Agent correctly sort Cert Chain/Truststore

GUI fix Issue-ID: AAF-852 Change-Id: Ie703b7aee0a77074fac5c1aab3bdf402862243ac Signed-off-by: Instrumental <jonathan.gathman@att.com>
author: Instrumental <jonathan.gathman@att.com> 2019-06-06 19:33:19 -0500
committer: Instrumental <jonathan.gathman@att.com> 2019-06-08 09:24:31 -0500
commit: 355b886d817295d2bca5af28f01576bf4a3ded18 (patch)
tree: 354ac6cb61ebc5f5eba23d2e1720c45771968caa /cadi/core/src/main
parent: fbcac9be97567ca19b1018861d1ab37d2dea769f (diff)
2 files changed, 48 insertions, 8 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 66fbe847..38afa629 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -157,6 +157,7 @@ public class Config {
     public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
     public static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
     public static final String AAF_DEFAULT_API_VERSION = "2.1";
+    public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version";
     public static final String AAF_API_VERSION = "aaf_api_version";
     public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration   
     public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
@@ -219,8 +220,8 @@ public class Config {
     public static final String AAF_CERT_IDS = "aaf_cert_ids";
     public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
     public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
-    public static final String AAF_RELEASE = "aaf_release";
 
+    public static final String AAF_URL_OAUTH = "aaf_url_oauth";
     public static final String AAF_URL_GUI="aaf_url_gui";
     public static final String AAF_URL_FS="aaf_url_fs";
     public static final String AAF_URL_CM = "aaf_url_cm";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
index 285c45ec..5d1d23fa 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
@@ -91,12 +91,6 @@ public class SecurityInfo {
             this.access = access;
             // reuse DME2 Properties for convenience if specific Properties don't exist
             
-            msgHelp = String.format(INITIALIZING_ERR_FMT,"Keystore", access.getProperty(Config.CADI_KEYSTORE, ""));
-            initializeKeyManager();
-            
-            msgHelp = String.format(INITIALIZING_ERR_FMT,"Truststore", access.getProperty(Config.CADI_TRUSTSTORE, ""));
-            initializeTrustManager();
-            
             String str = access.getProperty(Config.CADI_ALIAS, null);
             if(str==null || str.isEmpty()) {
             	defaultAlias = null;
@@ -113,7 +107,14 @@ public class SecurityInfo {
             } else {
             	defaultClientAlias = str;
             }
+
+            msgHelp = String.format(INITIALIZING_ERR_FMT,"Keystore", access.getProperty(Config.CADI_KEYSTORE, ""));
+            initializeKeyManager();
             
+            msgHelp = String.format(INITIALIZING_ERR_FMT,"Truststore", access.getProperty(Config.CADI_TRUSTSTORE, ""));
+            initializeTrustManager();
+            
+
             msgHelp = String.format(INITIALIZING_ERR_FMT,"Trustmasks", access.getProperty(Config.CADI_TRUST_MASKS, ""));
             initializeTrustMasks();
 
@@ -239,13 +240,51 @@ public class SecurityInfo {
                 }
             }
         }
+        
+        StringBuilder sb = null;
         for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
             if (keyManager instanceof X509KeyManager) {
-                keyManagers.add((X509KeyManager)keyManager);
+            	X509KeyManager xkm = (X509KeyManager)keyManager;
+                keyManagers.add(xkm);
+                if(defaultAlias!=null) {
+                	sb=new StringBuilder("X509 Chain\n");
+                	x509Info(sb,xkm.getCertificateChain(defaultAlias));
+                }
+                if(defaultClientAlias!=null && !defaultClientAlias.equals(defaultAlias)) {
+                	if(sb==null) {
+                		sb = new StringBuilder();
+                	} else {
+                		sb.append('\n');
+                	}
+                	sb.append("X509 Client Chain\n");
+                	x509Info(sb,xkm.getCertificateChain(defaultAlias));
+                }
             }
         }
         x509KeyManager = new X509KeyManager[keyManagers.size()];
         keyManagers.toArray(x509KeyManager);
+        
+        if(sb!=null) {
+        	access.log(Level.INIT, sb);
+        }
+    }
+    
+    private void x509Info(StringBuilder sb, X509Certificate[] chain) {
+    	if(chain!=null) {
+    		int i=0;
+    		for(X509Certificate x : chain) {
+    			sb.append("  ");
+    			sb.append(i++);
+    			sb.append(')');
+    			sb.append("\n    Subject: ");
+    			sb.append(x.getSubjectDN());
+    			sb.append("\n    Issuer : ");
+    			sb.append(x.getIssuerDN());
+    			sb.append("\n    Expires: ");
+    			sb.append(x.getNotAfter());
+    			sb.append('\n');
+    		}
+    	}
     }
 
     protected void initializeTrustManager() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, CadiException {
author	Instrumental <jonathan.gathman@att.com>	2019-06-06 19:33:19 -0500
committer	Instrumental <jonathan.gathman@att.com>	2019-06-08 09:24:31 -0500
commit	355b886d817295d2bca5af28f01576bf4a3ded18 (patch)
tree	354ac6cb61ebc5f5eba23d2e1720c45771968caa /cadi/core/src/main
parent	fbcac9be97567ca19b1018861d1ab37d2dea769f (diff)