From 355b886d817295d2bca5af28f01576bf4a3ded18 Mon Sep 17 00:00:00 2001
From: Instrumental <jonathan.gathman@att.com>
Date: Thu, 6 Jun 2019 19:33:19 -0500
Subject: Agent correctly sort Cert Chain/Truststore

GUI fix

Issue-ID: AAF-852
Change-Id: Ie703b7aee0a77074fac5c1aab3bdf402862243ac
Signed-off-by: Instrumental <jonathan.gathman@att.com>
---
 .../main/java/org/onap/aaf/cadi/config/Config.java |  3 +-
 .../org/onap/aaf/cadi/config/SecurityInfo.java     | 53 +++++++++++++++++++---
 2 files changed, 48 insertions(+), 8 deletions(-)

(limited to 'cadi/core/src')

diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 66fbe847..38afa629 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -157,6 +157,7 @@ public class Config {
     public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
     public static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
     public static final String AAF_DEFAULT_API_VERSION = "2.1";
+    public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version";
     public static final String AAF_API_VERSION = "aaf_api_version";
     public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration   
     public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
@@ -219,8 +220,8 @@ public class Config {
     public static final String AAF_CERT_IDS = "aaf_cert_ids";
     public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
     public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
-    public static final String AAF_RELEASE = "aaf_release";
 
+    public static final String AAF_URL_OAUTH = "aaf_url_oauth";
     public static final String AAF_URL_GUI="aaf_url_gui";
     public static final String AAF_URL_FS="aaf_url_fs";
     public static final String AAF_URL_CM = "aaf_url_cm";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
index 285c45ec..5d1d23fa 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
@@ -91,12 +91,6 @@ public class SecurityInfo {
             this.access = access;
             // reuse DME2 Properties for convenience if specific Properties don't exist
             
-            msgHelp = String.format(INITIALIZING_ERR_FMT,"Keystore", access.getProperty(Config.CADI_KEYSTORE, ""));
-            initializeKeyManager();
-            
-            msgHelp = String.format(INITIALIZING_ERR_FMT,"Truststore", access.getProperty(Config.CADI_TRUSTSTORE, ""));
-            initializeTrustManager();
-            
             String str = access.getProperty(Config.CADI_ALIAS, null);
             if(str==null || str.isEmpty()) {
             	defaultAlias = null;
@@ -113,7 +107,14 @@ public class SecurityInfo {
             } else {
             	defaultClientAlias = str;
             }
+
+            msgHelp = String.format(INITIALIZING_ERR_FMT,"Keystore", access.getProperty(Config.CADI_KEYSTORE, ""));
+            initializeKeyManager();
             
+            msgHelp = String.format(INITIALIZING_ERR_FMT,"Truststore", access.getProperty(Config.CADI_TRUSTSTORE, ""));
+            initializeTrustManager();
+            
+
             msgHelp = String.format(INITIALIZING_ERR_FMT,"Trustmasks", access.getProperty(Config.CADI_TRUST_MASKS, ""));
             initializeTrustMasks();
 
@@ -239,13 +240,51 @@ public class SecurityInfo {
                 }
             }
         }
+        
+        StringBuilder sb = null;
         for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
             if (keyManager instanceof X509KeyManager) {
-                keyManagers.add((X509KeyManager)keyManager);
+            	X509KeyManager xkm = (X509KeyManager)keyManager;
+                keyManagers.add(xkm);
+                if(defaultAlias!=null) {
+                	sb=new StringBuilder("X509 Chain\n");
+                	x509Info(sb,xkm.getCertificateChain(defaultAlias));
+                }
+                if(defaultClientAlias!=null && !defaultClientAlias.equals(defaultAlias)) {
+                	if(sb==null) {
+                		sb = new StringBuilder();
+                	} else {
+                		sb.append('\n');
+                	}
+                	sb.append("X509 Client Chain\n");
+                	x509Info(sb,xkm.getCertificateChain(defaultAlias));
+                }
             }
         }
         x509KeyManager = new X509KeyManager[keyManagers.size()];
         keyManagers.toArray(x509KeyManager);
+        
+        if(sb!=null) {
+        	access.log(Level.INIT, sb);
+        }
+    }
+    
+    private void x509Info(StringBuilder sb, X509Certificate[] chain) {
+    	if(chain!=null) {
+    		int i=0;
+    		for(X509Certificate x : chain) {
+    			sb.append("  ");
+    			sb.append(i++);
+    			sb.append(')');
+    			sb.append("\n    Subject: ");
+    			sb.append(x.getSubjectDN());
+    			sb.append("\n    Issuer : ");
+    			sb.append(x.getIssuerDN());
+    			sb.append("\n    Expires: ");
+    			sb.append(x.getNotAfter());
+    			sb.append('\n');
+    		}
+    	}
     }
 
     protected void initializeTrustManager() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, CadiException {
-- 
cgit 1.2.3-korg