summaryrefslogtreecommitdiffstats
path: root/auth/auth-certman/src/main/java/org
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-certman/src/main/java/org')
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java18
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java12
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java12
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java44
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java34
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java32
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java16
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java2
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java14
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java26
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java14
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java48
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java48
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java40
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java6
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java22
16 files changed, 194 insertions, 194 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
index d80b085b..15e298b7 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
@@ -97,7 +97,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
aafAuthn = aafCon().newAuthn(aafLurPerm);
String aaf_env = env.getProperty(Config.AAF_ENV);
- if(aaf_env==null) {
+ if (aaf_env==null) {
throw new APIException("aaf_env needs to be set");
}
@@ -112,17 +112,17 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
// Load Supported Certificate Authorities by property
// Note: Some will be dynamic Properties, so we need to look through all
- for(Entry<Object, Object> es : env.access().getProperties().entrySet()) {
+ for (Entry<Object, Object> es : env.access().getProperties().entrySet()) {
String key = es.getKey().toString();
- if(key.startsWith(CA.CM_CA_PREFIX)) {
+ if (key.startsWith(CA.CM_CA_PREFIX)) {
int idx = key.indexOf('.');
- if(idx==key.lastIndexOf('.')) { // else it's a regular property
+ if (idx==key.lastIndexOf('.')) { // else it's a regular property
env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
String[] segs = Split.split(',', env.getProperty(key));
- if(segs.length>0) {
+ if (segs.length>0) {
String[][] multiParams = new String[segs.length-1][];
- for(int i=0;i<multiParams.length;++i) {
+ for (int i=0;i<multiParams.length;++i) {
multiParams[i]=Split.split(';',segs[1+i]);
}
@SuppressWarnings("unchecked")
@@ -141,7 +141,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
}
}
}
- if(certAuths.size()==0) {
+ if (certAuths.size()==0) {
throw new APIException("No Certificate Authorities have been configured in CertMan");
}
@@ -152,7 +152,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
synchronized(env) {
- if(cacheUser == null) {
+ if (cacheUser == null) {
cacheUser = Cache.obtain(USER_PERMS);
Cache.startCleansing(env, USER_PERMS);
}
@@ -184,7 +184,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
String version = "1.0";
// Get Correct API Class from Mapper
Class<?> respCls = facade1_0.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
// setup Application API HTML ContentTypes for JSON and Route
String application = applicationJSON(respCls, version);
route(env,meth,path,code,application,"application/json;version="+version,"*/*");
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
index 34f7927e..a3a30607 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
@@ -52,7 +52,7 @@ public class API_Artifact {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.createArtifacts(trans, req, resp);
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.CREATED_201);
} else {
context.error(trans,resp,r);
@@ -67,7 +67,7 @@ public class API_Artifact {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.readArtifacts(trans, req, resp);
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
@@ -81,7 +81,7 @@ public class API_Artifact {
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.readArtifacts(trans, resp, pathParam(req,":mechid"), pathParam(req,":machine"));
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
@@ -94,7 +94,7 @@ public class API_Artifact {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.updateArtifacts(trans, req, resp);
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
@@ -107,7 +107,7 @@ public class API_Artifact {
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.deleteArtifacts(trans, resp,
pathParam(req, ":mechid"), pathParam(req,":machine"));
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
@@ -120,7 +120,7 @@ public class API_Artifact {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.deleteArtifacts(trans, req, resp);
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
index 625fed62..68354413 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
@@ -63,12 +63,12 @@ public class API_Cert {
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
String key = pathParam(req, ":ca");
CA ca;
- if((ca = aafCM.getCA(key))==null) {
+ if ((ca = aafCM.getCA(key))==null) {
context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
} else {
trans.put(sCertAuth, ca);
Result<Void> r = context.requestCert(trans, req, resp, ca);
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
@@ -82,12 +82,12 @@ public class API_Cert {
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
String key = pathParam(req, ":ca");
CA ca;
- if((ca = aafCM.getCA(key))==null) {
+ if ((ca = aafCM.getCA(key))==null) {
context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
} else {
trans.put(sCertAuth, ca);
Result<Void> r = context.requestPersonalCert(trans, req, resp, ca);
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
@@ -104,7 +104,7 @@ public class API_Cert {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
trans.checkpoint(r.errorString());
@@ -125,7 +125,7 @@ public class API_Cert {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
Result<Void> r = context.readCertsByMechID(trans, resp, pathParam(req,"id"));
- if(r.isOK()) {
+ if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
} else {
context.error(trans,resp,r);
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
index 820f02d1..881c9bea 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
@@ -71,7 +71,7 @@ public abstract class CA {
this.env = env;
permNS = CM_CA_PREFIX + name;
permType = access.getProperty(permNS + ".perm_type",null);
- if(permType==null) {
+ if (permType==null) {
throw new CertException(permNS + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
}
caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null));
@@ -79,22 +79,22 @@ public abstract class CA {
String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT;
String fields = access.getProperty(tag, null);
- if(fields==null) {
+ if (fields==null) {
throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
}
access.log(Level.INFO, tag, "=",fields);
rdns = RDN.parse('/',fields);
- for(RDN rdn : rdns) {
- if(rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject
+ for (RDN rdn : rdns) {
+ if (rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject
throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT);
}
}
idDomains = new ArrayList<>();
StringBuilder sb = null;
- for(String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
- if(s.length()>0) {
- if(sb==null) {
+ for (String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
+ if (s.length()>0) {
+ if (sb==null) {
sb = new StringBuilder();
} else {
sb.append(", ");
@@ -103,31 +103,31 @@ public abstract class CA {
sb.append(s);
}
}
- if(sb!=null) {
+ if (sb!=null) {
access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb);
}
String dataDir = access.getProperty(CM_PUBLIC_DIR,null);
- if(dataDir!=null) {
+ if (dataDir!=null) {
File data = new File(dataDir);
byte[] bytes;
- if(data.exists()) {
+ if (data.exists()) {
String trustCas = access.getProperty(CM_TRUST_CAS,null);
- if(trustCas!=null) {
- for(String fname : Split.splitTrim(',', trustCas)) {
+ if (trustCas!=null) {
+ for (String fname : Split.splitTrim(',', trustCas)) {
File crt;
- if(fname.contains("/")) {
+ if (fname.contains("/")) {
crt = new File(fname);
} else {
crt = new File(data,fname);
}
- if(crt.exists()) {
+ if (crt.exists()) {
access.printf(Level.INIT, "Loading CA Cert from %s", crt.getAbsolutePath());
bytes = new byte[(int)crt.length()];
FileInputStream fis = new FileInputStream(crt);
try {
int read = fis.read(bytes);
- if(read>0) {
+ if (read>0) {
addTrustedCA(new String(bytes));
}
} finally {
@@ -148,13 +148,13 @@ public abstract class CA {
protected void addCaIssuerDN(String issuerDN) {
boolean changed = true;
- for(String id : caIssuerDNs) {
- if(id.equals(issuerDN)) {
+ for (String id : caIssuerDNs) {
+ if (id.equals(issuerDN)) {
changed = false;
break;
}
}
- if(changed) {
+ if (changed) {
String[] newsa = new String[caIssuerDNs.length+1];
newsa[0]=issuerDN;
System.arraycopy(caIssuerDNs, 0, newsa, 1, caIssuerDNs.length);
@@ -164,13 +164,13 @@ public abstract class CA {
protected synchronized void addTrustedCA(final String crtString) {
String crt;
- if(crtString.endsWith("\n")) {
+ if (crtString.endsWith("\n")) {
crt = crtString;
} else {
crt = crtString + '\n';
}
- for(int i=0;i<trustedCAs.length;++i) {
- if(trustedCAs[i]==null) {
+ for (int i=0;i<trustedCAs.length;++i) {
+ if (trustedCAs[i]==null) {
trustedCAs[i]=crt;
return;
}
@@ -221,7 +221,7 @@ public abstract class CA {
*/
public boolean inPersonalDomains(Principal p) {
int at = p.getName().indexOf('@');
- if(at>=0) {
+ if (at>=0) {
return idDomains.contains(p.getName().substring(at+1));
} else {
return false;
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
index 000b6dd5..bc81fc43 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
@@ -75,10 +75,10 @@ public class JscepCA extends CA {
mxcwiS = new ConcurrentHashMap<>();
mxcwiC = new ConcurrentHashMap<>();
- if(params.length<2) {
+ if (params.length<2) {
throw new CertException("No Trust Chain parameters are included");
}
- if(params[0].length<2) {
+ if (params[0].length<2) {
throw new CertException("User/Password required for JSCEP");
}
final String id = params[0][0];
@@ -98,21 +98,21 @@ public class JscepCA extends CA {
StringBuilder urlstr = new StringBuilder();
- for(int i=1;i<params.length;++i) { // skip first section, which is user/pass
+ for (int i=1;i<params.length;++i) { // skip first section, which is user/pass
// Work
- if(i>1) {
+ if (i>1) {
urlstr.append(','); // delimiter
}
urlstr.append(params[i][0]);
String dir = access.getProperty(CM_PUBLIC_DIR, "");
- if(!"".equals(dir) && !dir.endsWith("/")) {
+ if (!"".equals(dir) && !dir.endsWith("/")) {
dir = dir + '/';
}
String path;
List<FileReader> frs = new ArrayList<>(params.length-1);
try {
- for(int j=1; j<params[i].length; ++j) { // first 3 taken up, see above
+ for (int j=1; j<params[i].length; ++j) { // first 3 taken up, see above
path = !params[i][j].contains("/")?dir+params[i][j]:params[i][j];
access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s",name, path);
frs.add(new FileReader(path));
@@ -121,8 +121,8 @@ public class JscepCA extends CA {
addCaIssuerDN(xcwi.getIssuerDN());
mxcwiS.put(params[i][0],xcwi);
} finally {
- for(FileReader fr : frs) {
- if(fr!=null) {
+ for (FileReader fr : frs) {
+ if (fr!=null) {
fr.close();
}
}
@@ -139,10 +139,10 @@ public class JscepCA extends CA {
PKCS10CertificationRequest csr;
try {
csr = csrmeta.generateCSR(trans);
- if(trans.info().isLoggable()) {
+ if (trans.info().isLoggable()) {
trans.info().log(BCFactory.toString(csr));
}
- if(trans.info().isLoggable()) {
+ if (trans.info().isLoggable()) {
trans.info().log(csr);
}
} finally {
@@ -152,7 +152,7 @@ public class JscepCA extends CA {
tt = trans.start("Enroll CSR", Env.SUB);
Client client = null;
Item item = null;
- for(int i=0; i<MAX_RETRY;++i) {
+ for (int i=0; i<MAX_RETRY;++i) {
try {
item = clients.best();
client = clients.get(item);
@@ -163,12 +163,12 @@ public class JscepCA extends CA {
csr,
MS_PROFILE /* profile... MS can't deal with blanks*/);
- while(true) {
- if(er.isSuccess()) {
+ while (true) {
+ if (er.isSuccess()) {
trans.checkpoint("Cert from " + clients.info(item));
X509Certificate x509 = null;
- for( Certificate cert : er.getCertStore().getCertificates(null)) {
- if(x509==null) {
+ for ( Certificate cert : er.getCertStore().getCertificates(null)) {
+ if (x509==null) {
x509 = (X509Certificate)cert;
break;
}
@@ -183,14 +183,14 @@ public class JscepCA extends CA {
throw new CertException(clients.info(item)+':'+er.getFailInfo().toString());
}
}
- } catch(LocatorException e) {
+ } catch (LocatorException e) {
trans.error().log(e);
i=MAX_RETRY;
} catch (ClientException e) {
trans.error().log(e,"SCEP Client Error, Temporarily Invalidating Client: " + clients.info(item));
try {
clients.invalidate(client);
- if(!clients.hasItems()) {
+ if (!clients.hasItems()) {
clients.refresh();
}
} catch (LocatorException e1) {
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
index b7d78f05..2a3ce537 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
@@ -92,55 +92,55 @@ public class LocalCA extends CA {
serial = new BigInteger(64,random);
- if(params.length<1 || params[0].length<2) {
+ if (params.length<1 || params[0].length<2) {
throw new IOException("LocalCA expects cm_ca.<ca name>=org.onap.aaf.auth.cm.ca.LocalCA,<full path to key file>[;<Full Path to Trust Chain, ending with actual CA>]+");
}
// Read in the Private Key
String configured;
File f = new File(params[0][0]);
- if(f.exists() && f.isFile()) {
+ if (f.exists() && f.isFile()) {
String fileName = f.getName();
- if(fileName.endsWith(".key")) {
+ if (fileName.endsWith(".key")) {
caKey = Factory.toPrivateKey(NullTrans.singleton(),f);
List<FileReader> frs = new ArrayList<>(params.length-1);
try {
String dir = access.getProperty(CM_PUBLIC_DIR, "");
- if(!"".equals(dir) && !dir.endsWith("/")) {
+ if (!"".equals(dir) && !dir.endsWith("/")) {
dir = dir + '/';
}
String path;
- for(int i=1; i<params[0].length; ++i) { // first param is Private Key, remainder are TrustChain
+ for (int i=1; i<params[0].length; ++i) { // first param is Private Key, remainder are TrustChain
path = !params[0][i].contains("/")?dir+params[0][i]:params[0][i];
access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s\n",name, path);
frs.add(new FileReader(path));
}
x509cwi = new X509ChainWithIssuer(frs);
} finally {
- for(FileReader fr : frs) {
- if(fr!=null) {
+ for (FileReader fr : frs) {
+ if (fr!=null) {
fr.close();
}
}
}
configured = "Configured with " + fileName;
} else {
- if(params.length<1 || params[0].length<3) {
+ if (params.length<1 || params[0].length<3) {
throw new CertException("LocalCA parameters must be <keystore [.p12|.pkcs12|.jks|.pkcs11(sun only)]; <alias>; enc:<encrypted Keystore Password>>");
}
try {
Provider p;
KeyStore keyStore;
FileInputStream fis = null;
- if(fileName.endsWith(".pkcs11")) {
+ if (fileName.endsWith(".pkcs11")) {
String ksType="PKCS11";
p = Factory.getSecurityProvider(ksType,params);
keyStore = KeyStore.getInstance(ksType,p);
- } else if(fileName.endsWith(".jks")) {
+ } else if (fileName.endsWith(".jks")) {
keyStore = KeyStore.getInstance("JKS");
fis = new FileInputStream(f);
- } else if(fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) {
+ } else if (fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) {
keyStore = KeyStore.getInstance("PKCS12");
fis = new FileInputStream(f);
} else {
@@ -151,7 +151,7 @@ public class LocalCA extends CA {
try {
String pass = access.decrypt(params[0][2]/*encrypted passcode*/, true);
- if(pass==null) {
+ if (pass==null) {
throw new CertException("Passcode for " + fileName + " cannot be decrypted.");
}
char[] ksPass = pass.toCharArray();
@@ -164,12 +164,12 @@ public class LocalCA extends CA {
fis.close();
}
Entry entry;
- if(fileName.endsWith(".pkcs11")) {
+ if (fileName.endsWith(".pkcs11")) {
entry = keyStore.getEntry(params[0][1]/*alias*/, null);
} else {
entry = keyStore.getEntry(params[0][1]/*alias*/, keyPass);
}
- if(entry==null) {
+ if (entry==null) {
throw new CertException("There is no Keystore entry with name '" + params[0][1] +'\'');
}
PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry)entry;
@@ -188,7 +188,7 @@ public class LocalCA extends CA {
X500NameBuilder xnb = new X500NameBuilder();
List<RDN> rp = RDN.parse(',', x509cwi.getIssuerDN());
Collections.reverse(rp);
- for(RDN rnd : rp) {
+ for (RDN rnd : rp) {
xnb.addRDN(rnd.aoi,rnd.value);
}
issuer = xnb.build();
@@ -226,7 +226,7 @@ public class LocalCA extends CA {
// new SubjectPublicKeyInfo(ASN1Sequence.getInstance(caCert.getPublicKey().getEncoded()))
);
List<GeneralName> lsan = new ArrayList<>();
- for(String s : csrmeta.sans()) {
+ for (String s : csrmeta.sans()) {
lsan.add(new GeneralName(GeneralName.dNSName,s));
}
GeneralName[] sans = new GeneralName[lsan.size()];
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index e51f2faa..2ef6da55 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@ -45,8 +45,8 @@ public class X509ChainWithIssuer extends X509andChain {
// Trust Chain. Last one should be the CA
Collection<? extends Certificate> certs;
X509Certificate x509;
- for(Reader rdr : rdrs) {
- if(rdr==null) { // cover for badly formed array
+ for (Reader rdr : rdrs) {
+ if (rdr==null) { // cover for badly formed array
continue;
}
@@ -56,13 +56,13 @@ public class X509ChainWithIssuer extends X509andChain {
} catch (CertificateException e) {
throw new CertException(e);
}
- for(Certificate c : certs) {
+ for (Certificate c : certs) {
x509=(X509Certificate)c;
Principal subject = x509.getSubjectDN();
- if(subject==null) {
+ if (subject==null) {
continue;
}
- if(cert==null) { // first in Trust Chain
+ if (cert==null) { // first in Trust Chain
issuerDN = subject.toString();
cert=x509; // adding each time makes sure last one is signer.
}
@@ -73,12 +73,12 @@ public class X509ChainWithIssuer extends X509andChain {
public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
X509Certificate x509;
- for(int i=certs.length-1; i>=0; --i) {
+ for (int i=certs.length-1; i>=0; --i) {
x509=(X509Certificate)certs[i];
Principal subject = x509.getSubjectDN();
- if(subject!=null) {
+ if (subject!=null) {
addTrustChainEntry(x509);
- if(i==0) { // last one is signer
+ if (i==0) { // last one is signer
cert=x509;
issuerDN= subject.toString();
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
index 3c684db2..7eb88bd2 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
@@ -58,7 +58,7 @@ public class X509andChain {
public void addTrustChainEntry(X509Certificate x509) throws IOException, CertException {
- if(trustChain==null) {
+ if (trustChain==null) {
trustChain = new String[] {Factory.toString(NullTrans.singleton(),x509)};
} else {
String[] temp = new String[trustChain.length+1];
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
index 8edfa634..b84816ab 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
@@ -65,7 +65,7 @@ public class BCFactory extends Factory {
}
public static String toString(PKCS10CertificationRequest csr) throws IOException, CertException {
- if(csr==null) {
+ if (csr==null) {
throw new CertException("x509 Certificate Request not built");
}
return textBuilder("CERTIFICATE REQUEST",csr.getEncoded());
@@ -94,8 +94,8 @@ public class BCFactory extends Factory {
CSRMeta csr = ca.newCSRMeta();
boolean first = true;
// Set CN (and SAN)
- for(String fqdn : fqdns) {
- if(first) {
+ for (String fqdn : fqdns) {
+ if (first) {
first = false;
csr.cn(fqdn);
}
@@ -106,7 +106,7 @@ public class BCFactory extends Factory {
csr.mechID(mechid);
csr.email(sponsorEmail);
String errs;
- if((errs=validateApp(csr))!=null) {
+ if ((errs=validateApp(csr))!=null) {
throw new CertException(errs);
}
return csr;
@@ -114,7 +114,7 @@ public class BCFactory extends Factory {
private static String validateApp(CSRMeta csr) {
CertmanValidator v = new CertmanValidator();
- if(v.nullOrBlank("cn", csr.cn())
+ if (v.nullOrBlank("cn", csr.cn())
.nullOrBlank("mechID", csr.mechID())
// .nullOrBlank("email", csr.email())
.err()) {
@@ -130,7 +130,7 @@ public class BCFactory extends Factory {
csr.challenge(new String(Symm.randomGen(24)));
csr.email(email);
String errs;
- if((errs=validatePersonal(csr))!=null) {
+ if ((errs=validatePersonal(csr))!=null) {
throw new CertException(errs);
}
return csr;
@@ -138,7 +138,7 @@ public class BCFactory extends Factory {
private static String validatePersonal(CSRMeta csr) {
CertmanValidator v = new CertmanValidator();
- if(v.nullOrBlank("cn", csr.cn())
+ if (v.nullOrBlank("cn", csr.cn())
.nullOrBlank("email", csr.email())
.err()) {
return v.errs();
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
index 5df439ab..a3740bfe 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
@@ -70,18 +70,18 @@ public class CSRMeta {
}
public X500Name x500Name() {
- if(name==null) {
+ if (name==null) {
X500NameBuilder xnb = new X500NameBuilder();
xnb.addRDN(BCStyle.CN,cn);
xnb.addRDN(BCStyle.E,email);
- if(mechID!=null) {
- if(environment==null) {
+ if (mechID!=null) {
+ if (environment==null) {
xnb.addRDN(BCStyle.OU,mechID);
} else {
xnb.addRDN(BCStyle.OU,mechID+':'+environment);
}
}
- for(RDN rdn : rdns) {
+ for (RDN rdn : rdns) {
xnb.addRDN(rdn.aoi,rdn.value);
}
name = xnb.build();
@@ -92,16 +92,16 @@ public class CSRMeta {
public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException {
PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic());
- if(challenge!=null) {
+ if (challenge!=null) {
DERPrintableString password = new DERPrintableString(challenge);
builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password);
}
int plus = email==null?0:1;
- if(!sanList.isEmpty()) {
+ if (!sanList.isEmpty()) {
GeneralName[] gna = new GeneralName[sanList.size()+plus];
int i=-1;
- for(String s : sanList) {
+ for (String s : sanList) {
gna[++i]=new GeneralName(GeneralName.dNSName,s);
}
gna[++i]=new GeneralName(GeneralName.rfc822Name,email);
@@ -132,17 +132,17 @@ public class CSRMeta {
Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0));
GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName);
GeneralName[] names = gns.getNames();
- for(int k=0; k < names.length; k++) {
+ for (int k=0; k < names.length; k++) {
String title = "";
- if(names[k].getTagNo() == GeneralName.dNSName) {
+ if (names[k].getTagNo() == GeneralName.dNSName) {
title = "dNSName";
- } else if(names[k].getTagNo() == GeneralName.iPAddress) {
+ } else if (names[k].getTagNo() == GeneralName.iPAddress) {
title = "iPAddress";
// Deprecated, but I don't see anything better to use.
names[k].toASN1Object();
- } else if(names[k].getTagNo() == GeneralName.otherName) {
+ } else if (names[k].getTagNo() == GeneralName.otherName) {
title = "otherName";
- } else if(names[k].getTagNo() == GeneralName.rfc822Name) {
+ } else if (names[k].getTagNo() == GeneralName.rfc822Name) {
title = "email";
}
@@ -180,7 +180,7 @@ public class CSRMeta {
public KeyPair keypair(Trans trans) {
- if(keyPair == null) {
+ if (keyPair == null) {
keyPair = Factory.generateKeyPair(trans);
}
return keyPair;
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
index c39ba6d3..f57c837a 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
@@ -69,19 +69,19 @@ public class RDN {
List<RDN> lrnd = new ArrayList<>();
StringBuilder sb = new StringBuilder();
boolean inQuotes = false;
- for(int i=0;i<dnString.length();++i) {
+ for (int i=0;i<dnString.length();++i) {
char c = dnString.charAt(i);
- if(inQuotes) {
- if('"' == c) {
+ if (inQuotes) {
+ if ('"' == c) {
inQuotes=false;
} else {
sb.append(dnString.charAt(i));
}
} else {
- if('"' == c) {
+ if ('"' == c) {
inQuotes=true;
- } else if(delim==c) {
- if(sb.length()>0) {
+ } else if (delim==c) {
+ if (sb.length()>0) {
lrnd.add(new RDN(sb.toString()));
sb.setLength(0);
}
@@ -90,7 +90,7 @@ public class RDN {
}
}
}
- if(sb.indexOf("=")>0) {
+ if (sb.indexOf("=")>0) {
lrnd.add(new RDN(sb.toString()));
}
return lrnd;
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
index 310ea8b2..e05b2a27 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
@@ -115,7 +115,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
(certDF = env.newDataFactory(mapper.getClass(API.CERT))).in(dataType).out(dataType);
(artiDF = env.newDataFactory(mapper.getClass(API.ARTIFACTS))).in(dataType).out(dataType);
// sCertAuth = env.slot(API_Cert.CERT_AUTH);
- if(artiDF.getOutType().name().contains("xml")) {
+ if (artiDF.getOutType().name().contains("xml")) {
voidResp = "application/Void+xml;charset=utf-8;version=1.0,application/xml;version=1.0,*/*";
} else {
voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*";
@@ -206,7 +206,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
"] " +
holder.toString(),
Env.ALWAYS);
- if(hidemsg) {
+ if (hidemsg) {
holder.setLength(0);
em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
}
@@ -231,7 +231,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
default:
return Result.err(Result.ERR_BadData,"Invalid Perm String");
}
- if(certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
+ if (certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
resp.setContentType(voidResp);
resp.getOutputStream().write(0);
return Result.ok();
@@ -253,13 +253,13 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
try {
Data<REQ> rd = certRequestDF.newData().load(req.getInputStream());
request = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,REQUEST_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca);
- if(rcr.notOK()) {
+ if (rcr.notOK()) {
return Result.err(rcr);
}
@@ -291,7 +291,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
public Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
return Result.err(Result.ERR_NotImplemented,"not implemented yet");
// Result<CertResp> rcr = service.requestPersonalCert(trans,ca);
-// if(rcr.notOK()) {
+// if (rcr.notOK()) {
// return Result.err(rcr);
// } else {
// try {
@@ -308,17 +308,17 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
// zos.closeEntry();
//
// String wt;
-// if((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) {
+// if ((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) {
// zos.putNextEntry(new ZipEntry(trans.user()+".trustCrts"));
-// for(String s : ca.getTrustChain()) {
+// for (String s : ca.getTrustChain()) {
// ps.println(s);
// }
// zos.closeEntry();
// }
//
// boolean withJKS = (wt=req.getParameter("withJKS"))!=null || TRUE.equalsIgnoreCase(wt);
-// if(withJKS) {
-// if(trans.getUserPrincipal() instanceof BasicPrincipal) {
+// if (withJKS) {
+// if (trans.getUserPrincipal() instanceof BasicPrincipal) {
// char[] cap = new String(((BasicPrincipal)trans.getUserPrincipal()).getCred()).toCharArray();
// KeyStore ks = keystore(trans, rcr.value, ca.getTrustChain(), trans.user(), cap);
// zos.putNextEntry(new ZipEntry(trans.user()+".jks"));
@@ -337,7 +337,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
// ps.println("echo \"Deploying to `pwd`\"");
// ps.println("jar -xvf $THE_PWD/$1 " + trans.user());
// ps.println("chmod 600 " + trans.user() + ".key");
-// if(withJKS) {
+// if (withJKS) {
// ps.println("chmod 600 " + trans.user() + ".jks");
// }
// ps.println("cd $THE_PWD");
@@ -362,7 +362,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
// // Get the Cert(s)... Might include Trust store
// List<String> lcerts = new ArrayList<>();
// lcerts.add(cr.asCertString());
-// for(String s : trustChain) {
+// for (String s : trustChain) {
// lcerts.add(s);
// }
//
@@ -377,7 +377,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
// jks.setEntry(name, pkEntry, protParam);
//
// int i=0;
-// for(X509Certificate x509 : certs) {
+// for (X509Certificate x509 : certs) {
// jks.setCertificateEntry("cert_"+ ++i, x509);
// }
// return jks;
@@ -391,7 +391,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
try {
Data<REQ> rd = certRenewDF.newData().load(req.getInputStream());
request = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,RENEW_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
@@ -427,7 +427,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
try {
Data<REQ> rd = certDropDF.newData().load(req.getInputStream());
request = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,DROP_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
@@ -485,7 +485,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
try {
Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
arti = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
@@ -509,23 +509,23 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
String ns = req.getParameter("ns");
Result<ARTIFACTS> ra;
- if( machine !=null && mechid == null) {
+ if ( machine !=null && mechid == null) {
ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine));
- } else if(mechid!=null && machine==null) {
+ } else if (mechid!=null && machine==null) {
ra = mapper.fromArtifacts(service.readArtifactsByMechID(trans, mechid));
- } else if(mechid!=null && machine!=null) {
+ } else if (mechid!=null && machine!=null) {
ArtiDAO.Data add = new ArtiDAO.Data();
add.mechid = mechid;
add.machine = machine;
add.ns = ns;
ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
- } else if(ns!=null) {
+ } else if (ns!=null) {
ra = mapper.fromArtifacts(service.readArtifactsByNs(trans, ns));
} else {
ra = Result.err(Status.ERR_BadData,"Invalid request inputs");
}
- if(ra.isOK()) {
+ if (ra.isOK()) {
RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
data.to(resp.getOutputStream());
setContentType(resp,artiDF.getOutType());
@@ -550,7 +550,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
add.mechid = mechid;
add.machine = machine;
Result<ARTIFACTS> ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
- if(ra.isOK()) {
+ if (ra.isOK()) {
RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
data.to(resp.getOutputStream());
setContentType(resp,artiDF.getOutType());
@@ -575,7 +575,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
try {
Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
arti = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
@@ -597,7 +597,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
try {
Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
arti = rd.asObject();
- } catch(APIException e) {
+ } catch (APIException e) {
trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
index 53b97626..99d0c478 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
@@ -86,7 +86,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
err.setMessageId(msgID);
// AT&T Restful Error Format requires numbers "%" placements
err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
+ for (String s : var) {
err.getVariables().add(s);
}
return err;
@@ -97,7 +97,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
*/
@Override
public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
- if(!in.isOK()) {
+ if (!in.isOK()) {
return Result.err(in);
}
@@ -105,15 +105,15 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
CertInfo cout = newInstance(API.CERT);
cout.setPrivatekey(cin.privateString());
String value;
- if((value=cin.challenge())!=null) {
+ if ((value=cin.challenge())!=null) {
cout.setChallenge(value);
}
// In Version 1, Cert is always first
cout.getCerts().add(cin.asCertString());
// Follow with Trust Chain
- if(cin.trustChain()!=null) {
- for(String c : cin.trustChain()) {
- if(c!=null) {
+ if (cin.trustChain()!=null) {
+ for (String c : cin.trustChain()) {
+ if (c!=null) {
cout.getCerts().add(c);
}
}
@@ -121,20 +121,20 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
// Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
// Certs in keystore versus Truststore. Separate in Version 2_0
- if(cin.trustCAs()!=null) {
- for(String c : cin.trustCAs()) {
- if(c!=null) {
- if(!cout.getCerts().contains(c)) {
+ if (cin.trustCAs()!=null) {
+ for (String c : cin.trustCAs()) {
+ if (c!=null) {
+ if (!cout.getCerts().contains(c)) {
cout.getCerts().add(c);
}
}
}
}
- if(cin.notes()!=null) {
+ if (cin.notes()!=null) {
boolean first = true;
StringBuilder sb = new StringBuilder();
- for(String n : cin.notes()) {
- if(first) {
+ for (String n : cin.notes()) {
+ if (first) {
first = false;
} else {
sb.append('\n');
@@ -144,7 +144,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
cout.setNotes(sb.toString());
}
List<String> caIssuerDNs = cout.getCaIssuerDNs();
- for(String s : cin.caIssuerDNs()) {
+ for (String s : cin.caIssuerDNs()) {
caIssuerDNs.add(s);
}
cout.setEnv(cin.env());
@@ -154,10 +154,10 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
@Override
public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
- if(in.isOK()) {
+ if (in.isOK()) {
CertInfo cout = newInstance(API.CERT);
List<String> certs = cout.getCerts();
- for(CertDAO.Data cdd : in.value) {
+ for (CertDAO.Data cdd : in.value) {
certs.add(cdd.x509);
}
return Result.ok(cout);
@@ -174,7 +174,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
CertificateRequest in;
try {
in = (CertificateRequest)req;
- } catch(ClassCastException e) {
+ } catch (ClassCastException e) {
return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
}
@@ -184,7 +184,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
out.fqdns=in.getFqdns();
v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
v.nullBlankMin("FQDNs", out.fqdns,1);
- if(v.err()) {
+ if (v.err()) {
return Result.err(Result.ERR_BadData, v.errs());
}
out.emails = in.getEmail();
@@ -217,7 +217,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
@Override
public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
List<ArtiDAO.Data> ladd = new ArrayList<>();
- for(Artifact arti : artifacts.getArtifact()) {
+ for (Artifact arti : artifacts.getArtifact()) {
ArtiDAO.Data data = new ArtiDAO.Data();
data.mechid = arti.getMechid();
data.machine = arti.getMachine();
@@ -235,11 +235,11 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
data.expires = null;
// Derive Optional Data from Machine (Domain) if exists
- if(data.machine!=null) {
- if(data.ca==null && data.machine.endsWith(".att.com")) {
+ if (data.machine!=null) {
+ if (data.ca==null && data.machine.endsWith(".att.com")) {
data.ca = "aaf"; // default
}
- if(data.ns==null ) {
+ if (data.ns==null ) {
data.ns=FQI.reverseDomain(data.machine);
}
}
@@ -254,9 +254,9 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
*/
@Override
public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
- if(lArtiDAO.isOK()) {
+ if (lArtiDAO.isOK()) {
Artifacts artis = new Artifacts();
- for(ArtiDAO.Data arti : lArtiDAO.value) {
+ for (ArtiDAO.Data arti : lArtiDAO.value) {
Artifact a = new Artifact();
a.setMechid(arti.mechid);
a.setMachine(arti.machine);
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
index d85ea2ca..55a292e0 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
@@ -86,7 +86,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
err.setMessageId(msgID);
// AT&T Restful Error Format requires numbers "%" placements
err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
+ for (String s : var) {
err.getVariables().add(s);
}
return err;
@@ -100,25 +100,25 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
*/
@Override
public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
- if(!in.isOK()) {
+ if (!in.isOK()) {
CertResp cin = in.value;
CertInfo cout = newInstance(API.CERT);
cout.setPrivatekey(cin.privateString());
String value;
- if((value=cin.challenge())!=null) {
+ if ((value=cin.challenge())!=null) {
cout.setChallenge(value);
}
cout.getCerts().add(cin.asCertString());
- if(cin.trustChain()!=null) {
- for(String c : cin.trustChain()) {
+ if (cin.trustChain()!=null) {
+ for (String c : cin.trustChain()) {
cout.getCerts().add(c);
}
}
- if(cin.notes()!=null) {
+ if (cin.notes()!=null) {
boolean first = true;
StringBuilder sb = new StringBuilder();
- for(String n : cin.notes()) {
- if(first) {
+ for (String n : cin.notes()) {
+ if (first) {
first = false;
} else {
sb.append('\n');
@@ -129,7 +129,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
}
List<String> caIssuerDNs = cout.getCaIssuerDNs();
- for(String s : cin.caIssuerDNs()) {
+ for (String s : cin.caIssuerDNs()) {
caIssuerDNs.add(s);
}
@@ -143,10 +143,10 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
@Override
public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
- if(in.isOK()) {
+ if (in.isOK()) {
CertInfo cout = newInstance(API.CERT);
List<String> certs = cout.getCerts();
- for(CertDAO.Data cdd : in.value) {
+ for (CertDAO.Data cdd : in.value) {
certs.add(cdd.x509);
}
return Result.ok(cout);
@@ -163,7 +163,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
CertificateRequest in;
try {
in = (CertificateRequest)req;
- } catch(ClassCastException e) {
+ } catch (ClassCastException e) {
return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
}
@@ -172,7 +172,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
v.isNull("CertRequest", req)
.nullOrBlank("MechID", out.mechid=in.getMechid());
v.nullBlankMin("FQDNs", out.fqdns=in.getFqdns(),1);
- if(v.err()) {
+ if (v.err()) {
return Result.err(Result.ERR_BadData, v.errs());
}
@@ -206,7 +206,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
@Override
public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
List<ArtiDAO.Data> ladd = new ArrayList<>();
- for(Artifact arti : artifacts.getArtifact()) {
+ for (Artifact arti : artifacts.getArtifact()) {
ArtiDAO.Data data = new ArtiDAO.Data();
data.mechid = arti.getMechid();
data.machine = arti.getMachine();
@@ -224,13 +224,13 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
data.expires = null;
// Derive Optional Data from Machine (Domain) if exists
- if(data.machine!=null) {
- if(data.ca==null) {
- if(data.machine.endsWith(".att.com")) {
+ if (data.machine!=null) {
+ if (data.ca==null) {
+ if (data.machine.endsWith(".att.com")) {
data.ca = "aaf"; // default
}
}
- if(data.ns==null ) {
+ if (data.ns==null ) {
data.ns=FQI.reverseDomain(data.machine);
}
}
@@ -245,9 +245,9 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
*/
@Override
public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
- if(lArtiDAO.isOK()) {
+ if (lArtiDAO.isOK()) {
Artifacts artis = new Artifacts();
- for(ArtiDAO.Data arti : lArtiDAO.value) {
+ for (ArtiDAO.Data arti : lArtiDAO.value) {
Artifact a = new Artifact();
a.setMechid(arti.mechid);
a.setMachine(arti.machine);
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
index 62f0d680..89824a47 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
@@ -164,7 +164,7 @@ public class CMService {
} else {
for (String cn : req.value.fqdns) {
- if(!ignoreIPs) {
+ if (!ignoreIPs) {
try {
InetAddress[] ias = InetAddress.getAllByName(cn);
Set<String> potentialSanNames = new HashSet<>();
@@ -186,7 +186,7 @@ public class CMService {
}
final String host;
- if(ignoreIPs) {
+ if (ignoreIPs) {
host = req.value.fqdns.get(0);
} else if (primary == null) {
return Result.err(Result.ERR_Denied, "Request not made from matching IP (%s)", trans.ip());
@@ -271,7 +271,7 @@ public class CMService {
// Make sure Primary is the first in fqdns
if (fqdns.size() > 1) {
for (int i = 0; i < fqdns.size(); ++i) {
- if(primary==null) {
+ if (primary==null) {
trans.error().log("CMService var primary is null");
} else {
String fg = fqdns.get(i);
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
index ea97dd0d..1a27b41f 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
@@ -49,13 +49,13 @@ public class CertmanValidator extends Validator{
private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least ";
public CertmanValidator nullBlankMin(String name, List<String> list, int min) {
- if(list==null) {
+ if (list==null) {
msg(name + IS_NULL);
} else {
- if(list.size()<min) {
+ if (list.size()<min) {
msg(name + MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
} else {
- for(String s : list) {
+ for (String s : list) {
nullOrBlank("List Item",s);
}
}
@@ -64,13 +64,13 @@ public class CertmanValidator extends Validator{
}
public CertmanValidator artisRequired(List<ArtiDAO.Data> list, int min) {
- if(list==null) {
+ if (list==null) {
msg(ARTIFACT_LIST_IS_NULL);
} else {
- if(list.size()<min) {
+ if (list.size()<min) {
msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
} else {
- for(ArtiDAO.Data a : list) {
+ for (ArtiDAO.Data a : list) {
allRequired(a);
}
}
@@ -79,13 +79,13 @@ public class CertmanValidator extends Validator{
}
public CertmanValidator artisKeys(List<ArtiDAO.Data> list, int min) {
- if(list==null) {
+ if (list==null) {
msg(ARTIFACT_LIST_IS_NULL);
} else {
- if(list.size()<min) {
+ if (list.size()<min) {
msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
} else {
- for(ArtiDAO.Data a : list) {
+ for (ArtiDAO.Data a : list) {
keys(a);
}
}
@@ -95,7 +95,7 @@ public class CertmanValidator extends Validator{
public CertmanValidator keys(ArtiDAO.Data add) {
- if(add==null) {
+ if (add==null) {
msg("Artifact is null.");
} else {
nullOrBlank(MECHID, add.mechid);
@@ -105,7 +105,7 @@ public class CertmanValidator extends Validator{
}
private CertmanValidator allRequired(Data a) {
- if(a==null) {
+ if (a==null) {
msg("Artifact is null.");
} else {
nullOrBlank(MECHID, a.mechid);