2 files changed, 105 insertions, 0 deletions

diff --git a/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem b/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem
new file mode 100644
index 00000000..1f9d08e5
--- /dev/null
+++ b/scripts/dmaap-datarouter/robot_ssl/onap_ca_cert.pem
@@ -0,0 +1,40 @@
+
+# Issuer: C=US,O=ONAP,OU=OSAAF
+# Subject: C=US,O=ONAP,OU=OSAAF
+# Label: ""
+# Serial: 0x9EAEEDC0A7CEB59D
+# MD5 Fingerprint: 77:EB:5E:94:2E:B7:A3:45:97:6C:87:FE:A7:F7:64:0F
+# SHA1 Fingerprint: 90:25:D1:D3:8B:3C:BE:2C:73:E9:6C:1A:48:5B:06:A8:39:0D:54:3B
+# SHA256 Fingerprint: 1F:C2:BB:F6:7E:11:6F:F0:4C:C3:D9:6C:73:E5:99:B7:CA:7D:4D:EF:AA:6C:69:46:0D:2C:7B:A9:E4:23:5F:EA
+-----BEGIN CERTIFICATE-----
+MIIFczCCA1ugAwIBAgIUVl0TXS1NTKZy68+AFpfvCBbs3JwwDQYJKoZIhvcNAQEL
+BQAwQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNVBAoM
+BE9OQVAxDjAMBgNVBAsMBU9TQUFGMB4XDTIxMDMxNjE1MjA1MloXDTQxMDMxMTE1
+MjA1MlowQTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExDTALBgNV
+BAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEA1NdArmwTe6C9NZnMAPP0uvy9IH/+Lc9dgO9+j6F+JqLDXn+O5vaj
+6EMU5o60sGzymbMdwk26jiR7KYG8puZzI0EsjwELrLV5NYrUR1y7g+sbJWFUiB0X
+SseifQD9bSG0YBX7J6bQEilh18+oWpXIygl8/VJuiuDhaYdakmwn9AxQRm/zRDcI
+tMS49gq7ARpwMrZaZkQ5eL2R0eX4yj915fAgsvLNmfNTkkTCTBuGYAfixz2+uz8r
+4xZqxXrln6CVe6pV5MOxxQsJq0QfSfNxKFqhVJTSj3STG8UDKDPIcTqVLS6v3/iY
+WX43pHuqjfrGLy3HjPCIWphsx9EWq02bnLvwsnibRgfXjZNbdhePOZV8Xd+4MfHy
+uyFRf5xHvQm3f3vLtCQ1rmHk/3wb2Mb1SbTGt6sL6Waqs/VnnPyTwhXJk6RnU991
+qAnqSCLzKNEPNnpSTQKU35NPbdCAw/z97K5Ar8JWH2XiM65dV0j0d/Ura0PXUXRN
+Royi7rREJKBMFszwxqCCHZkH6/Fbs8vmBWC1gLQgDqK+IgU1/+ytUPOsMVqPcNjM
+RrZyd8xCoxEyd+Ly6y2EF9RE6qS/rlW/yUh3AIBlpcsVxc+Kh1nvNRLLJzHvrvSs
+wvd6LpWHVaffO02hp3suXDwOtLq91lAHLA48iDty/Js+jFjohZJ/+LsCAwEAAaNj
+MGEwHQYDVR0OBBYEFMeiRem06VRh0sL0L5k9B5A01QAoMB8GA1UdIwQYMBaAFMei
+Rem06VRh0sL0L5k9B5A01QAoMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBGdpwWyOIw7jBkEJbheeje8ccc51Z0SY/8
+oo/cYi9cI2SNtE4yt9SOZtXiWO1ga1PuFP5vNkPZu3MtqtsDt8CsSgYfgCKX1DH4
+RloTJJO73UKuMmnoqHNsuE6rHRrcoqcV8XJJ9uBz2cDVWfVDG5Pf92lB1cLQ5AGb
+X7O7MKNHu4woFdbbI8f3TN6Qx5oAcrS1alLMuPJhIkwcHuiWdjJuORx2MK4K9gov
+yRJceVyqMiTr7GGYFi/FQKIzIaHeKgQy+YGLfQ1GcbUmVItU4aQMfSM2RXb7wJ90
+XBFi0NjXZfMXVZ9kxqIki/s6NefrDAOFjHINUxGucXjEw1raewprErlsNt/8SUKT
+EDSLe1YD558jzUaqVdWinL6gMRTyyHOwt/51mg4sn3i2WLdL1Hno4F7GUIbkBmi5
+VSDDWnXdpwaFWeqA8JAvy+JIh+Ju671U1HhB68lGRvNOgfZbvW3m8GGpXldR5krR
+OYhwbxdU1rNYHH+DJ0KE4L1Y6es/571+UH7NFbvO6jAk9G/Fudel+SwhXVfFo0pi
+mmXAwT2bmDEiYBzDNHFwyT3+OGKXiDXuMvMB9ic7p3Zk9X0mRtpubW1gfZvUqIqe
+jaVeZdad0DX1yfjwi5zYT+ViI7pjXVYlgiBAnjMrEmWOpRcs793F5zBiyDjaUNFt
+3arVcS9XgA==
+-----END CERTIFICATE-----
\ No newline at end of file
diff --git a/scripts/dmaap-datarouter/robot_ssl/update_ca.py b/scripts/dmaap-datarouter/robot_ssl/update_ca.py
new file mode 100644
index 00000000..d36f8acc
--- /dev/null
+++ b/scripts/dmaap-datarouter/robot_ssl/update_ca.py
@@ -0,0 +1,65 @@
+# ============LICENSE_START===================================================
+#  Copyright (C) 2019-2021 Nordix Foundation.
+# ============================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=====================================================
+
+import certifi
+import os
+
+
+def add_onap_ca_cert():
+    cafile = certifi.where()
+    dir_path = os.path.dirname(os.path.realpath(__file__))
+    datarouter_ca = dir_path + '/onap_ca_cert.pem'
+    with open(datarouter_ca, 'rb') as infile:
+        customca = infile.read()
+
+    with open(cafile, 'ab') as outfile:
+        outfile.write(customca)
+
+    print("Added DR Cert to CA")
+
+
+def remove_onap_ca_cert():
+    cafile = certifi.where()
+    number_of_lines_to_delete = 40
+    count = 0
+    dr_cert_exists = False
+
+    with open(cafile, 'r+b', buffering=0) as outfile:
+        for line in outfile.readlines()[-36:-35]:
+            if '# Serial: 0x9EAEEDC0A7CEB59D'.encode() in line:
+                dr_cert_exists = True
+        if dr_cert_exists:
+            outfile.seek(0, os.SEEK_END)
+            end = outfile.tell()
+            while outfile.tell() > 0:
+                outfile.seek(-1, os.SEEK_CUR)
+                char = outfile.read(1)
+                if char == b'\n':
+                    count += 1
+                if count == number_of_lines_to_delete:
+                    outfile.truncate()
+                    print(
+                        "Removed " + str(number_of_lines_to_delete) + " lines from end of CA File")
+                    exit(0)
+                outfile.seek(-1, os.SEEK_CUR)
+        else:
+            print("No DR cert in CA File to remove")
+
+    if count < number_of_lines_to_delete + 1:
+        print("Number of lines in file less than number of lines to delete. Exiting...")
+        exit(1)