X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-certman%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fcm%2Fca%2FX509ChainWithIssuer.java;h=e31b99889108aab0ea5b84c3cf6ba0981a64ac10;hb=c060284812fbbc18fcf22eb628c47c251505fe50;hp=6ba5a37fa7ce090f16e2626a2644078131a29b3c;hpb=2c0dd5c5136e249f63f1d3296063795cde30c399;p=aaf%2Fauthz.git

diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index 6ba5a37f..e31b9988 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@ -29,13 +29,14 @@ import java.security.cert.X509Certificate;
 import java.util.Collection;
 import java.util.List;
 
-import org.onap.aaf.cadi.cm.CertException;
-import org.onap.aaf.cadi.cm.Factory;
+import org.onap.aaf.cadi.configure.CertException;
+import org.onap.aaf.cadi.configure.Factory;
 
 public class X509ChainWithIssuer extends X509andChain {
 	private String issuerDN;
+	public X509Certificate caX509;
 
-	public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
+	public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) throws IOException, CertException {
 		super(x509,orig.trustChain);
 		issuerDN=orig.issuerDN;		
 	}
@@ -48,7 +49,8 @@ public class X509ChainWithIssuer extends X509andChain {
 			if(rdr==null) { // cover for badly formed array
 				continue;
 			}
-			byte[] bytes = Factory.decode(rdr);
+			
+			byte[] bytes = Factory.decode(rdr,null);
 			try {
 				certs = Factory.toX509Certificate(bytes);
 			} catch (CertificateException e) {
@@ -62,24 +64,24 @@ public class X509ChainWithIssuer extends X509andChain {
 				}
 				if(cert==null) { // first in Trust Chain
 					issuerDN = subject.toString();
+					cert=x509; // adding each time makes sure last one is signer.
 				}
 				addTrustChainEntry(x509);
-				cert=x509; // adding each time makes sure last one is signer.
 			}
 		}
 	}
 	
 	public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
 		X509Certificate x509;
-		for(Certificate c : certs) {
-			x509=(X509Certificate)c;
+		for(int i=certs.length-1; i>=0; --i) {
+			x509=(X509Certificate)certs[i];
 			Principal subject = x509.getSubjectDN();
 			if(subject!=null) {
-				if(cert==null) { // first in Trust Chain
-					issuerDN= subject.toString();
-				}
 				addTrustChainEntry(x509);
-				cert=x509; // adding each time makes sure last one is signer.
+				if(i==0) { // last one is signer
+					cert=x509; 
+					issuerDN= subject.toString(); 
+				}
 			}
 		}
 	}