* org.onap.aaf
* ===========================================================================
* Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ *
+ * Modifications Copyright (C) 2019 IBM.
* ===========================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
}
public X500Name x500Name() {
- if(name==null) {
+ if (name==null) {
X500NameBuilder xnb = new X500NameBuilder();
xnb.addRDN(BCStyle.CN,cn);
- xnb.addRDN(BCStyle.E,email);
- if(mechID!=null) {
- if(environment==null) {
+ // Add as Subject Alternate Name, email
+ // xnb.addRDN(BCStyle.E,email);
+ if (mechID!=null) {
+ if (environment==null) {
xnb.addRDN(BCStyle.OU,mechID);
} else {
xnb.addRDN(BCStyle.OU,mechID+':'+environment);
}
}
- for(RDN rdn : rdns) {
+ for (RDN rdn : rdns) {
xnb.addRDN(rdn.aoi,rdn.value);
}
name = xnb.build();
}
return name;
}
-
-
+
+
public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException {
PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic());
- if(challenge!=null) {
+ if (challenge!=null) {
DERPrintableString password = new DERPrintableString(challenge);
builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password);
}
-
+
int plus = email==null?0:1;
- if(!sanList.isEmpty()) {
+ if (!sanList.isEmpty()) {
GeneralName[] gna = new GeneralName[sanList.size()+plus];
int i=-1;
- for(String s : sanList) {
+ for (String s : sanList) {
gna[++i]=new GeneralName(GeneralName.dNSName,s);
}
gna[++i]=new GeneralName(GeneralName.rfc822Name,email);
-
+
builder.addAttribute(
PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
new Extensions(new Extension[] {
throw new CertException(e);
}
}
-
+
@SuppressWarnings("deprecation")
public static void dump(PKCS10CertificationRequest csr) {
Attribute[] certAttributes = csr.getAttributes();
Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0));
GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName);
GeneralName[] names = gns.getNames();
- for(int k=0; k < names.length; k++) {
+ for (int k=0; k < names.length; k++) {
String title = "";
- if(names[k].getTagNo() == GeneralName.dNSName) {
+ if (names[k].getTagNo() == GeneralName.dNSName) {
title = "dNSName";
- } else if(names[k].getTagNo() == GeneralName.iPAddress) {
+ } else if (names[k].getTagNo() == GeneralName.iPAddress) {
title = "iPAddress";
// Deprecated, but I don't see anything better to use.
names[k].toASN1Object();
- } else if(names[k].getTagNo() == GeneralName.otherName) {
+ } else if (names[k].getTagNo() == GeneralName.otherName) {
title = "otherName";
- } else if(names[k].getTagNo() == GeneralName.rfc822Name) {
+ } else if (names[k].getTagNo() == GeneralName.rfc822Name) {
title = "email";
}
}
}
}
-
- public X509Certificate initialConversationCert(Trans trans) throws IOException, CertificateException, OperatorCreationException {
+
+ public X509Certificate initialConversationCert(Trans trans) throws CertificateException, OperatorCreationException {
GregorianCalendar gc = new GregorianCalendar();
Date start = gc.getTime();
gc.add(GregorianCalendar.DAY_OF_MONTH,2);
public KeyPair keypair(Trans trans) {
- if(keyPair == null) {
+ if (keyPair == null) {
keyPair = Factory.generateKeyPair(trans);
}
return keyPair;
public void environment(String env) {
environment = env;
}
-
+
/**
- *
+ *
* @return
*/
public String environment() {
return environment;
}
-
+
/**
* @return the mechID
*/
public void challenge(String challenge) {
this.challenge = challenge;
}
-
+
}
Code Review / aaf / authz.git / blobdiff