2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.cadi.configure;
25 import java.io.FileOutputStream;
26 import java.io.FileWriter;
27 import java.io.IOException;
28 import java.io.PrintStream;
29 import java.io.PrintWriter;
30 import java.security.KeyStore;
31 import java.util.ArrayList;
32 import java.util.HashMap;
33 import java.util.List;
36 import org.onap.aaf.cadi.CadiException;
37 import org.onap.aaf.cadi.Symm;
38 import org.onap.aaf.cadi.config.Config;
39 import org.onap.aaf.cadi.util.Chmod;
40 import org.onap.aaf.misc.env.Trans;
41 import org.onap.aaf.misc.env.util.Chrono;
43 import certman.v1_0.Artifacts.Artifact;
44 import certman.v1_0.CertInfo;
46 public abstract class ArtifactDir implements PlaceArtifact {
48 protected static final String C_R = "\n";
50 private List<String> encodeds = new ArrayList<>();
53 // This checks for multiple passes of Dir on the same objects. Run clear after done.
54 protected static Map<String,Object> processed = new HashMap<>();
58 * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and
59 * then "placeProperties(arti)" just after they implement
62 public final boolean place(Trans trans, CertInfo certInfo, Artifact arti, String machine) throws CadiException {
66 // Obtain/setup directory as required
67 dir = new File(arti.getDir());
68 if(processed.get("dir")==null) {
70 Chmod.to755.chmod(dir);
72 throw new CadiException("Could not create " + dir);
76 // Also place cm_url and Host Name
77 addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));
78 // addProperty(Config.HOSTNAME,machine);
79 // addProperty(Config.AAF_ENV,certInfo.getEnv());
82 StringBuilder issuers = new StringBuilder();
83 for(String dn : certInfo.getCaIssuerDNs()) {
91 addProperty(Config.CADI_X509_ISSUERS,issuers.toString());
93 symm = (Symm)processed.get("symm");
96 File f = new File(dir,arti.getNs() + ".keyfile");
98 write(f,Chmod.to400,Symm.keygen());
100 symm = Symm.obtain(f);
102 addEncProperty("ChallengePassword", certInfo.getChallenge());
104 processed.put("symm",symm);
107 _place(trans, certInfo,arti);
109 placeProperties(arti);
111 processed.put("dir",dir);
113 } catch (Exception e) {
114 throw new CadiException(e);
120 * Derived Classes implement this instead, so Dir can process first, and write any Properties last
124 * @throws CadiException
126 protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;
128 protected void addProperty(String tag, String value) throws IOException {
129 StringBuilder sb = new StringBuilder();
133 encodeds.add(sb.toString());
136 protected void addEncProperty(String tag, String value) throws IOException {
137 StringBuilder sb = new StringBuilder();
141 sb.append(symm.enpass(value));
142 encodeds.add(sb.toString());
145 public static void write(File f, Chmod c, String ... data) throws IOException {
146 f.setWritable(true,true);
148 FileOutputStream fos = new FileOutputStream(f);
149 PrintStream ps = new PrintStream(fos);
151 for(String s : data) {
160 public static void write(File f, Chmod c, byte[] bytes) throws IOException {
161 f.setWritable(true,true);
163 FileOutputStream fos = new FileOutputStream(f);
172 public static void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {
173 f.setWritable(true,true);
175 FileOutputStream fos = new FileOutputStream(f);
178 } catch (Exception e) {
179 throw new CadiException(e);
187 private void validate(Artifact a) throws CadiException {
188 StringBuilder sb = new StringBuilder();
189 if(a.getDir()==null) {
190 sb.append("File Artifacts require a path");
193 if(a.getNs()==null) {
197 sb.append("File Artifacts require an AAF Namespace");
201 throw new CadiException(sb.toString());
205 private boolean placeProperties(Artifact arti) throws CadiException {
206 if(encodeds.size()==0) {
209 boolean first=processed.get("dir")==null;
211 File f = new File(dir,arti.getNs()+".cred.props");
214 File backup = File.createTempFile(f.getName()+'.', ".backup",dir);
221 // Append if not first
222 PrintWriter pw = new PrintWriter(new FileWriter(f,!first));
226 for(int i=0;i<60;++i) {
230 pw.println("# Properties Generated by AT&T Certificate Manager");
232 pw.println(System.getProperty("user.name"));
234 pw.println(Chrono.dateStamp());
235 pw.println("# @copyright 2016, AT&T");
236 for(int i=0;i<60;++i) {
240 for(String prop : encodeds) {
241 if( prop.startsWith("cm_")
242 || prop.startsWith(Config.HOSTNAME)
243 || prop.startsWith(Config.AAF_ENV)) {
249 for(String prop : encodeds) {
250 if(prop.startsWith("cadi")) {
257 Chmod.to644.chmod(f);
261 f = new File(dir,arti.getNs()+".chal");
265 pw = new PrintWriter(new FileWriter(f));
267 for(String prop : encodeds) {
268 if(prop.startsWith("Challenge")) {
275 Chmod.to400.chmod(f);
277 } catch(Exception e) {
278 throw new CadiException(e);
283 public static void clear() {
Code Review / aaf / authz.git / blob