Merge "Fixes sonar issues in API_Artifact"

[aaf/authz.git] / auth / auth-certman / src / main / java / org / onap / aaf / auth / cm / ca / X509ChainWithIssuer.java

diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index 6f3062b..e31b998 100644 (file)
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@ -29,13 +29,14 @@ import java.security.cert.X509Certificate;
 import java.util.Collection;
 import java.util.List;
 
-import org.onap.aaf.cadi.cm.CertException;
-import org.onap.aaf.cadi.cm.Factory;
+import org.onap.aaf.cadi.configure.CertException;
+import org.onap.aaf.cadi.configure.Factory;
 
 public class X509ChainWithIssuer extends X509andChain {
        private String issuerDN;
+       public X509Certificate caX509;
 
-       public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
+       public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) throws IOException, CertException {
                super(x509,orig.trustChain);
                issuerDN=orig.issuerDN;         
        }
@@ -45,39 +46,42 @@ public class X509ChainWithIssuer extends X509andChain {
                Collection<? extends Certificate> certs;
                X509Certificate x509;
                for(Reader rdr : rdrs) {
-                       if(rdr!=null) { // cover for badly formed array
-                               byte[] bytes = Factory.decode(rdr);
-                               try {
-                                       certs = Factory.toX509Certificate(bytes);
-                               } catch (CertificateException e) {
-                                       throw new CertException(e);
+                       if(rdr==null) { // cover for badly formed array
+                               continue;
+                       }
+                       
+                       byte[] bytes = Factory.decode(rdr,null);
+                       try {
+                               certs = Factory.toX509Certificate(bytes);
+                       } catch (CertificateException e) {
+                               throw new CertException(e);
+                       }
+                       for(Certificate c : certs) {
+                               x509=(X509Certificate)c;
+                               Principal subject = x509.getSubjectDN();
+                               if(subject==null) {
+                                       continue;
                                }
-                               for(Certificate c : certs) {
-                                       x509=(X509Certificate)c;
-                                       Principal subject = x509.getSubjectDN();
-                                       if(subject!=null) {
-                                               if(cert==null) { // first in Trust Chain
-                                                       issuerDN= subject.toString();
-                                               }
-                                               addTrustChainEntry(x509);
-                                               cert=x509; // adding each time makes sure last one is signer.
-                                       }
+                               if(cert==null) { // first in Trust Chain
+                                       issuerDN = subject.toString();
+                                       cert=x509; // adding each time makes sure last one is signer.
                                }
+                               addTrustChainEntry(x509);
                        }
                }
        }
        
        public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
                X509Certificate x509;
-               for(Certificate c : certs) {
-                       x509=(X509Certificate)c;
+               for(int i=certs.length-1; i>=0; --i) {
+                       x509=(X509Certificate)certs[i];
                        Principal subject = x509.getSubjectDN();
                        if(subject!=null) {
-                               if(cert==null) { // first in Trust Chain
-                                       issuerDN= subject.toString();
-                               }
                                addTrustChainEntry(x509);
-                               cert=x509; // adding each time makes sure last one is signer.
+                               if(i==0) { // last one is signer
+                                       cert=x509; 
+                                       issuerDN= subject.toString(); 
+                               }
                        }
                }
        }