From: Jonathan Gathman <jonathan.gathman@att.com>
Date: Thu, 5 Apr 2018 22:56:09 +0000 (+0000)
Subject: Merge "Modify cadi & misc versions in authz"
X-Git-Tag: v2.1.0~5
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=aaf%2Fauthz.git;a=commitdiff_plain;h=d9b65e866ed666c3b538203da5bb3d05ba758417;hp=c83c633d7a5f8ae8a7f84a15e3824c46ced305fe

Merge "Modify cadi & misc versions in authz"
---

diff --git a/auth/docker/Dockerfile b/auth/docker/Dockerfile
index 7dee2eb7..60414de0 100644
--- a/auth/docker/Dockerfile
+++ b/auth/docker/Dockerfile
@@ -5,6 +5,10 @@ ENV VERSION=${AAF_VERSION}
 LABEL description="aaf ${AAF_COMPONENT}"
 LABEL version=${AAF_VERSION}
 
+RUN apt-get update
+RUN apt-get install -y softhsm2
+RUN apt-get install -y libsofthsm2
+RUN apt-get install -y opensc
 
 COPY lib /opt/app/aaf/${AAF_COMPONENT}/lib
 COPY theme /opt/app/aaf/${AAF_COMPONENT}/theme
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
index e969fab3..b7c085b0 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/cm/Factory.java
@@ -60,6 +60,8 @@ import java.security.spec.X509EncodedKeySpec;
 import java.util.Collection;
 import java.util.List;
 
+import sun.security.pkcs11.SunPKCS11;
+
 import javax.crypto.Cipher;
 import javax.crypto.NoSuchPaddingException;
 
@@ -458,28 +460,24 @@ public class Factory {
 	 * @throws CertException
 	 */
 	public static synchronized Provider getSecurityProvider(String providerType, String[][] params) throws CertException {
-		Provider p = Security.getProvider(providerType);
-		if(p!=null) {
-			switch(providerType) {
-				case "PKCS12":
-					
-					break;
-				case "PKCS11": // PKCS11 only known to be supported by Sun
-					try {
-						Class<?> clsSunPKCS11 = Class.forName("sun.security.pkcs11.SunPKCS11");
-						Constructor<?> cnst = clsSunPKCS11.getConstructor(String.class);
-						Object sunPKCS11 = cnst.newInstance(params[0][0]);
-						if (sunPKCS11==null) {
-							throw new CertException("SunPKCS11 Provider cannot be constructed for " + params[0][0]);
-						}
-						Security.addProvider((Provider)sunPKCS11);
-					} catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
-						throw new CertException(e);
+		Provider p = null;
+		switch(providerType) {
+			case "PKCS12":
+				p = Security.getProvider(providerType);
+				break;
+			case "PKCS11": // PKCS11 only known to be supported by Sun
+				try {
+					p = new SunPKCS11(params[0][0]);
+					if (p==null) {
+						throw new CertException("SunPKCS11 Provider cannot be constructed for " + params[0][0]);
 					}
-					break;
-				default:
-					throw new CertException(providerType + " is not a known Security Provider for your JDK.");
-			}
+					Security.addProvider(p);
+				} catch (SecurityException | IllegalArgumentException e) {
+					throw new CertException(e);
+				}
+				break;
+			default:
+				throw new CertException(providerType + " is not a known Security Provider for your JDK.");
 		}
 		return p;
 	}