diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-10-23 17:40:47 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-10-23 17:43:09 -0500 |
commit | 9fe1153c6bad63922e026d1db86e51b95a92c6cc (patch) | |
tree | 4e48cbbbb3c9e5f1a37c6089726490ea24c601f7 | |
parent | 50245adc23b914bc627925cf8557948f25927a5b (diff) |
Client updates
Issue-ID: AAF-558
Change-Id: I2c12b3cf46924b784e3af54bb643e6341dadf165
Signed-off-by: Instrumental <jonathan.gathman@att.com>
-rw-r--r-- | auth/docker/Dockerfile.client | 2 | ||||
-rw-r--r-- | auth/docker/Dockerfile.config | 2 | ||||
-rw-r--r-- | auth/docker/aaf.sh | 12 | ||||
-rwxr-xr-x | auth/docker/dbuild.sh | 4 | ||||
-rwxr-xr-x | auth/sample/bin/client.sh | 98 | ||||
-rw-r--r-- | auth/sample/bin/service.sh | 56 | ||||
-rw-r--r-- | cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java | 4 | ||||
-rw-r--r-- | cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java | 9 | ||||
-rw-r--r-- | cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java | 24 |
9 files changed, 122 insertions, 89 deletions
diff --git a/auth/docker/Dockerfile.client b/auth/docker/Dockerfile.client index 3e61173d..c28ec24c 100644 --- a/auth/docker/Dockerfile.client +++ b/auth/docker/Dockerfile.client @@ -7,7 +7,7 @@ LABEL version=${AAF_VERSION} COPY logs /opt/app/aaf_config/logs COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh -COPY bin/aaf-cadi*full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/ COPY cert/*trust*.b64 /opt/app/aaf_config/cert/ diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config index b2f2becf..bc1eafca 100644 --- a/auth/docker/Dockerfile.config +++ b/auth/docker/Dockerfile.config @@ -13,7 +13,7 @@ COPY public /opt/app/aaf_config/public COPY CA /opt/app/aaf_config/CA COPY logs /opt/app/aaf_config/logs COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh -COPY bin/aaf-cadi-aaf-${VERSION}-full.jar /opt/app/aaf_config/bin/ +COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/ ENTRYPOINT ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"] CMD [] diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh index 29391597..f9cf1bc3 100644 --- a/auth/docker/aaf.sh +++ b/auth/docker/aaf.sh @@ -26,18 +26,6 @@ function run_it() { /bin/bash $PARAMS } -function set_prop() { - $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP setProp "$1" "$2" "$3" -} - -function encrypt_it() { - $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP encrypt "$1" "$2" -} - -function set_it() { - $DOCKER exec -t aaf_config_$USER /bin/bash /opt/app/aaf_config/bin/agent.sh NOOP setProp "$1" "$2" -} - PARAMS="$@" if [ "$PARAMS" != "" ]; then run_it -it --rm diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh index 80427cef..a170493d 100755 --- a/auth/docker/dbuild.sh +++ b/auth/docker/dbuild.sh @@ -20,7 +20,7 @@ cd - # Create the AAF Config (Security) Images cd .. -cp ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin +cp auth-cmd/target/aaf-auth-cmd-$VERSION-full.jar sample/bin cp -Rf ../conf/CA sample # AAF Config image (for AAF itself) @@ -37,7 +37,7 @@ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/$ $DOCKER tag ${ORG}/${PROJECT}/aaf_agent:${VERSION} ${DOCKER_REPOSITORY}/${ORG}/${PROJECT}/aaf_agent:latest # Clean up -rm sample/Dockerfile sample/bin/aaf-cadi-aaf-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar +rm sample/Dockerfile sample/bin/aaf-auth-cmd-${VERSION}-full.jar sample/bin/aaf-cadi-servlet-sample-${VERSION}-sample.jar rm -Rf sample/CA cd - diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh index a7095268..363e2b43 100755 --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -1,5 +1,5 @@ #!/bin/bash -# This script is run when starting aaf_config Container. +# This script is run when starting client Container. # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # JAVA=/usr/bin/java @@ -21,6 +21,11 @@ LOCAL="$OSAAF/local" DOT_AAF="$HOME/.aaf" SSO="$DOT_AAF/sso.props" +JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine" +JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$SSO org.onap.aaf.cadi.configure.Agent" +JAVA_AGENT_SELF="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/${NS}.props org.onap.aaf.cadi.configure.Agent" +JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli" + # Check for local dir if [ ! -d $LOCAL ]; then mkdir -p $LOCAL @@ -30,23 +35,24 @@ if [ ! -d $LOCAL ]; then fi # Setup Bash, first time only -if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then - echo "alias cadi='$OSAAF/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases +if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep agent $HOME/.bash_aliases)" ]; then + echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases echo "alias agent='$OSAAF/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases + echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases chmod a+x $OSAAF/bin/agent.sh . $HOME/.bash_aliases fi # Setup SSO info for Deploy ID function sso_encrypt() { - $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile + $JAVA_CADI digest ${1} $DOT_AAF/keyfile } # Create Deployer Info, located at /root/.aaf if [ ! -e "$DOT_AAF/keyfile" ]; then mkdir -p $DOT_AAF - $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile + $JAVA_CADI keygen $DOT_AAF/keyfile chmod 400 $DOT_AAF/keyfile echo cadi_latitude=${LATITUDE} > ${SSO} echo cadi_longitude=${LONGITUDE} >> ${SSO} @@ -64,30 +70,39 @@ fi # Only initialize once, automatically... if [ ! -e $LOCAL/${NS}.props ]; then - # setup Configs - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \ + echo "#### Create Configuration files " + $JAVA_AGENT config $APP_FQI \ aaf_url=https://AAF_LOCATE_URL/AAF_NS.locate:${AAF_INTERFACE_VERSION} \ cadi_etc_dir=$LOCAL cat $LOCAL/$NS.props - # Read Certificate info (by deployer) - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar read ${APP_FQI} ${APP_FQDN} \ - cadi_prop_files=${SSO} \ - cadi_etc_dir=$LOCAL - - # Place Certificates (by deployer) - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN} \ + echo + echo "#### Certificate Authorization Artifact" + TMP=$(mktemp) + $JAVA_AGENT read ${APP_FQI} ${APP_FQDN} \ cadi_prop_files=${SSO} \ - cadi_etc_dir=$LOCAL - - # Validate - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \ - cadi_prop_files=$LOCAL/${NS}.props + cadi_etc_dir=$LOCAL > $TMP + cat $TMP + echo + if [ -n "$(grep 'Namespace:' $TMP)" ]; then + echo "#### Place Certificates (by deployer)" + $JAVA_AGENT place ${APP_FQI} ${APP_FQDN} \ + cadi_prop_files=${SSO} \ + cadi_etc_dir=$LOCAL + + echo "#### Validate Configuration and Certificate with live call" + $JAVA_AGENT_SELF validate + else + echo "#### Certificate Authorization Artifact must be valid to continue" + fi + rm $TMP fi # Now run a command CMD=$2 -if [ ! "$CMD" = "" ]; then +if [ -z "$CMD" ]; then + $JAVA_AGENT +else shift shift case "$CMD" in @@ -117,20 +132,16 @@ if [ ! "$CMD" = "" ]; then ;; showpass) echo "## Show Passwords" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN} + $JAVA_AGENT showpass ${APP_FQI} ${APP_FQDN} ;; check) - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN} + $JAVA_AGENT check ${APP_FQI} ${APP_FQDN} ;; validate) echo "## validate requested" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props + $JAVA_AGENT_SELF validate ;; bash) - #if [ ! -e $HOME/bash_aliases ]; then - # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases - # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases - #fi shift cd $LOCAL || exit /bin/bash "$@" @@ -138,15 +149,20 @@ if [ ! "$CMD" = "" ]; then setProp) cd $LOCAL || exit FILES=$(grep -l "$1" ./*.props) - if [ "$FILES" = "" ]; then - FILES="$3" + if [ -z "$FILES" ]; then + if [ -z "$3" ]; then + FILES=${NS}.props + else + FILES="$3" + fi ADD=Y fi for F in $FILES; do - echo "Changing $1 in $F" if [ "$ADD" = "Y" ]; then - echo $2 >> $F + echo "Changing $1 to $F" + echo "$1=$2" >> $F else + echo "Changing $1 in $F" sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F fi cat $F @@ -172,7 +188,7 @@ if [ ! "$CMD" = "" ]; then else ORIG_PW="$2" fi - PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile) + PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/${NS}.keyfile) if [ "$ADD" = "Y" ]; then echo "$1=enc:$PWD" >> $F else @@ -202,20 +218,26 @@ if [ ! "$CMD" = "" ]; then ;; cadi) echo "--- cadi Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6 + $JAVA_CADI ;; agent) echo "--- agent Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar + $JAVA_AGENT + ;; + aafcli) + echo "--- aafcli Tool Comands ---" + $JAVA_AAFCLI ;; - sample) - echo "--- run Sample Servlet App ---" - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props esac echo "" ;; + ### Possible Dublin + # sample) + # echo "--- run Sample Servlet App ---" + # $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar:$CONFIG/bin/aaf-cadi-servlet-sample-*-sample.jar org.onap.aaf.sample.cadi.jetty.JettyStandalone ${NS}.props + # ;; *) - $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@" + $JAVA_AGENT "$CMD" "$@" ;; esac fi diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh index b810f0c5..9880e8a6 100644 --- a/auth/sample/bin/service.sh +++ b/auth/sample/bin/service.sh @@ -3,11 +3,17 @@ # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # JAVA=/usr/bin/java -LOCAL=/opt/app/osaaf/local -DATA=/opt/app/osaaf/data -PUBLIC=/opt/app/osaaf/public + +OSAAF=/opt/app/osaaf +LOCAL=$OSAAF/local +DATA=$OSAAF/data +PUBLIC=$OSAAF/public CONFIG=/opt/app/aaf_config +JAVA_CADI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar org.onap.aaf.cadi.CmdLine" +JAVA_AGENT="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.cadi.configure.Agent" +JAVA_AAFCLI="$JAVA -cp $CONFIG/bin/aaf-auth-cmd-*-full.jar -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props org.onap.aaf.auth.cmd.AAFcli" + # If doesn't exist... still create mkdir -p /opt/app/osaaf @@ -15,9 +21,10 @@ mkdir -p /opt/app/osaaf FILE= # Setup Bash, first time only -if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then - echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases +if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep cadi $HOME/.bash_aliases)" ]; then + echo "alias cadi='$JAVA_CADI \$*'" >>$HOME/.bash_aliases echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases + echo "alias aafcli='$JAVA_AAFCLI \$*'" >>$HOME/.bash_aliases chmod a+x $CONFIG/bin/agent.sh . $HOME/.bash_aliases fi @@ -95,7 +102,8 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then cat $TMP - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \ + $JAVA_AGENT config \ + aaf@aaf.osaaf.org \ cadi_etc_dir=$LOCAL \ cadi_prop_files=$CONFIG/local/initialConfig.props:$CONFIG/local/aaf.props:${TMP} rm ${TMP} @@ -103,7 +111,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then # Cassandra Config stuff # Default is expect a Cassandra on same Node CASS_HOST=${CASS_HOST:="aaf_cass"} - CASS_PASS=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile) + CASS_PASS=$($JAVA_CADI digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile) CASS_NAME=${CASS_HOST/:*/} sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTERS:=$CASS_HOST}/" \ -e "s/\\(cassandra.clusters.user=\\).*/\\1${CASSANDRA_USER:=cassandra}/" \ @@ -113,7 +121,7 @@ if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then if [ -n "$CM_CA_LOCAL" ]; then if [ -n "$CM_CA_PASS" ]; then - CM_CA_LOCAL=$CM_CA_LOCAL$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile) + CM_CA_LOCAL=$CM_CA_LOCAL$($JAVA_CADI digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile) fi # Move and copy method, rather than sed, because of slashes in CM_CA_LOCAL makes too complex FILE=$LOCAL/org.osaaf.aaf.cm.ca.props @@ -127,7 +135,9 @@ fi # Now run a command CMD=$2 -if [ ! "$CMD" = "" ]; then +if [ -z "$CMD" ]; then + $JAVA_AGENT +else shift shift case "$CMD" in @@ -158,7 +168,7 @@ if [ ! "$CMD" = "" ]; then ;; validate) echo "## validate requested" - $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=$LOCAL/org.osaaf.aaf.props + $JAVA_AAFCLI perm list user aaf@aaf.osaaf.org ;; onap) echo Initializing ONAP configurations. @@ -171,17 +181,21 @@ if [ ! "$CMD" = "" ]; then setProp) cd $LOCAL || exit FILES=$(grep -l "$1" ./*.props) - if [ "$FILES" = "" ]; then - FILES="$3" + if [ -z "$FILES" ]; then + if [ -z "$3" ]; then + FILES=org.osaaf.aaf.props + else + FILES="$3" + fi ADD=Y fi for F in $FILES; do - echo "Changing $1 in $F" if [ "$ADD" = "Y" ]; then + echo "Changing $1 to $F" echo "$1=$2" >> $F else - VALUE=${2//\//\\\/} - sed -i.backup -e "s/\(${1}=\).*/\1${VALUE}/" $F + echo "Changing $1 in $F" + sed -i.backup -e "s/\\(${1}.*=\\).*/\\1${2}/" $F fi cat $F done @@ -206,7 +220,7 @@ if [ ! "$CMD" = "" ]; then else ORIG_PW="$2" fi - PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile) + PWD=$($JAVA_CADI digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile) if [ "$ADD" = "Y" ]; then echo "$1=enc:$PWD" >> $F else @@ -236,17 +250,21 @@ if [ ! "$CMD" = "" ]; then ;; cadi) echo "--- cadi Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6 + $JAVA_CADI ;; agent) echo "--- agent Tool Comands ---" - $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar + $JAVA_AGENT + ;; + aafcli) + echo "--- aafcli Tool Comands ---" + $JAVA_AAFCLI ;; esac echo "" ;; *) - $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@" + $JAVA_AGENT "$CMD" "$@" cadi_prop_files=$LOCAL/org.osaaf.aaf.props ;; esac fi diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java index f4651eca..3facc930 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java @@ -146,7 +146,7 @@ public class Agent { public Properties process(String[] args, Properties props) { if (args.length>1) { if (!args[0].equals("keypairgen")) { - props.put("aaf_id", args[1]); + props.put(Config.AAF_APPID, args[1]); } } return props; @@ -758,7 +758,7 @@ public class Agent { cred.addEnc(Config.AAF_APPPASS, pa, null); app.add(Config.AAF_LOCATE_URL, pa, null); - app.add(Config.AAF_APPID, pa, fqi); + app.add(Config.AAF_APPID, fqi); app.add(Config.AAF_URL, pa, Defaults.AAF_URL); String cts = pa.getProperty(Config.CADI_TRUSTSTORE); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java index 4525b8da..7256af40 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java @@ -50,7 +50,8 @@ public class PlaceArtifactInKeystore extends ArtifactDir { @Override public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException { - File fks = new File(dir,arti.getNs()+'.'+(kst==Agent.PKCS12?"p12":kst)); + final String ext = (kst==Agent.PKCS12?"p12":kst); + File fks = new File(dir,arti.getNs()+'.'+ext); try { KeyStore jks = KeyStore.getInstance(kst); if (fks.exists()) { @@ -86,7 +87,11 @@ public class PlaceArtifactInKeystore extends ArtifactDir { // Set Keystore Password props.add(Config.CADI_KEYSTORE,fks.getAbsolutePath()); String keystorePass = Symm.randomGen(Agent.PASS_SIZE); - props.addEnc(Config.CADI_KEYSTORE_PASSWORD,keystorePass); + String encP = props.addEnc(Config.CADI_KEYSTORE_PASSWORD,keystorePass); + // Since there are now more than one Keystore type, the keystore password property might + // be overwritten, making the store useless without key. So we write it specifically + // as well. + props.add(Config.CADI_KEYSTORE_PASSWORD+'_'+ext,encP); char[] keystorePassArray = keystorePass.toCharArray(); jks.load(null,keystorePassArray); // load in diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java index 7feacb89..0f9666ca 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PropHolder.java @@ -31,7 +31,6 @@ import java.util.TreeMap; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.Symm; -import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.util.Chmod; import org.onap.aaf.misc.env.util.Chrono; @@ -93,27 +92,28 @@ public class PropHolder { return keyfile.getAbsolutePath(); } - public void add(final String tag, final String value) { - if(value==null) { - props.put(tag,""); - } else { - props.put(tag, value); - } + public String add(final String tag, final String value) { + final String rv = value==null?"":value; + props.put(tag, rv); + return rv; } - public void add(final String tag, Access orig, final String def) { - add(tag, orig.getProperty(tag, def)); + public String add(final String tag, Access orig, final String def) { + return add(tag, orig.getProperty(tag, def)); } - public void addEnc(final String tag, final String value) throws IOException { + public String addEnc(final String tag, final String value) throws IOException { + String rv; if(value==null) { - props.put(tag,""); + rv = ""; } else { if(symm==null) { // Lazy Instantiations... on a few PropFiles have Security symm = ArtifactDir.getSymm(keyfile); } - props.put(tag, "enc:"+symm.enpass(value)); + rv = "enc:"+symm.enpass(value); } + props.put(tag, rv); + return rv; } public void addEnc(final String tag, Access orig, final String def) throws IOException { |