a/aaf/src/main/java/org/onap/aaf/cadi/cm/PlaceArtifactInKeystore.java
+++ /dev/null
@@ -1,130 +0,0 @@
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- *  *      http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- *  * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.cadi.cm;\r
-\r
-import java.io.File;\r
-import java.security.KeyStore;\r
-import java.security.PrivateKey;\r
-import java.security.cert.Certificate;\r
-import java.security.cert.X509Certificate;\r
-import java.util.Collection;\r
-\r
-import org.onap.aaf.cadi.CadiException;\r
-import org.onap.aaf.cadi.Symm;\r
-import org.onap.aaf.cadi.config.Config;\r
-import org.onap.aaf.cadi.util.Chmod;\r
-\r
-import org.onap.aaf.inno.env.Trans;\r
-\r
-import certman.v1_0.Artifacts.Artifact;\r
-import certman.v1_0.CertInfo;\r
-\r
-public class PlaceArtifactInKeystore extends ArtifactDir {\r
-       private String kst;\r
-       //TODO get ROOT DNs or Trusted DNs from Certificate Manager.\r
-//     private static String[] rootDNs = new String[]{                 \r
-//                     "CN=ATT CADI Root CA - Test, O=ATT, OU=CSO, C=US", // Lab.  delete eventually\r
-//                     "CN=ATT AAF CADI TEST CA, OU=CSO, O=ATT, C=US",\r
-//                     "CN=ATT AAF CADI CA, OU=CSO, O=ATT, C=US"\r
-//     };\r
-\r
-       public PlaceArtifactInKeystore(String kst) {\r
-               this.kst = kst;\r
-       }\r
-\r
-       @Override\r
-       public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {\r
-               File fks = new File(dir,arti.getAppName()+'.'+kst);\r
-               try {\r
-                       KeyStore jks = KeyStore.getInstance(kst);\r
-                       if(fks.exists()) {\r
-                               fks.delete();\r
-                       }       \r
-\r
-                       // Get the Cert(s)... Might include Trust store\r
-                       Collection<? extends Certificate> certColl = Factory.toX509Certificate(certInfo.getCerts());\r
-                       X509Certificate[] certs = new X509Certificate[certColl.size()];\r
-                       certColl.toArray(certs);\r
-                       \r
-\r
-                       // Add CADI Keyfile Entry to Properties\r
-                       addProperty(Config.CADI_KEYFILE,arti.getDir()+'/'+arti.getAppName() + ".keyfile");\r
-                       // Set Keystore Password\r
-                       addProperty(Config.CADI_KEYSTORE,fks.getAbsolutePath());\r
-                       String keystorePass = Symm.randomGen(CmAgent.PASS_SIZE);\r
-                       addEncProperty(Config.CADI_KEYSTORE_PASSWORD,keystorePass);\r
-                       char[] keystorePassArray = keystorePass.toCharArray();\r
-                       jks.load(null,keystorePassArray); // load in\r
-                       \r
-                       // Add Private Key/Cert Entry for App\r
-                       // Note: Java SSL security classes, while having a separate key from keystore,\r
-                       // is documented to not actually work. \r
-                       // java.security.UnrecoverableKeyException: Cannot recover key\r
-                       // You can create a custom Key Manager to make it work, but Practicality  \r
-                       // dictates that you live with the default, meaning, they are the same\r
-                       String keyPass = keystorePass; //Symm.randomGen(CmAgent.PASS_SIZE);\r
-                       PrivateKey pk = Factory.toPrivateKey(trans, certInfo.getPrivatekey());\r
-                       addEncProperty(Config.CADI_KEY_PASSWORD, keyPass);\r
-                       addProperty(Config.CADI_ALIAS, arti.getMechid());\r
-//                     Set<Attribute> attribs = new HashSet<Attribute>();\r
-//                     if(kst.equals("pkcs12")) {\r
-//                             // Friendly Name\r
-//                             attribs.add(new PKCS12Attribute("1.2.840.113549.1.9.20", arti.getAppName()));\r
-//                     } \r
-//                     \r
-                       KeyStore.ProtectionParameter protParam = \r
-                                       new KeyStore.PasswordProtection(keyPass.toCharArray());\r
-                       \r
-                       KeyStore.PrivateKeyEntry pkEntry = \r
-                               new KeyStore.PrivateKeyEntry(pk, new Certificate[] {certs[0]});\r
-                       jks.setEntry(arti.getMechid(), \r
-                                       pkEntry, protParam);\r
-               \r
-                       // Write out\r
-                       write(fks,Chmod.to400,jks,keystorePassArray);\r
-                       \r
-                       // Change out to TrustStore\r
-                       fks = new File(dir,arti.getAppName()+".trust."+kst);\r
-                       jks = KeyStore.getInstance(kst);\r
-                       \r
-                       // Set Truststore Password\r
-                       addProperty(Config.CADI_TRUSTSTORE,fks.getAbsolutePath());\r
-                       String trustStorePass = Symm.randomGen(CmAgent.PASS_SIZE);\r
-                       addEncProperty(Config.CADI_TRUSTSTORE_PASSWORD,trustStorePass);\r
-                       char[] truststorePassArray = trustStorePass.toCharArray();\r
-                       jks.load(null,truststorePassArray); // load in\r
-                       \r
-                       // Add Trusted Certificates\r
-                       for(int i=1; i<certs.length;++i) {\r
-                               jks.setCertificateEntry("cadi_root_" + arti.getCa() + '_' + i, certs[i]);\r
-                       }\r
-                       // Write out\r
-                       write(fks,Chmod.to644,jks,truststorePassArray);\r
-\r
-               } catch (Exception e) {\r
-                       throw new CadiException(e);\r
-               }\r
-               return false;\r
-       }\r
-\r
-}\r