2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.cm;
25 import java.io.FileOutputStream;
26 import java.io.FileWriter;
27 import java.io.IOException;
28 import java.io.PrintStream;
29 import java.io.PrintWriter;
30 import java.security.KeyStore;
31 import java.util.ArrayList;
32 import java.util.HashMap;
33 import java.util.List;
36 import org.onap.aaf.cadi.CadiException;
37 import org.onap.aaf.cadi.Symm;
38 import org.onap.aaf.cadi.config.Config;
39 import org.onap.aaf.cadi.util.Chmod;
40 import org.onap.aaf.misc.env.Trans;
41 import org.onap.aaf.misc.env.util.Chrono;
43 import certman.v1_0.Artifacts.Artifact;
44 import certman.v1_0.CertInfo;
46 public abstract class ArtifactDir implements PlaceArtifact {
48 protected static final String C_R = "\n";
50 private List<String> encodeds = new ArrayList<String>();
53 // This checks for multiple passes of Dir on the same objects. Run clear after done.
54 protected static Map<String,Object> processed = new HashMap<String,Object>();
58 * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and
59 * then "placeProperties(arti)" just after they implement
62 public final boolean place(Trans trans, CertInfo certInfo, Artifact arti, String machine) throws CadiException {
66 // Obtain/setup directory as required
67 dir = new File(arti.getDir());
68 if(processed.get("dir")==null) {
70 Chmod.to755.chmod(dir);
72 throw new CadiException("Could not create " + dir);
76 // Also place cm_url and Host Name
77 addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));
78 addProperty(Config.HOSTNAME,machine);
79 addProperty(Config.AAF_ENV,certInfo.getEnv());
82 StringBuilder issuers = new StringBuilder();
83 for(String dn : certInfo.getCaIssuerDNs()) {
91 addProperty(Config.CADI_X509_ISSUERS,issuers.toString());
93 symm = (Symm)processed.get("symm");
96 File f = new File(dir,arti.getNs() + ".keyfile");
98 write(f,Chmod.to400,Symm.keygen());
100 symm = Symm.obtain(f);
102 addEncProperty("ChallengePassword", certInfo.getChallenge());
104 processed.put("symm",symm);
107 _place(trans, certInfo,arti);
109 placeProperties(arti);
111 processed.put("dir",dir);
113 } catch (Exception e) {
114 throw new CadiException(e);
120 * Derived Classes implement this instead, so Dir can process first, and write any Properties last
124 * @throws CadiException
126 protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;
128 protected void addProperty(String tag, String value) throws IOException {
129 StringBuilder sb = new StringBuilder();
133 encodeds.add(sb.toString());
136 protected void addEncProperty(String tag, String value) throws IOException {
137 StringBuilder sb = new StringBuilder();
141 sb.append(symm.enpass(value));
142 encodeds.add(sb.toString());
145 protected void write(File f, Chmod c, String ... data) throws IOException {
146 f.setWritable(true,true);
148 FileOutputStream fos = new FileOutputStream(f);
149 PrintStream ps = new PrintStream(fos);
151 for(String s : data) {
160 protected void write(File f, Chmod c, byte[] bytes) throws IOException {
161 f.setWritable(true,true);
163 FileOutputStream fos = new FileOutputStream(f);
172 protected void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {
173 f.setWritable(true,true);
175 FileOutputStream fos = new FileOutputStream(f);
178 } catch (Exception e) {
179 throw new CadiException(e);
187 private void validate(Artifact a) throws CadiException {
188 StringBuilder sb = new StringBuilder();
189 if(a.getDir()==null) {
190 sb.append("File Artifacts require a path");
193 if(a.getNs()==null) {
197 sb.append("File Artifacts require an AAF Namespace");
201 throw new CadiException(sb.toString());
205 private boolean placeProperties(Artifact arti) throws CadiException {
206 if(encodeds.size()==0) {
209 boolean first=processed.get("dir")==null;
211 File f = new File(dir,arti.getNs()+".props");
219 // Append if not first
220 PrintWriter pw = new PrintWriter(new FileWriter(f,!first));
224 for(int i=0;i<60;++i) {
228 pw.println("# Properties Generated by AT&T Certificate Manager");
230 pw.println(System.getProperty("user.name"));
232 pw.println(Chrono.dateStamp());
233 pw.println("# @copyright 2016, AT&T");
234 for(int i=0;i<60;++i) {
238 for(String prop : encodeds) {
239 if( prop.startsWith("cm_")
240 || prop.startsWith(Config.HOSTNAME)
241 || prop.startsWith(Config.AAF_ENV)) {
248 for(String prop : encodeds) {
249 if(prop.startsWith("cadi")) {
256 Chmod.to644.chmod(f);
260 f = new File(dir,arti.getNs()+".chal");
264 pw = new PrintWriter(new FileWriter(f));
266 for(String prop : encodeds) {
267 if(prop.startsWith("Challenge")) {
274 Chmod.to400.chmod(f);
276 } catch(Exception e) {
277 throw new CadiException(e);
282 public static void clear() {
Code Review / aaf / authz.git / blob