auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java

   1 /**
   2  * ============LICENSE_START====================================================
   3  * org.onap.aaf
   4  * ===========================================================================
   5  * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
   6  * ===========================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ============LICENSE_END====================================================
  19  *
  20  */
  21 package org.onap.aaf.auth.cm.ca;
  22
  23 import java.io.IOException;
  24 import java.io.Reader;
  25 import java.security.Principal;
  26 import java.security.cert.Certificate;
  27 import java.security.cert.CertificateException;
  28 import java.security.cert.X509Certificate;
  29 import java.util.Collection;
  30 import java.util.List;
  31
  32 import org.onap.aaf.cadi.configure.CertException;
  33 import org.onap.aaf.cadi.configure.Factory;
  34
  35 public class X509ChainWithIssuer extends X509andChain {
  36         private String issuerDN;
  37         public X509Certificate caX509;
  38
  39         public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) throws IOException, CertException {
  40                 super(x509,orig.trustChain);
  41                 issuerDN=orig.issuerDN;
  42         }
  43
  44         public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
  45                 // Trust Chain.  Last one should be the CA
  46                 Collection<? extends Certificate> certs;
  47                 X509Certificate x509;
  48                 for(Reader rdr : rdrs) {
  49                         if(rdr==null) { // cover for badly formed array
  50                                 continue;
  51                         }
  52
  53                         byte[] bytes = Factory.decode(rdr,null);
  54                         try {
  55                                 certs = Factory.toX509Certificate(bytes);
  56                         } catch (CertificateException e) {
  57                                 throw new CertException(e);
  58                         }
  59                         for(Certificate c : certs) {
  60                                 x509=(X509Certificate)c;
  61                                 Principal subject = x509.getSubjectDN();
  62                                 if(subject==null) {
  63                                         continue;
  64                                 }
  65                                 if(cert==null) { // first in Trust Chain
  66                                         issuerDN = subject.toString();
  67                                         cert=x509; // adding each time makes sure last one is signer.
  68                                 }
  69                                 addTrustChainEntry(x509);
  70                         }
  71                 }
  72         }
  73
  74         public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
  75                 X509Certificate x509;
  76                 for(int i=certs.length-1; i>=0; --i) {
  77                         x509=(X509Certificate)certs[i];
  78                         Principal subject = x509.getSubjectDN();
  79                         if(subject!=null) {
  80                                 addTrustChainEntry(x509);
  81                                 if(i==0) { // last one is signer
  82                                         cert=x509;
  83                                         issuerDN= subject.toString();
  84                                 }
  85                         }
  86                 }
  87         }
  88
  89         public String getIssuerDN() {
  90                 return issuerDN;
  91         }
  92
  93 }