Improve coverage of cadi-core

[aaf/authz.git] / cadi / core / src / main / java / org / onap / aaf / cadi / taf / cert / X509Taf.java

diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
index b5ed7ad..66683dc 100644 (file)
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
@@ -70,7 +70,7 @@ public class X509Taf implements HttpTaf {
                try {
                        certFactory = CertificateFactory.getInstance("X.509");
                        messageDigest = MessageDigest.getInstance("SHA-256"); // use this to clone
-                       tmf = TrustManagerFactory.getInstance(SecurityInfoC.SslKeyManagerFactoryAlgorithm);
+                       tmf = TrustManagerFactory.getInstance(SecurityInfoC.SSL_KEY_MANAGER_FACTORY_ALGORITHM);
                } catch (Exception e) {
                        throw new RuntimeException("X.509 and SHA-256 are required for X509Taf",e);
                }
@@ -130,7 +130,8 @@ public class X509Taf implements HttpTaf {
                        if(certarr!=null && certarr.length>0) {
                                si.checkClientTrusted(certarr);
                                // Note: If the Issuer is not in the TrustStore, it's not added to the Cert list
-                               if(cadiIssuers.contains(certarr[0].getIssuerDN().toString())) {
+                               String issuer = certarr[0].getIssuerDN().toString();
+                               if(cadiIssuers.contains(issuer)) {
                                        String subject = certarr[0].getSubjectDN().getName();
                                        // avoiding extra object creation, since this is validated EVERY transaction with a Cert
                                        int at = subject.indexOf('@');