2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.configure;
25 import java.io.FileOutputStream;
26 import java.io.FileWriter;
27 import java.io.IOException;
28 import java.io.PrintStream;
29 import java.io.PrintWriter;
30 import java.security.KeyStore;
31 import java.util.ArrayList;
32 import java.util.Date;
33 import java.util.HashMap;
34 import java.util.List;
37 import org.onap.aaf.cadi.CadiException;
38 import org.onap.aaf.cadi.Symm;
39 import org.onap.aaf.cadi.config.Config;
40 import org.onap.aaf.cadi.util.Chmod;
41 import org.onap.aaf.misc.env.Trans;
42 import org.onap.aaf.misc.env.util.Chrono;
44 import certman.v1_0.Artifacts.Artifact;
45 import certman.v1_0.CertInfo;
47 public abstract class ArtifactDir implements PlaceArtifact {
49 protected static final String C_R = "\n";
51 private List<String> encodeds = new ArrayList<>();
54 // This checks for multiple passes of Dir on the same objects. Run clear after done.
55 protected static Map<String,Object> processed = new HashMap<>();
59 * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and
60 * then "placeProperties(arti)" just after they implement
63 public final boolean place(Trans trans, CertInfo certInfo, Artifact arti, String machine) throws CadiException {
67 // Obtain/setup directory as required
68 dir = new File(arti.getDir());
69 if(processed.get("dir")==null) {
71 Chmod.to755.chmod(dir);
73 throw new CadiException("Could not create " + dir);
77 // Also place cm_url and Host Name
78 addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));
79 // addProperty(Config.HOSTNAME,machine);
80 // addProperty(Config.AAF_ENV,certInfo.getEnv());
83 StringBuilder issuers = new StringBuilder();
84 for(String dn : certInfo.getCaIssuerDNs()) {
92 addProperty(Config.CADI_X509_ISSUERS,issuers.toString());
94 symm = (Symm)processed.get("symm");
97 File f = new File(dir,arti.getNs() + ".keyfile");
99 write(f,Chmod.to400,Symm.keygen());
101 symm = Symm.obtain(f);
103 addEncProperty("ChallengePassword", certInfo.getChallenge());
105 processed.put("symm",symm);
108 _place(trans, certInfo,arti);
110 placeProperties(arti);
112 processed.put("dir",dir);
114 } catch (Exception e) {
115 throw new CadiException(e);
121 * Derived Classes implement this instead, so Dir can process first, and write any Properties last
125 * @throws CadiException
127 protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;
129 protected void addProperty(String tag, String value) throws IOException {
130 StringBuilder sb = new StringBuilder();
134 encodeds.add(sb.toString());
137 protected void addEncProperty(String tag, String value) throws IOException {
138 StringBuilder sb = new StringBuilder();
142 sb.append(symm.enpass(value));
143 encodeds.add(sb.toString());
146 protected void write(File f, Chmod c, String ... data) throws IOException {
147 f.setWritable(true,true);
149 FileOutputStream fos = new FileOutputStream(f);
150 PrintStream ps = new PrintStream(fos);
152 for(String s : data) {
161 protected void write(File f, Chmod c, byte[] bytes) throws IOException {
162 f.setWritable(true,true);
164 FileOutputStream fos = new FileOutputStream(f);
173 protected void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {
174 f.setWritable(true,true);
176 FileOutputStream fos = new FileOutputStream(f);
179 } catch (Exception e) {
180 throw new CadiException(e);
188 private void validate(Artifact a) throws CadiException {
189 StringBuilder sb = new StringBuilder();
190 if(a.getDir()==null) {
191 sb.append("File Artifacts require a path");
194 if(a.getNs()==null) {
198 sb.append("File Artifacts require an AAF Namespace");
202 throw new CadiException(sb.toString());
206 private boolean placeProperties(Artifact arti) throws CadiException {
207 if(encodeds.size()==0) {
210 boolean first=processed.get("dir")==null;
212 File f = new File(dir,arti.getNs()+".cred.props");
215 File backup = File.createTempFile(f.getName()+'.', ".backup",dir);
222 // Append if not first
223 PrintWriter pw = new PrintWriter(new FileWriter(f,!first));
227 for(int i=0;i<60;++i) {
231 pw.println("# Properties Generated by AT&T Certificate Manager");
233 pw.println(System.getProperty("user.name"));
235 pw.println(Chrono.dateStamp());
236 pw.println("# @copyright 2016, AT&T");
237 for(int i=0;i<60;++i) {
241 for(String prop : encodeds) {
242 if( prop.startsWith("cm_")
243 || prop.startsWith(Config.HOSTNAME)
244 || prop.startsWith(Config.AAF_ENV)) {
250 for(String prop : encodeds) {
251 if(prop.startsWith("cadi")) {
258 Chmod.to644.chmod(f);
262 f = new File(dir,arti.getNs()+".chal");
266 pw = new PrintWriter(new FileWriter(f));
268 for(String prop : encodeds) {
269 if(prop.startsWith("Challenge")) {
276 Chmod.to400.chmod(f);
278 } catch(Exception e) {
279 throw new CadiException(e);
284 public static void clear() {
Code Review / aaf / authz.git / blob