diff options
Diffstat (limited to 'authz-certman/src/main/java/com/att/authz/cm/cert/BCFactory.java')
| -rw-r--r-- | authz-certman/src/main/java/com/att/authz/cm/cert/BCFactory.java | 168 |
1 files changed, 0 insertions, 168 deletions
diff --git a/authz-certman/src/main/java/com/att/authz/cm/cert/BCFactory.java b/authz-certman/src/main/java/com/att/authz/cm/cert/BCFactory.java deleted file mode 100644 index 53a7c7e0..00000000 --- a/authz-certman/src/main/java/com/att/authz/cm/cert/BCFactory.java +++ /dev/null @@ -1,168 +0,0 @@ -/*******************************************************************************
- * ============LICENSE_START====================================================
- * * org.onap.aaf
- * * ===========================================================================
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
- * * ===========================================================================
- * * Licensed under the Apache License, Version 2.0 (the "License");
- * * you may not use this file except in compliance with the License.
- * * You may obtain a copy of the License at
- * *
- * * http://www.apache.org/licenses/LICENSE-2.0
- * *
- * * Unless required by applicable law or agreed to in writing, software
- * * distributed under the License is distributed on an "AS IS" BASIS,
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * * See the License for the specific language governing permissions and
- * * limitations under the License.
- * * ============LICENSE_END====================================================
- * *
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
- * *
- ******************************************************************************/
-package com.att.authz.cm.cert;
-
-import java.io.File;
-import java.io.FileReader;
-import java.io.IOException;
-import java.lang.reflect.Field;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.SignatureException;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-
-import com.att.authz.cm.ca.CA;
-import com.att.authz.cm.validation.Validator;
-import com.att.cadi.Symm;
-import com.att.cadi.cm.CertException;
-import com.att.cadi.cm.Factory;
-import com.att.inno.env.Env;
-import com.att.inno.env.TimeTaken;
-import com.att.inno.env.Trans;
-
-
-/**
- * Additional Factory mechanisms for CSRs, and BouncyCastle. The main Factory
- * utilizes only Java abstractions, and is useful in Client code.
- *
-
- *
- */
-public class BCFactory extends Factory {
- private static final JcaContentSignerBuilder jcsb;
-
-
- static {
- // Bouncy
- jcsb = new JcaContentSignerBuilder(Factory.SIG_ALGO);
- }
-
- public static ContentSigner contentSigner(PrivateKey pk) throws OperatorCreationException {
- return jcsb.build(pk);
- }
-
- public static String toString(Trans trans, PKCS10CertificationRequest csr) throws IOException, CertException {
- TimeTaken tt = trans.start("CSR to String", Env.SUB);
- try {
- if(csr==null) {
- throw new CertException("x509 Certificate Request not built");
- }
- return textBuilder("CERTIFICATE REQUEST",csr.getEncoded());
- }finally {
- tt.done();
- }
- }
-
- public static PKCS10CertificationRequest toCSR(Trans trans, File file) throws IOException {
- TimeTaken tt = trans.start("Reconstitute CSR", Env.SUB);
- try {
- FileReader fr = new FileReader(file);
- return new PKCS10CertificationRequest(decode(strip(fr)));
- } finally {
- tt.done();
- }
- }
-
- public static byte[] sign(Trans trans, ASN1Object toSign, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
- TimeTaken tt = trans.start("Encode Security Object", Env.SUB);
- try {
- return sign(trans,toSign.getEncoded(),pk);
- } finally {
- tt.done();
- }
- }
-
- public static CSRMeta createCSRMeta(CA ca,final String args[]) throws IllegalArgumentException, IllegalAccessException, CertException {
- CSRMeta csr = new CSRMeta();
- ca.stdFields().set(csr);
- //TODO should we checkDigest?
-// digest = ca.messageDigest();
-
- Field[] fld = CSRMeta.class.getDeclaredFields();
- for(int i=0;i+1<args.length;++i) {
- if(args[i].charAt(0)=='-') {
- for(int j=0;j<fld.length;++j) {
- if(fld[j].getType().equals(String.class) && args[i].substring(1).equals(fld[j].getName())) {
- fld[j].set(csr,args[++i]);
- break;
- }
- }
- }
- }
- String errs = validate(csr);
- if(errs!=null) {
- throw new CertException(errs);
- }
- return csr;
- }
-
-
- public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException {
- CSRMeta csr = new CSRMeta();
- boolean first = true;
- // Set CN (and SAN)
- for(String fqdn : fqdns) {
- if(first) {
- first = false;
- csr.cn(fqdn);
- } else {
- csr.san(fqdn);
- }
- }
-
- csr.challenge(new String(Symm.randomGen(24)));
- ca.stdFields().set(csr);
- csr.mechID(mechid);
- csr.email(sponsorEmail);
- String errs = validate(csr);
- if(errs!=null) {
- throw new CertException(errs);
- }
- return csr;
- }
-
- private static String validate(CSRMeta csr) {
- Validator v = new Validator();
- if(v.nullOrBlank("cn", csr.cn())
- .nullOrBlank("mechID", csr.mechID())
- .nullOrBlank("email", csr.email())
- .nullOrBlank("o",csr.o())
- .nullOrBlank("l",csr.l())
- .nullOrBlank("st",csr.st())
- .nullOrBlank("c",csr.c())
- .err()) {
- return v.errs();
- } else {
- return null;
- }
- }
-
-
-}
|