summaryrefslogtreecommitdiffstats
path: root/auth
diff options
context:
space:
mode:
authorJonathan Gathman <jonathan.gathman@att.com>2018-04-04 02:43:25 +0000
committerGerrit Code Review <gerrit@onap.org>2018-04-04 02:43:25 +0000
commitc36423577d5b8501af78cc2f8a7db1e43eacdf0d (patch)
treefc00bf6c20424b51c2c5d115254944c484ebd86a /auth
parentabf7c0e407c97250c07d408c314c5aa1c757263e (diff)
parent54944fe6c6371e73fb01d3a5a0131d5fb5d6ee36 (diff)
Merge "pkcs11 key/cert import for CA use"
Diffstat (limited to 'auth')
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java14
1 files changed, 11 insertions, 3 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
index 70f67940..cd8886da 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
@@ -126,19 +126,21 @@ public class LocalCA extends CA {
try {
Provider p;
KeyStore keyStore;
+ FileInputStream fis = null;
if(fileName.endsWith(".pkcs11")) {
String ksType;
p = Factory.getSecurityProvider(ksType="PKCS11",params);
keyStore = KeyStore.getInstance(ksType,p);
} else if(fileName.endsWith(".jks")) {
keyStore = KeyStore.getInstance("JKS");
+ fis = new FileInputStream(f);
} else if(fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) {
keyStore = KeyStore.getInstance("PKCS12");
+ fis = new FileInputStream(f);
} else {
throw new CertException("Unknown Keystore type from filename " + fileName);
}
- FileInputStream fis = new FileInputStream(f);
KeyStore.ProtectionParameter keyPass;
try {
@@ -152,9 +154,15 @@ public class LocalCA extends CA {
keyStore.load(fis,ksPass);
} finally {
- fis.close();
+ if (fis != null)
+ fis.close();
+ }
+ Entry entry;
+ if(fileName.endsWith(".pkcs11")) {
+ entry = keyStore.getEntry(params[0][1]/*alias*/, null);
+ } else {
+ entry = keyStore.getEntry(params[0][1]/*alias*/, keyPass);
}
- Entry entry = keyStore.getEntry(params[0][1]/*alias*/, keyPass);
if(entry==null) {
throw new CertException("There is no Keystore entry with name '" + params[0][1] +'\'');
}