diff options
author | Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com> | 2021-01-14 17:03:31 +0100 |
---|---|---|
committer | Christophe Closset <christophe.closset@intl.att.com> | 2021-01-19 13:48:17 +0000 |
commit | 5b9a4251a7bce56895ca80b867ee7537e7382320 (patch) | |
tree | 6d09cf14e50b0007e97bbcf9a44e7e5ce3ab63e1 /openecomp-be | |
parent | f3b0ef4dc7cc21b273ea160781b5170b2d105e1a (diff) |
Fix signature validation in SDC (PNF package onboarding)
Change-Id: Ief8bf62e48a23a091e9084333c2523d8490fdcd2
Issue-ID: SDC-3386
Signed-off-by: Tomasz Pietruszkiewicz <tomasz.pietruszkiewicz@nokia.com>
Diffstat (limited to 'openecomp-be')
13 files changed, 650 insertions, 196 deletions
diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/main/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManager.java b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/main/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManager.java index 6fae6f0e72..56d0142e3b 100644 --- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/main/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManager.java +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/main/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManager.java @@ -20,23 +20,15 @@ package org.openecomp.sdc.vendorsoftwareproduct.security; import com.google.common.collect.ImmutableSet; -import java.io.ByteArrayInputStream; -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.InputStreamReader; + +import java.io.*; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; -import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; -import java.security.PublicKey; import java.security.Security; -import java.security.SignatureException; import java.security.cert.CertPathBuilder; import java.security.cert.CertStore; -import java.security.cert.Certificate; import java.security.cert.CertificateException; import java.security.cert.CertificateExpiredException; import java.security.cert.CertificateFactory; @@ -49,7 +41,12 @@ import java.security.cert.X509CertSelector; import java.security.cert.X509Certificate; import java.util.Collection; import java.util.HashSet; +import java.util.function.Predicate; +import java.util.Optional; +import java.util.stream.Collectors; +import java.util.stream.Stream; import java.util.Set; + import org.bouncycastle.asn1.cms.ContentInfo; import org.bouncycastle.cert.X509CertificateHolder; import org.bouncycastle.cms.CMSException; @@ -77,6 +74,7 @@ public class SecurityManager { private Logger logger = LoggerFactory.getLogger(SecurityManager.class); private Set<X509Certificate> trustedCertificates = new HashSet<>(); + private Set<X509Certificate> trustedCertificatesFromPackage = new HashSet<>(); private File certificateDirectory; static { @@ -113,7 +111,7 @@ public class SecurityManager { * @return set of trustedCertificates * @throws SecurityManagerException */ - public Set<X509Certificate> getTrustedCertificates() throws SecurityManagerException { + public Set<X509Certificate> getTrustedCertificates() throws SecurityManagerException, FileNotFoundException { //if file number in certificate directory changed reload certs String[] certFiles = certificateDirectory.list(); if (certFiles == null) { @@ -124,6 +122,10 @@ public class SecurityManager { trustedCertificates = new HashSet<>(); processCertificateDir(); } + if (!trustedCertificatesFromPackage.isEmpty()) { + return Stream.concat(trustedCertificatesFromPackage.stream(), trustedCertificates.stream()) + .collect(Collectors.toUnmodifiableSet()); + } return ImmutableSet.copyOf(trustedCertificates); } @@ -146,7 +148,7 @@ public class SecurityManager { public boolean verifySignedData(final byte[] messageSyntaxSignature, final byte[] packageCert, final byte[] innerPackageFile) throws SecurityManagerException { try (ByteArrayInputStream signatureStream = new ByteArrayInputStream(messageSyntaxSignature); - final PEMParser pemParser = new PEMParser(new InputStreamReader(signatureStream))) { + final PEMParser pemParser = new PEMParser(new InputStreamReader(signatureStream))) { final Object parsedObject = pemParser.readObject(); if (!(parsedObject instanceof ContentInfo)) { throw new SecurityManagerException("Signature is not recognized"); @@ -158,17 +160,17 @@ public class SecurityManager { final Collection<SignerInformation> signers = signedData.getSignerInfos().getSigners(); final SignerInformation firstSigner = signers.iterator().next(); final X509Certificate cert; + Collection<X509CertificateHolder> certs; if (packageCert == null) { - final Collection<X509CertificateHolder> firstSignerCertificates = signedData.getCertificates() - .getMatches(firstSigner.getSID()); - if (!firstSignerCertificates.iterator().hasNext()) { - throw new SecurityManagerException( - "No certificate found in cms signature that should contain one!"); - } - cert = loadCertificate(firstSignerCertificates.iterator().next().getEncoded()); + certs = signedData.getCertificates().getMatches(null); + cert = readSignCert(certs, firstSigner).orElseThrow(() -> new SecurityManagerException( + "No certificate found in cms signature that should contain one!")); } else { - cert = loadCertificate(packageCert); + certs = parseCertsFromPem(packageCert); + cert = readSignCert(certs, firstSigner).orElseThrow(() -> new SecurityManagerException( + "No matching certificate found in certificate file that should contain one!")); } + trustedCertificatesFromPackage = readTrustedCerts(certs, firstSigner); if (verifyCertificate(cert, getTrustedCertificates()) == null) { return false; @@ -183,7 +185,36 @@ public class SecurityManager { } } - private void processCertificateDir() throws SecurityManagerException { + private Optional<X509Certificate> readSignCert(final Collection<X509CertificateHolder> certs, final SignerInformation firstSigner) { + return certs.stream() + .filter(crt -> firstSigner.getSID().match(crt)) + .findAny() + .map(this::loadCertificate); + } + + private Set<X509Certificate> readTrustedCerts(final Collection<X509CertificateHolder> certs, final SignerInformation firstSigner) { + return certs.stream() + .filter(crt -> !firstSigner.getSID().match(crt)) + .map(this::loadCertificate) + .filter(Predicate.not(this::isSelfSigned)) + .collect(Collectors.toSet()); + } + + private Set<X509CertificateHolder> parseCertsFromPem(final byte[] packageCert) throws IOException { + final ByteArrayInputStream packageCertStream = new ByteArrayInputStream(packageCert); + final PEMParser pemParser = new PEMParser(new InputStreamReader(packageCertStream)); + Object readObject = pemParser.readObject(); + Set<X509CertificateHolder> allCerts = new HashSet<>(); + while (readObject != null) { + if (readObject instanceof X509CertificateHolder) { + allCerts.add((X509CertificateHolder) readObject); + } + readObject = pemParser.readObject(); + } + return allCerts; + } + + private void processCertificateDir() throws SecurityManagerException, FileNotFoundException { if (!certificateDirectory.exists() || !certificateDirectory.isDirectory()) { logger.error("Issue with certificate directory, check if exists!"); return; @@ -207,27 +238,30 @@ public class SecurityManager { return new File(certDirLocation); } - private X509Certificate loadCertificate(File certFile) throws SecurityManagerException { - try (InputStream fileInputStream = new FileInputStream(certFile)) { - CertificateFactory factory = CertificateFactory.getInstance("X.509"); - return (X509Certificate) factory.generateCertificate(fileInputStream); - } catch (CertificateException | IOException e) { - throw new SecurityManagerException("Error during loading Certificate file!", e); + private X509Certificate loadCertificate(File certFile) throws SecurityManagerException, FileNotFoundException { + return loadCertificateFactory(new FileInputStream(certFile)); + } + + private X509Certificate loadCertificate(X509CertificateHolder cert) { + try { + return loadCertificateFactory(new ByteArrayInputStream(cert.getEncoded())); + } catch (IOException | SecurityManagerException e) { + throw new RuntimeException("Error during loading Certificate from bytes!", e); } } - private X509Certificate loadCertificate(byte[] certFile) throws SecurityManagerException { - try (InputStream in = new ByteArrayInputStream(certFile)) { + private X509Certificate loadCertificateFactory(InputStream in) throws SecurityManagerException { + try { CertificateFactory factory = CertificateFactory.getInstance("X.509"); return (X509Certificate) factory.generateCertificate(in); - } catch (CertificateException | IOException e) { + } catch (CertificateException e) { throw new SecurityManagerException("Error during loading Certificate from bytes!", e); } } private PKIXCertPathBuilderResult verifyCertificate(X509Certificate cert, Set<X509Certificate> additionalCerts) - throws GeneralSecurityException, SecurityManagerException { + throws GeneralSecurityException, SecurityManagerException { if (null == cert) { throw new SecurityManagerException("The certificate is empty!"); } @@ -256,7 +290,7 @@ public class SecurityManager { private PKIXCertPathBuilderResult verifyCertificate(X509Certificate cert, Set<X509Certificate> allTrustedRootCerts, Set<X509Certificate> allIntermediateCerts) - throws GeneralSecurityException { + throws GeneralSecurityException { // Create the selector that specifies the starting certificate X509CertSelector selector = new X509CertSelector(); @@ -286,14 +320,14 @@ public class SecurityManager { pkixParams.addCertStore(createCertStore(allTrustedRootCerts)); CertPathBuilder builder = CertPathBuilder - .getInstance(CertPathBuilder.getDefaultType(), BouncyCastleProvider.PROVIDER_NAME); + .getInstance(CertPathBuilder.getDefaultType(), BouncyCastleProvider.PROVIDER_NAME); return (PKIXCertPathBuilderResult) builder.build(pkixParams); } private CertStore createCertStore(Set<X509Certificate> certificateSet) throws InvalidAlgorithmParameterException, - NoSuchAlgorithmException, NoSuchProviderException { + NoSuchAlgorithmException, NoSuchProviderException { return CertStore.getInstance("Collection", new CollectionCertStoreParameters(certificateSet), - BouncyCastleProvider.PROVIDER_NAME); + BouncyCastleProvider.PROVIDER_NAME); } private boolean isExpired(X509Certificate cert) { @@ -309,18 +343,7 @@ public class SecurityManager { return false; } - private boolean isSelfSigned(Certificate cert) - throws CertificateException, NoSuchAlgorithmException, - NoSuchProviderException { - try { - // Try to verify certificate signature with its own public key - PublicKey key = cert.getPublicKey(); - cert.verify(key); - return true; - } catch (SignatureException | InvalidKeyException e) { - logger.error(e.getMessage(), e); - //not self-signed - return false; - } + private boolean isSelfSigned(X509Certificate cert) { + return cert.getIssuerDN().equals(cert.getSubjectDN()); } } diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java index 7c5cb662c7..0ed871d47c 100644 --- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/java/org/openecomp/sdc/vendorsoftwareproduct/security/SecurityManagerTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -21,9 +21,10 @@ package org.openecomp.sdc.vendorsoftwareproduct.security; import org.apache.commons.io.FileUtils; -import org.junit.After; -import org.junit.Before; -import org.junit.Test; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; import java.io.File; import java.io.IOException; @@ -36,32 +37,42 @@ import static junit.framework.TestCase.assertTrue; public class SecurityManagerTest { private File certDir; + private String cerDirPath = "/tmp/cert/"; private SecurityManager securityManager; - @Before + private File PrepareCertFiles(String origFilePath, String newFilePath) throws IOException, URISyntaxException { + File origFile = new File(getClass().getResource(origFilePath).toURI()); + File newFile = new File(newFilePath); + newFile.createNewFile(); + FileUtils.copyFile(origFile, newFile); + return newFile; + } + + private byte[] readAllBytes(String path) throws URISyntaxException, IOException { + return Files.readAllBytes(Paths.get(getClass().getResource(path).toURI())); + } + + @BeforeEach public void setUp() throws IOException { - certDir = new File("/tmp/cert"); - if(certDir.exists()){ + certDir = new File(cerDirPath); + if (certDir.exists()) { tearDown(); } certDir.mkdirs(); securityManager = new SecurityManager(certDir.getPath()); } - @After + @AfterEach public void tearDown() throws IOException { - if(certDir.exists()) { + if (certDir.exists()) { FileUtils.deleteDirectory(certDir); } securityManager.cleanTrustedCertificates(); } @Test - public void testGetCertificates() throws IOException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root-certificate.pem"); - File newFile = new File("/tmp/cert/root-certificate.pem"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); + public void testGetCertificates() throws IOException, SecurityManagerException, URISyntaxException { + File newFile = PrepareCertFiles("/cert/root-certificate.pem", cerDirPath + "/root-certificate.pem"); assertEquals(1, securityManager.getTrustedCertificates().size()); newFile.delete(); assertEquals(0, securityManager.getTrustedCertificates().size()); @@ -73,26 +84,22 @@ public class SecurityManagerTest { assertEquals(0, securityManager.getTrustedCertificates().size()); } - @Test(expected = SecurityManagerException.class) + @Test public void testGetCertificatesException() throws IOException, SecurityManagerException { - File newFile = new File("/tmp/cert/root-certificate.pem"); - newFile.createNewFile(); - assertEquals(1, securityManager.getTrustedCertificates().size()); - newFile.delete(); - assertEquals(0, securityManager.getTrustedCertificates().size()); + Assertions.assertThrows(SecurityManagerException.class, () -> { + File newFile = new File(cerDirPath + "root-certificate.pem"); + newFile.createNewFile(); + assertEquals(1, securityManager.getTrustedCertificates().size()); + newFile.delete(); + assertEquals(0, securityManager.getTrustedCertificates().size()); + }); } @Test - public void testGetCertificatesUpdated() throws IOException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root-certificate.pem"); - File newFile = new File("/tmp/cert/root-certificate.pem"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); + public void testGetCertificatesUpdated() throws IOException, SecurityManagerException, URISyntaxException { + File newFile = PrepareCertFiles("/cert/root-certificate.pem", cerDirPath + "root-certificate.pem"); assertTrue(securityManager.getTrustedCertificates().size() == 1); - File otherOrigFile = new File("src/test/resources/cert/package-certificate.pem"); - File otherNewFile = new File("/tmp/cert/package-certificate.pem"); - newFile.createNewFile(); - FileUtils.copyFile(otherOrigFile, otherNewFile); + File otherNewFile = PrepareCertFiles("/cert/package-certificate.pem", cerDirPath + "package-certificate.pem"); assertEquals(2, securityManager.getTrustedCertificates().size()); otherNewFile.delete(); assertEquals(1, securityManager.getTrustedCertificates().size()); @@ -102,58 +109,94 @@ public class SecurityManagerTest { @Test public void verifySignedDataTestCertIncludedIntoSignature() throws IOException, URISyntaxException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root.cert"); - File newFile = new File("/tmp/cert/root.cert"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); - byte[] signature = Files.readAllBytes(Paths.get(getClass().getResource("/cert/2-file-signed-package/dummyPnfv4.cms").toURI())); - byte[] archive = Files.readAllBytes(Paths.get(getClass().getResource("/cert/2-file-signed-package/dummyPnfv4.csar").toURI())); + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + byte[] signature = readAllBytes("/cert/2-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/2-file-signed-package/dummyPnfv4.csar"); assertTrue(securityManager.verifySignedData(signature, null, archive)); } - @Test(expected = SecurityManagerException.class) + @Test public void verifySignedDataTestCertNotIncludedIntoSignatureButExpected() throws IOException, URISyntaxException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root.cert"); - File newFile = new File("/tmp/cert/root.cert"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); - byte[] signature = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.cms").toURI())); - byte[] archive = Files.readAllBytes(Paths.get(getClass().getResource("/cert/2-file-signed-package/dummyPnfv4.csar").toURI())); - securityManager.verifySignedData(signature, null, archive); + Assertions.assertThrows(SecurityManagerException.class, () -> { + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + byte[] signature = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.csar"); + securityManager.verifySignedData(signature, null, archive); + }); + } @Test public void verifySignedDataTestCertNotIncludedIntoSignature() throws IOException, URISyntaxException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root.cert"); - File newFile = new File("/tmp/cert/root.cert"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); - byte[] signature = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.cms").toURI())); - byte[] archive = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.csar").toURI())); - byte[] cert = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.cert").toURI())); + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + byte[] signature = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.csar"); + byte[] cert = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cert"); assertTrue(securityManager.verifySignedData(signature, cert, archive)); } - @Test(expected = SecurityManagerException.class) + @Test + public void verifySignedDataTestCertIntermediateNotIncludedIntoSignature() throws IOException, URISyntaxException, SecurityManagerException { + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + PrepareCertFiles("/cert/signing-ca2.crt", cerDirPath + "signing-ca2.crt"); + byte[] signature = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.csar"); + byte[] cert = readAllBytes("/cert/3-file-signed-package/dummyPnfv4-no-intermediate.cert"); + assertTrue(securityManager.verifySignedData(signature, cert, archive)); + } + + @Test + public void verifySignedDataTestCertWrongIntermediate() throws IOException, URISyntaxException, SecurityManagerException { + Assertions.assertThrows(SecurityManagerException.class, () -> { + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + PrepareCertFiles("/cert/signing-ca1.crt", cerDirPath + "signing-ca1.crt"); + byte[] signature = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.csar"); + byte[] cert = readAllBytes("/cert/3-file-signed-package/dummyPnfv4-no-intermediate.cert"); + securityManager.verifySignedData(signature, cert, archive); + }); + + } + + @Test + public void verifySignedDataTestCertIncludedIntoSignatureWithWrongIntermediateInDirectory() throws IOException, URISyntaxException, SecurityManagerException { + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + PrepareCertFiles("/cert/signing-ca1.crt", cerDirPath + "signing-ca1.crt"); + byte[] signature = readAllBytes("/cert/2-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/2-file-signed-package/dummyPnfv4.csar"); + assertTrue(securityManager.verifySignedData(signature, null, archive)); + } + + @Test + public void verifySignedDataTestCertWrongIntermediateInDirectory() throws IOException, URISyntaxException, SecurityManagerException { + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + PrepareCertFiles("/cert/signing-ca1.crt", cerDirPath + "signing-ca1.crt"); + byte[] signature = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.csar"); + byte[] cert = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cert"); + assertTrue(securityManager.verifySignedData(signature, cert, archive)); + } + + @Test public void verifySignedDataTestWrongCertificate() throws IOException, URISyntaxException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root-certificate.pem"); - File newFile = new File("/tmp/cert/root-certificate.cert"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); - byte[] signature = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.cms").toURI())); - byte[] archive = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.csar").toURI())); - byte[] cert = Files.readAllBytes(Paths.get(getClass().getResource("/cert/3-file-signed-package/dummyPnfv4.cert").toURI())); - securityManager.verifySignedData(signature, cert, archive); + Assertions.assertThrows(SecurityManagerException.class, () -> { + PrepareCertFiles("/cert/root-certificate.pem", cerDirPath + "root-certificate.cert"); + byte[] signature = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.csar"); + byte[] cert = readAllBytes("/cert/3-file-signed-package/dummyPnfv4.cert"); + securityManager.verifySignedData(signature, cert, archive); + }); + } - @Test(expected = SecurityManagerException.class) + @Test public void verifySignedDataTestChangedArchive() throws IOException, URISyntaxException, SecurityManagerException { - File origFile = new File("src/test/resources/cert/root.cert"); - File newFile = new File("/tmp/cert/root.cert"); - newFile.createNewFile(); - FileUtils.copyFile(origFile, newFile); - byte[] signature = Files.readAllBytes(Paths.get(getClass().getResource("/cert/tampered-signed-package/dummyPnfv4.cms").toURI())); - byte[] archive = Files.readAllBytes(Paths.get(getClass().getResource("/cert/tampered-signed-package/dummyPnfv4.csar").toURI())); - securityManager.verifySignedData(signature, null, archive); + Assertions.assertThrows(SecurityManagerException.class, () -> { + PrepareCertFiles("/cert/root.cert", cerDirPath + "root.cert"); + byte[] signature = readAllBytes("/cert/tampered-signed-package/dummyPnfv4.cms"); + byte[] archive = readAllBytes("/cert/tampered-signed-package/dummyPnfv4.csar"); + securityManager.verifySignedData(signature, null, archive); + }); + } } diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/2-file-signed-package/dummyPnfv4.cms b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/2-file-signed-package/dummyPnfv4.cms index 2a8a7b54bf..6098f22593 100644 --- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/2-file-signed-package/dummyPnfv4.cms +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/2-file-signed-package/dummyPnfv4.cms @@ -1,34 +1,56 @@ -----BEGIN CMS----- -MIIFzQYJKoZIhvcNAQcCoIIFvjCCBboCAQExDTALBglghkgBZQMEAgEwCwYJKoZI -hvcNAQcBoIIDJDCCAyAwggIIAgkA1fOx4pBO5yQwDQYJKoZIhvcNAQELBQAwUjEL -MAkGA1UEBhMCSUUxEjAQBgNVBAgMCVdlc3RtZWF0aDEQMA4GA1UEBwwHQXRobG9u -ZTEMMAoGA1UECgwDRVNZMQ8wDQYDVQQLDAZUZWNobm8wHhcNMTkwNDMwMDk0MzA4 -WhcNMjkwNDI3MDk0MzA4WjBSMQswCQYDVQQGEwJJRTESMBAGA1UECAwJV2VzdG1l -YXRoMRAwDgYDVQQHDAdBdGhsb25lMQwwCgYDVQQKDANFU1kxDzANBgNVBAsMBlRl -Y2hubzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMagTjuhg4JMK1qq -2lvWYSYd6obluvrfSh8t8qEN6HyE9OOSZ+GP5JEj5Jv2s3HwMMx8Ld/j5xauEIph -Xudjx6JXSybVq7CB6meHqTm6zaojOk8FqQGqhfArFDboYX2OPCAGMgx9+o8+xeQQ -SlwxurLTjxKwiZUSnWd0WaK6Eah+lkrRcKeN//PPJuHOtb5eBTgFE3rlOYmTYGIB -fmXRrKT87K/HUKtp56KHUHtdwU7siqFZH1snNSSzG1Qf9Xtc5Lp8D+fkEW8BDYME -JL+94+QRbBemCqIV1hQsoSSFZGhITqIwhWTzLgXmS7fM/M9F6C8w7p+kRh3j+omp -33kzM6cCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAcJvsuyTj7GZBm/Y3Xlc4XU6j -LLlEIyGmnzqU5o87AbtKEfq/MxbpYDHwEA4FkQzwAdFbHO3/zrUoQ1RwArXVpdk+ -AaQL7kyVu+y69mh7dFMzYHpala/47Rrz7cSRWhArhHzTVYBJkVaPo00aJXLF2LeD -qmxJI75YQ/qT4elUMmMGQt9RUkSHQCqxCWWYlWCFdAJouLXFAPd22BFVyETokVOT -84ajB1y+LDBUX3gBg44fcdQaAyYmSl9Rfaur0VzppzghBHivsJ0K8RmjPZjQqRWI -NQwRKUKdDV/pZTL1OcQG2uJDhXV71Yb8DH7KD1FuuVL0LQjT9nYxJ1INqovdPjGC -Am8wggJrAgEBMF8wUjELMAkGA1UEBhMCSUUxEjAQBgNVBAgMCVdlc3RtZWF0aDEQ -MA4GA1UEBwwHQXRobG9uZTEMMAoGA1UECgwDRVNZMQ8wDQYDVQQLDAZUZWNobm8C -CQDV87HikE7nJDALBglghkgBZQMEAgGggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3 -DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwNDMwMDk0NTQ4WjAvBgkqhkiG9w0BCQQx +MIIJ7QYJKoZIhvcNAQcCoIIJ3jCCCdoCAQExDTALBglghkgBZQMEAgEwCwYJKoZI +hvcNAQcBoIIHEDCCAzkwggIhAhQlYYBMA/D1rLopIQb8Nlq4Tk5azDANBgkqhkiG +9w0BAQsFADB6MRMwEQYKCZImiZPyLGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYG +c2ltcGxlMRMwEQYDVQQKDApTaW1wbGUgSW5jMRowGAYDVQQLDBFTaW1wbGUgU2ln +bmluZyBDQTEaMBgGA1UEAwwRU2ltcGxlIFNpZ25pbmcgQ0EwHhcNMjEwMTE0MTEy +MTU3WhcNMjEwMjEzMTEyMTU3WjA4MQswCQYDVQQGEwJQTDEMMAoGA1UECAwDU0lM +MQwwCgYDVQQHDANXUk8xDTALBgNVBAoMBE5PSzEwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQCh9XoFXEIOosrdtgMrTBD1SkLGyuaLNOhRxCT5iPDuiQdR +g8yLBQQHZv8nUQG7VXICJjgdfoVaO/sic+683RwXb3HFmxI3/Q1zZ8K6aPL5zTZs +gJKf/31Z/ZnEyLO2zYknVGSlQGj/r8/pSC7HqoGljzpH+nYyN7e8WxfWnbLn4/jT +uqA9afJmuvrbacI8LnaH18HIAf3LpsCXh1ullVBFonvz19mKmJLAhdFXbp/65eyh +x2hwuzdG0EeA4eXIHiOyw6XI2MqkwWMGcwHC4iY0MZi9OYBm6oGRzSakBVHylD8+ +kqnG4zV8ELZPorG/P7x4/U8D7zx3Ni0d0uRDTGI9AgMBAAEwDQYJKoZIhvcNAQEL +BQADggEBAAAa/cchx4I93RfYRZBcc1cpfRoyxgZSDWPUGgMYmJka6atwVCA5lm6R +VGXqsWMZQOfIXC8bys2h6cfJjWqcoOr9yKARFcl5jGIsizkheLHCOUpS0KOjWRc2 +aw5bcgocmg0J0InRAPMuzLZNj1rQP0U08bFakPnDkci5w+EHgtE64e1YsKiIH9zn +mzZQPrIS0aEqYxM+FF8RX58pDadYwCoxIjKeG8rrTtPJ/m1soc8SjPzm5oIvFVuR +P0B71mYg3xCLz/xT6mB1i4iCZSTnYimtZeB13o41ZUfRwiz1OR2Js0s0PyBIo7FG +kwdHenly5OrgWrQj7nkEMYANqRBiOTQwggPPMIICt6ADAgECAgEDMA0GCSqGSIb3 +DQEBBQUAMHQxEzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/IsZAEZFgZz +aW1wbGUxEzARBgNVBAoMClNpbXBsZSBJbmMxFzAVBgNVBAsMDlNpbXBsZSBSb290 +IENBMRcwFQYDVQQDDA5TaW1wbGUgUm9vdCBDQTAeFw0yMTAxMTQxMTE2MDFaFw0z +MTAxMTQxMTE2MDFaMHoxEzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/Is +ZAEZFgZzaW1wbGUxEzARBgNVBAoMClNpbXBsZSBJbmMxGjAYBgNVBAsMEVNpbXBs +ZSBTaWduaW5nIENBMRowGAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBANp72EBqP6zBjDTnK699SPPl66NiH6AF +FxsAfwJfYYkPWo+2IdVGSriNdzDcSuN7b8shZJgHIJP7Cg0FzbXXiX8fzo9SX5Zi +tPaTbJFCDKg3U/he4hT4g1/jmv0odYnuvrP4GmbMo2UTFXTZrhxuO9xxApC2j9h0 +JlZ2+q+oRJOdEt56I94Vp417VK3CphSjr0tzDH0HKXghhcZsRJ4xkemKtDfGY0jG +QXgKn9QSdWXVoHJos3Epk3iUo5Z3Su9iuaj67BE45EkxAISJ8RGZbAI8an0c0GBL +dV2DbQQVIEhQDhx8Vgp7L3ajLtCeLc9H/xejdi2N2P0jINgkm2Q6RFcCAwEAAaNm +MGQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE +FC939g4q+VR0OqEHVGe4Zlz6rtcXMB8GA1UdIwQYMBaAFAgM0OVRW6bn6QfHaT66 +qzaji9NLMA0GCSqGSIb3DQEBBQUAA4IBAQBtVWuQZJEJc/s+IoUSjc/1jJDg7jSe +dDDTDOn6XMm3XH4LazsAA+p7vP4ozJyhHgi0aaIRt/AjXjM/S+LrHSi370NouMrr +o/uYkjvhqRiG/j1rLw31twkQ/maJowkp4i/VFu9elJYUEHkc9oLJgi27dpDx4C1n +ARd7aYSDMYf3FqH5RiOcNoFRO4rCyQ7aqb9zqkb/XTU1NEv8Y8UDN44mosSV0FuU +RpS/I+dL4HxIKAQTteexWV6F9CNjPfj11cqQ8iAlNoJQqHUX0LcyEp1uK/qZFWuf +x8N/Lu5bGbe/9I6+eVCThwigIFzQRVwA5erEEkqxWfsko2+lzM5zwYesMYICozCC +Ap8CAQEwgZIwejETMBEGCgmSJomT8ixkARkWA29yZzEWMBQGCgmSJomT8ixkARkW +BnNpbXBsZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UECwwRU2ltcGxlIFNp +Z25pbmcgQ0ExGjAYBgNVBAMMEVNpbXBsZSBTaWduaW5nIENBAhQlYYBMA/D1rLop +IQb8Nlq4Tk5azDALBglghkgBZQMEAgGggeQwGAYJKoZIhvcNAQkDMQsGCSqGSIb3 +DQEHATAcBgkqhkiG9w0BCQUxDxcNMjEwMTE0MTQxOTIwWjAvBgkqhkiG9w0BCQQx IgQg9ya6QcX9J6hp+zfK1gceoLlpApp92mfxGoX3eZ1dMUwweQYJKoZIhvcNAQkP MWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCGSAFlAwQBAjAKBggq hkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcw -DQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAro+kIUh55FUNdajxNoWo -+795hI6XYi/O4B6aJOmBUmcRhlCw5hQBKkt/pRdySlh14b0v4GNC3Uon+3scNTMG -eVluws0NDpZAihBqRswnvR/mVK0CLHR3uqFNU9la3sJgbBK2FUlf5nkNEPZtGhcQ -192n+dYlOb9UCDaxW2sXcsMzHQw4r7FipjHzVSXvDmX0u6ZN/oIbXp51fsCsAYOY -pgmCP600UGBNguiOnoFI+6l+TEGe5A8/DccRKfxWVYCopDYA8xd5A4b0tHh3dHJZ -mjFgVwvJMUy3+q1M0mSVzkp5Sq6wlQTyzLDCf8SLHCwo/mXAQKCt8e5FxMEUS8Qd -BA== +DQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAL/PVtlfAYv69O5z6NiWA +YNs8sY0wOnRvkT5s0axKKPuKd05RgT7WeyS/mPIcsnOO7zTVhdIMr5D6QukNHbat +ZJByajttVthYhQZxwDjVvU79zjexolaQ++8f/6z7v5PGpbXN1SWN1G8uTlRJbXfb +hv9qcNOre/CQMHXArFJsCoFObtjvx/80N+oPRtJPXbGyw/DJKUcQNvwtvHdAqzgw +qVMJWCwowkjX/7M1+oV5t2sXEA83lk0V0P/JLCGH9gBJMqZlNjFf01beaL5+nrlg +XQGqvbvy9XLdIP2pESr2YoX+gM6Uo0XX69aknU5/4ZjHuvZf8IRHizcZVOFJQaLj +Lg== -----END CMS----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4-no-intermediate.cert b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4-no-intermediate.cert new file mode 100644 index 0000000000..85b932e17b --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4-no-intermediate.cert @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDOTCCAiECFFqXkiZIzIdNPTG62Jbr3Ub37ZuTMA0GCSqGSIb3DQEBCwUAMHox +EzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/IsZAEZFgZzaW1wbGUxEzAR +BgNVBAoMClNpbXBsZSBJbmMxGjAYBgNVBAsMEVNpbXBsZSBTaWduaW5nIENBMRow +GAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTAeFw0yMTAxMTQxMTMxMDhaFw0yMTAy +MTMxMTMxMDhaMDgxCzAJBgNVBAYTAlBMMQwwCgYDVQQIDANTSUwxDDAKBgNVBAcM +A1dSTzENMAsGA1UECgwETk9LMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALbulTgLmez9BZHSjMhUNaZURHe12RRAR9JoTTDUJkLr1WVMZRieFUC74PQP +w51qVy/KAKs7uBUCkpVARcH3sRbdrTDmc3LanUy9hZqzeJdupi+Zp/RlvP+kXTji +BX4E2hg2a3QBD/zNoBmvLWPTsYsNSxR5mxkm9pL6qFGI84D0l/FWs9jAa60UCBRM +gIU70JGgU7jx99E6bPUU4Ruuywi8MZpCdW61apVQK1l2rLPSumLm13Ho4l2aI3L+ +bvTy7wzgtURnpHEnOvZUx7pSMwymPOjRvs58sgfQ6FZ0KMkixeHFKdcqwl+msTbN +a/3nmqCYURmHsYXxaORCBlD3PHcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAdBZd +inECILJpNkfhU8ocqkh9s17KzGtoG/Ybo2LslD/dCXlbbC4rLJdsVaQXKp/j03xF +ZftRj+NMjRatj9KJ1sibN7YNJDo7u3rk0oKSuMRx4FmI+IzKF8I9usg+CFgA1S+P +4ndH+3THd9VPjIpuH8yjZ0lXDvqBubnKM11JmW2ljPS7UKPdTasFiIQkV8swVn6d +3tHBsns/juvGUEDLTdO3lYDK0WEr8pKr+Cj0hcmOZoV8YxBnw402X0g35tzNTAH7 +BhUuGhjRsUksSRPdYjZRjLm/ieIf5huAcWLtEyPDmiHFyNTEDIbSLYncfNDcTsQZ +NSqYN8Ixin+/mpN86g== +-----END CERTIFICATE-----
\ No newline at end of file diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cert b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cert index fa70b69c87..7d03a59add 100644 --- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cert +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cert @@ -1,19 +1,43 @@ -----BEGIN CERTIFICATE----- -MIIDIDCCAggCCQDV87HikE7nJDANBgkqhkiG9w0BAQsFADBSMQswCQYDVQQGEwJJ -RTESMBAGA1UECAwJV2VzdG1lYXRoMRAwDgYDVQQHDAdBdGhsb25lMQwwCgYDVQQK -DANFU1kxDzANBgNVBAsMBlRlY2hubzAeFw0xOTA0MzAwOTQzMDhaFw0yOTA0Mjcw -OTQzMDhaMFIxCzAJBgNVBAYTAklFMRIwEAYDVQQIDAlXZXN0bWVhdGgxEDAOBgNV -BAcMB0F0aGxvbmUxDDAKBgNVBAoMA0VTWTEPMA0GA1UECwwGVGVjaG5vMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqBOO6GDgkwrWqraW9ZhJh3qhuW6 -+t9KHy3yoQ3ofIT045Jn4Y/kkSPkm/azcfAwzHwt3+PnFq4QimFe52PHoldLJtWr -sIHqZ4epObrNqiM6TwWpAaqF8CsUNuhhfY48IAYyDH36jz7F5BBKXDG6stOPErCJ -lRKdZ3RZoroRqH6WStFwp43/888m4c61vl4FOAUTeuU5iZNgYgF+ZdGspPzsr8dQ -q2nnoodQe13BTuyKoVkfWyc1JLMbVB/1e1zkunwP5+QRbwENgwQkv73j5BFsF6YK -ohXWFCyhJIVkaEhOojCFZPMuBeZLt8z8z0XoLzDun6RGHeP6ianfeTMzpwIDAQAB -MA0GCSqGSIb3DQEBCwUAA4IBAQBwm+y7JOPsZkGb9jdeVzhdTqMsuUQjIaafOpTm -jzsBu0oR+r8zFulgMfAQDgWRDPAB0Vsc7f/OtShDVHACtdWl2T4BpAvuTJW77Lr2 -aHt0UzNgelqVr/jtGvPtxJFaECuEfNNVgEmRVo+jTRolcsXYt4OqbEkjvlhD+pPh -6VQyYwZC31FSRIdAKrEJZZiVYIV0Ami4tcUA93bYEVXIROiRU5PzhqMHXL4sMFRf -eAGDjh9x1BoDJiZKX1F9q6vRXOmnOCEEeK+wnQrxGaM9mNCpFYg1DBEpQp0NX+ll -MvU5xAba4kOFdXvVhvwMfsoPUW65UvQtCNP2djEnUg2qi90+ +MIIDOTCCAiECFFqXkiZIzIdNPTG62Jbr3Ub37ZuTMA0GCSqGSIb3DQEBCwUAMHox +EzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/IsZAEZFgZzaW1wbGUxEzAR +BgNVBAoMClNpbXBsZSBJbmMxGjAYBgNVBAsMEVNpbXBsZSBTaWduaW5nIENBMRow +GAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTAeFw0yMTAxMTQxMTMxMDhaFw0yMTAy +MTMxMTMxMDhaMDgxCzAJBgNVBAYTAlBMMQwwCgYDVQQIDANTSUwxDDAKBgNVBAcM +A1dSTzENMAsGA1UECgwETk9LMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALbulTgLmez9BZHSjMhUNaZURHe12RRAR9JoTTDUJkLr1WVMZRieFUC74PQP +w51qVy/KAKs7uBUCkpVARcH3sRbdrTDmc3LanUy9hZqzeJdupi+Zp/RlvP+kXTji +BX4E2hg2a3QBD/zNoBmvLWPTsYsNSxR5mxkm9pL6qFGI84D0l/FWs9jAa60UCBRM +gIU70JGgU7jx99E6bPUU4Ruuywi8MZpCdW61apVQK1l2rLPSumLm13Ho4l2aI3L+ +bvTy7wzgtURnpHEnOvZUx7pSMwymPOjRvs58sgfQ6FZ0KMkixeHFKdcqwl+msTbN +a/3nmqCYURmHsYXxaORCBlD3PHcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAdBZd +inECILJpNkfhU8ocqkh9s17KzGtoG/Ybo2LslD/dCXlbbC4rLJdsVaQXKp/j03xF +ZftRj+NMjRatj9KJ1sibN7YNJDo7u3rk0oKSuMRx4FmI+IzKF8I9usg+CFgA1S+P +4ndH+3THd9VPjIpuH8yjZ0lXDvqBubnKM11JmW2ljPS7UKPdTasFiIQkV8swVn6d +3tHBsns/juvGUEDLTdO3lYDK0WEr8pKr+Cj0hcmOZoV8YxBnw402X0g35tzNTAH7 +BhUuGhjRsUksSRPdYjZRjLm/ieIf5huAcWLtEyPDmiHFyNTEDIbSLYncfNDcTsQZ +NSqYN8Ixin+/mpN86g== +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDzzCCAregAwIBAgIBBDANBgkqhkiG9w0BAQUFADB0MRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQLDA5TaW1wbGUgUm9vdCBDQTEXMBUGA1UEAwwOU2ltcGxlIFJv +b3QgQ0EwHhcNMjEwMTE0MTEyOTM4WhcNMzEwMTE0MTEyOTM4WjB6MRMwEQYKCZIm +iZPyLGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApT +aW1wbGUgSW5jMRowGAYDVQQLDBFTaW1wbGUgU2lnbmluZyBDQTEaMBgGA1UEAwwR +U2ltcGxlIFNpZ25pbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQC3pEswhtivkFvXovmrNB3dCkC1ETozigHRJBheCq2k0s23D0YWWrVc3dkQz7Vq +FOgjwzX3hS+CE34DdijBfd3tO3izTrisuIeXLCFn41t0wYfRvLoe85iO6xaQCU/6 +u9KS/Hd5dJ7eQU4+/cxcCDPUWPdEXIZixI1wwaHnhwoLahYH2mb/uxu+Gw4UJaA2 +1OVjsqX9COdPxE7Ud9soXVnNwAVVwgCdRJS0950y0jz5G6TKgIXCFDYk8l9QszM+ +7J5YcZTVPdGX973MpaoRajg7xv+rooGrZ/IQzUN5dQnDkyIQW1g0u9QX7CuQonob +aKveJTRwSBkpV+7k+C52B1blAgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNV +HRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQlwJ5evFvKOiIAbDQoMd3mGKu2vjAf +BgNVHSMEGDAWgBQIDNDlUVum5+kHx2k+uqs2o4vTSzANBgkqhkiG9w0BAQUFAAOC +AQEAQBZLEeLU8u3nsgRvOg5mLUVLPpUnRw41fRTHQL/Onf0lYAONT32KfB8R+Ewn +4QxyPD/vFaw8t5zTgelYf77mjproExJoLC6mdUXVkew6P5VgK1k2b+pojAFLlq0c +RSD+Ydv9DMNqhHJHjvVgdpiQACehZRWVaaMcqUhrlk4Tk1Sn+1yTS8aUl58JNnC2 +esy2HY0eDbNUEal6q+yAdukU4qiZy09/WO9l5/72tTFFnmnH9k2oM9kV1+Eck/8D +db5TjKkC8ufDCwb2coMyVdqsj1ytPQ2g4ofSu2+wBwruvStaCRCcORpmboa+MM55 +3EAieMqi+0Q7+VugRZ19mT9mPg== -----END CERTIFICATE----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cms b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cms index 12c847180d..5c0239a84d 100644 --- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cms +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/3-file-signed-package/dummyPnfv4.cms @@ -1,17 +1,18 @@ -----BEGIN CMS----- -MIICpQYJKoZIhvcNAQcCoIICljCCApICAQExDTALBglghkgBZQMEAgEwCwYJKoZI -hvcNAQcBMYICbzCCAmsCAQEwXzBSMQswCQYDVQQGEwJJRTESMBAGA1UECAwJV2Vz -dG1lYXRoMRAwDgYDVQQHDAdBdGhsb25lMQwwCgYDVQQKDANFU1kxDzANBgNVBAsM -BlRlY2hubwIJANXzseKQTuckMAsGCWCGSAFlAwQCAaCB5DAYBgkqhkiG9w0BCQMx -CwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xOTA0MzAwOTQzMjFaMC8GCSqG -SIb3DQEJBDEiBCD3JrpBxf0nqGn7N8rWBx6guWkCmn3aZ/Eahfd5nV0xTDB5Bgkq -hkiG9w0BCQ8xbDBqMAsGCWCGSAFlAwQBKjALBglghkgBZQMEARYwCwYJYIZIAWUD -BAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDAH -BgUrDgMCBzANBggqhkiG9w0DAgIBKDANBgkqhkiG9w0BAQEFAASCAQBN5EhIHoiC -eiuqVFxowatLjDatpH9+el/huNbfgWyS/P0X1j95XYgQgnuWeHNmYJtr/L5ph1+9 -YDyxmY2QEmmO66RGIUJ2rMY2q02vWrw4yZHRsQNUm0PmutkYCoMvoNODH8cbisKy -dX9Z9XdrnXOZb6PX0XBJubPKRV3x3/gQ2EEBWaXv5tu8/gV7QbUK37QhQsmKg5d8 -o4elpvWPlzWIk8O1Is+0I44zkHAyMwqFuUQMB+RaVq8GovpDKN+wwQvGRfb3uuNc -2uxlOYBbxJMH6wdzFQH/B8+eUnUFhd4Ijdc0iChabJC6u2WbPxkUPwegR6Y3uXGZ -gueFNQ/LUIzE +MIIC2QYJKoZIhvcNAQcCoIICyjCCAsYCAQExDTALBglghkgBZQMEAgEwCwYJKoZI +hvcNAQcBMYICozCCAp8CAQEwgZIwejETMBEGCgmSJomT8ixkARkWA29yZzEWMBQG +CgmSJomT8ixkARkWBnNpbXBsZTETMBEGA1UECgwKU2ltcGxlIEluYzEaMBgGA1UE +CwwRU2ltcGxlIFNpZ25pbmcgQ0ExGjAYBgNVBAMMEVNpbXBsZSBTaWduaW5nIENB +AhRal5ImSMyHTT0xutiW691G9+2bkzALBglghkgBZQMEAgGggeQwGAYJKoZIhvcN +AQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjEwMTE0MTIxOTU4WjAv +BgkqhkiG9w0BCQQxIgQg9ya6QcX9J6hp+zfK1gceoLlpApp92mfxGoX3eZ1dMUww +eQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsGCWCG +SAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwIC +AUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEAdOCW +TAQvGstVNgytaVTikXWUmqFC5dNq96cDKCfyNYLeaXg2ZqSmzyhyfFz4pChmaG2P +hO9kP/6LilD2+wJj4tvhRB5eLmO6Sl13aPwx5VtJme1gvITjP7/z92ttbljhW1GT +8ElGawnF9XjkqXI+S1S9YWdqR/SzSc4SVFcAoq7QEtg8l1XPQqsShOP8vmL0oc/D +TXnxEtmVyxGjPnqrWFYsJTrzhKTpQ/ITsaz++lULrFInUsOeQ/MhncJXfisxbWGA +qUekLoGiDqaFDqd4wgH0p6CHtay/F5JIgpYD7raFBsODXDzpzE/GUhmOXN0R9sPo +Da6b0nclWuKmkHdI1A== -----END CMS----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package-private1.key b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package-private1.key new file mode 100644 index 0000000000..28ab7a998c --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package-private1.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCh9XoFXEIOosrd +tgMrTBD1SkLGyuaLNOhRxCT5iPDuiQdRg8yLBQQHZv8nUQG7VXICJjgdfoVaO/si +c+683RwXb3HFmxI3/Q1zZ8K6aPL5zTZsgJKf/31Z/ZnEyLO2zYknVGSlQGj/r8/p +SC7HqoGljzpH+nYyN7e8WxfWnbLn4/jTuqA9afJmuvrbacI8LnaH18HIAf3LpsCX +h1ullVBFonvz19mKmJLAhdFXbp/65eyhx2hwuzdG0EeA4eXIHiOyw6XI2MqkwWMG +cwHC4iY0MZi9OYBm6oGRzSakBVHylD8+kqnG4zV8ELZPorG/P7x4/U8D7zx3Ni0d +0uRDTGI9AgMBAAECggEAbzvcgV/60niGYj3G8W692uoU8Nmb+5Hr2XSgfG3MI9gj +GZ4u1nAsczUPGx6s1M/7jHRZaBBkYDP/6Iq9NiOaTpIxDqnRmniHS3LBMCwybNS/ +g0fO7GqZ2jut55R8sZl6kHOK6GBTfQBwCGWWE3YMsvuq6JKhqR3RaGEb/z+yB0bY +wsnfxgaD4/ZkNpxR0ybtZSlYE4Oo8kfMfx9AXZZdJW3vgblcKCZZFJiBPPiznH02 +SS6ETOlNo2YU5gO+IQraaBIPpjE0cICIoHLGGfvBFn3eI1ujWVo45JZoLdir1jd+ +kWKg26+TMvuLDkEcAPqNVm0bkv5aFQc3bL88hfYVFQKBgQDUkWflM+05rHTrNB6z +lUfNHG2fFOUr4aX2tY1dlPMUTY9KjDoP2EDBG0HdohkeoRCl9fDp6qUKpScexI4w +kkmP4C0ak1WLBBqFJb+QOwd3X4SeBj4Oa3v6V/N5n+49FXOWuRvmrnO2Nodq67+/ +JueGtfVn4BY9jsQSeNr3LeM+5wKBgQDDDOiDbN5wYUNBlveP8XREGhuLWbZYf2jQ +cNv7gDZt4jqUS5PnV7oY+/NyRnThQJ8WO/i5e8/Cjj7IvdMof0GPCL9Y9WMQqW74 +ICpcOghzJ/goqDf++yH8Bok133DWdJtFRnIAEcARIUqVe30bFu8KaW7kYYpU3d73 +Rijnwk6lOwKBgGSGczzIhsp8jTpiBpbk5PTSGeFej1ZmOwdmKnl0JFSYrUgS8q5l +lZH9IvP+YaTDhM0HdywYRH65RbveNmQv+kvpN0tXG+BHS4dmJ6a807YXXO8igpxt +Jk9o4oLFKHSIvYYs+k3oeF5WgUoGPULX0iw5xtmd9sabyov1zY+RiuNHAoGAWt83 +sItXMtpNoFA6dGiUt2nGbWzVhHOPnJUIGCtKsHUWv6JafQylGiC/8fybVZpqw8wa +/CePyt/Epnex2gs3uvDjXQmuJsQZfCZYNfGfoC798cs1k2jjE2zkHiJEitV2xZal +ZBzg89ojynLm/Wj440vtqx86eIGJ8IBSbG9dfqMCgYEA0oxTHu1ETUrbriCi3ujf +PilUHoanvHAaiLV1b3TR6+WkN6zioCLuOQglkKMBSBc5DjFcm5POmQRHtN9RqdhR +JbI16VZ29e+fF330YF4aq4nnHQ++/B0jea2DIWte0mQmFPIDyzWWRRioiBbPhE+P +mSH5W/dtbX46Hd5iXrf8844= +-----END PRIVATE KEY----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package-private2.key b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package-private2.key new file mode 100644 index 0000000000..8894bdb7ee --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package-private2.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC27pU4C5ns/QWR +0ozIVDWmVER3tdkUQEfSaE0w1CZC69VlTGUYnhVAu+D0D8OdalcvygCrO7gVApKV +QEXB97EW3a0w5nNy2p1MvYWas3iXbqYvmaf0Zbz/pF044gV+BNoYNmt0AQ/8zaAZ +ry1j07GLDUsUeZsZJvaS+qhRiPOA9JfxVrPYwGutFAgUTICFO9CRoFO48ffROmz1 +FOEbrssIvDGaQnVutWqVUCtZdqyz0rpi5tdx6OJdmiNy/m708u8M4LVEZ6RxJzr2 +VMe6UjMMpjzo0b7OfLIH0OhWdCjJIsXhxSnXKsJfprE2zWv955qgmFEZh7GF8Wjk +QgZQ9zx3AgMBAAECggEAMLR7JE3qcK+5UOb3Nss88YkUJa9UGdE3jizZCHwjp8O0 +sGDTtec5D2A2d6TO11Wd2wp0fSLMU0O5FWXkbM1u6ACjgRaKfHT6VplLPjI0lFUQ +iDHoBukjlgkEDQYYokHWc4XhvCQgRpXU36HFewO9DKHAcLYj9mFqWx3DvNmyw41n ++FvclDx5gZ392MehV0m2wp3ZBihaAqkW6lG8fLusbJahCzOpvBA8dlqwaclJ47HD +vfRC0iHHI03y0P6Uegy4tpTv0Q7xhIP5LYRBal3vxpPIHLLcPPvaoo7ZhgZFal0E +2T2gBCL5P8KV61pp0Tk5h4ShA7PJXt459rQ9ke72gQKBgQDzAK8looOydbPSqBgU +s6YPUgawnPDcWPpejPwZFleHhaVzWq9Fgj7hOPszrbLKu+so1A7A7ylac11QUKY2 +ZqeG+d0/Re/bpQKdiFN92EybM/PzW10H/K5enEv9rJGehuS+rdNJuln1gj2oEIm0 +usQmMBi0QjgSfCVArOHv4Vi6NwKBgQDAt2FPY0cDCoSsv3jj9qEYWOY2SsVgu56X +AV+PBA/mayx90HkpRFR9yn8mpD4/DuZM6jtT/hTL9ZtKqYy8w71CcBfzbxaqmNwK +V6s+BPL5H9+gU5AxyEDqHioz4Bk2sjyhmaO3ro+NG3FutI6NQ3mujmz45haE9Szu +gBVcz9NvwQKBgFYxce65fFk6orQf55rANjDM+Y5/vHeMIBKVk34ajKWHZC5Mhkrz +bfZZTdEA1aBPk5QB09Hfgx2QOhMY6Dv3oYig7DdbST7xgsH57xN+O335qZgyWgdR +O1BXxCSQp35BfrWb1owaS3pn3hLU+uNeM+EPwlN+AYGdA2GzcNizZ9N1AoGAI9Y2 +D0g73VHoaCNW/LVRMbDeZnwzBhD9pcEInxS3TDbj2CWbUlQ1jgrI6Eukk59Wrjjk +fXMDNQZgMVskI7oWiLNFkOw4f9LbIEU7P9Y1xKPrtumzJ77Aa4jeejUTGzu70KU8 +b5zTbv8Kcfa7h4NjrlUn6IUI7QKWr2c8Eb1H6UECgYAY3WC6+vOnTD409pt8UzyN +1eiQwAvIAFtfS1b1lg95pIZvC5BlSn3O/3LVSfo2dAIvH6i1UDfgHozxHt8sM0jQ +FwuMsbW5L5yxktJg8hFBBpT+jYZpskbA/UhAgZSHV8ns4SAo5dlUY/ErG5S0TIXN +Wx21/Sm4PMVUv/3gDJFdUQ== +-----END PRIVATE KEY----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package1.cert b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package1.cert new file mode 100644 index 0000000000..fb41d2ff2e --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package1.cert @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDOTCCAiECFCVhgEwD8PWsuikhBvw2WrhOTlrMMA0GCSqGSIb3DQEBCwUAMHox +EzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/IsZAEZFgZzaW1wbGUxEzAR +BgNVBAoMClNpbXBsZSBJbmMxGjAYBgNVBAsMEVNpbXBsZSBTaWduaW5nIENBMRow +GAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTAeFw0yMTAxMTQxMTIxNTdaFw0yMTAy +MTMxMTIxNTdaMDgxCzAJBgNVBAYTAlBMMQwwCgYDVQQIDANTSUwxDDAKBgNVBAcM +A1dSTzENMAsGA1UECgwETk9LMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAKH1egVcQg6iyt22AytMEPVKQsbK5os06FHEJPmI8O6JB1GDzIsFBAdm/ydR +AbtVcgImOB1+hVo7+yJz7rzdHBdvccWbEjf9DXNnwrpo8vnNNmyAkp//fVn9mcTI +s7bNiSdUZKVAaP+vz+lILseqgaWPOkf6djI3t7xbF9adsufj+NO6oD1p8ma6+ttp +wjwudofXwcgB/cumwJeHW6WVUEWie/PX2YqYksCF0Vdun/rl7KHHaHC7N0bQR4Dh +5cgeI7LDpcjYyqTBYwZzAcLiJjQxmL05gGbqgZHNJqQFUfKUPz6SqcbjNXwQtk+i +sb8/vHj9TwPvPHc2LR3S5ENMYj0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAABr9 +xyHHgj3dF9hFkFxzVyl9GjLGBlINY9QaAxiYmRrpq3BUIDmWbpFUZeqxYxlA58hc +LxvKzaHpx8mNapyg6v3IoBEVyXmMYiyLOSF4scI5SlLQo6NZFzZrDltyChyaDQnQ +idEA8y7Mtk2PWtA/RTTxsVqQ+cORyLnD4QeC0Trh7ViwqIgf3OebNlA+shLRoSpj +Ez4UXxFfnykNp1jAKjEiMp4byutO08n+bWyhzxKM/Obmgi8VW5E/QHvWZiDfEIvP +/FPqYHWLiIJlJOdiKa1l4HXejjVlR9HCLPU5HYmzSzQ/IEijsUaTB0d6eXLk6uBa +tCPueQQxgA2pEGI5NA== +-----END CERTIFICATE----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package2.cert b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package2.cert new file mode 100644 index 0000000000..f45f6720f0 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/package2.cert @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDOTCCAiECFFqXkiZIzIdNPTG62Jbr3Ub37ZuTMA0GCSqGSIb3DQEBCwUAMHox +EzARBgoJkiaJk/IsZAEZFgNvcmcxFjAUBgoJkiaJk/IsZAEZFgZzaW1wbGUxEzAR +BgNVBAoMClNpbXBsZSBJbmMxGjAYBgNVBAsMEVNpbXBsZSBTaWduaW5nIENBMRow +GAYDVQQDDBFTaW1wbGUgU2lnbmluZyBDQTAeFw0yMTAxMTQxMTMxMDhaFw0yMTAy +MTMxMTMxMDhaMDgxCzAJBgNVBAYTAlBMMQwwCgYDVQQIDANTSUwxDDAKBgNVBAcM +A1dSTzENMAsGA1UECgwETk9LMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALbulTgLmez9BZHSjMhUNaZURHe12RRAR9JoTTDUJkLr1WVMZRieFUC74PQP +w51qVy/KAKs7uBUCkpVARcH3sRbdrTDmc3LanUy9hZqzeJdupi+Zp/RlvP+kXTji +BX4E2hg2a3QBD/zNoBmvLWPTsYsNSxR5mxkm9pL6qFGI84D0l/FWs9jAa60UCBRM +gIU70JGgU7jx99E6bPUU4Ruuywi8MZpCdW61apVQK1l2rLPSumLm13Ho4l2aI3L+ +bvTy7wzgtURnpHEnOvZUx7pSMwymPOjRvs58sgfQ6FZ0KMkixeHFKdcqwl+msTbN +a/3nmqCYURmHsYXxaORCBlD3PHcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAdBZd +inECILJpNkfhU8ocqkh9s17KzGtoG/Ybo2LslD/dCXlbbC4rLJdsVaQXKp/j03xF +ZftRj+NMjRatj9KJ1sibN7YNJDo7u3rk0oKSuMRx4FmI+IzKF8I9usg+CFgA1S+P +4ndH+3THd9VPjIpuH8yjZ0lXDvqBubnKM11JmW2ljPS7UKPdTasFiIQkV8swVn6d +3tHBsns/juvGUEDLTdO3lYDK0WEr8pKr+Cj0hcmOZoV8YxBnw402X0g35tzNTAH7 +BhUuGhjRsUksSRPdYjZRjLm/ieIf5huAcWLtEyPDmiHFyNTEDIbSLYncfNDcTsQZ +NSqYN8Ixin+/mpN86g== +-----END CERTIFICATE----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/root.cert b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/root.cert index ece4fb4b91..2a92193e2f 100644 --- a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/root.cert +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/root.cert @@ -1,21 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha1WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, OU=Simple Root CA, CN=Simple Root CA + Validity + Not Before: Jan 14 11:14:15 2021 GMT + Not After : Jan 14 11:14:15 2031 GMT + Subject: DC=org, DC=simple, O=Simple Inc, OU=Simple Root CA, CN=Simple Root CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a4:7a:26:63:c1:d9:80:23:ea:c8:81:2e:2e:e2: + 77:be:37:c1:d6:8c:35:a4:3c:53:7c:e0:b1:b1:e1: + 9f:49:47:fe:e6:24:5e:16:28:ab:c2:0f:d6:5b:03: + f2:12:68:89:ae:d8:0f:4d:11:de:68:19:7f:57:d3: + 43:3e:e2:98:f0:94:7c:c1:f5:5d:1d:88:12:28:9e: + d0:b0:2b:a5:d1:6e:41:82:1e:e1:31:da:71:4f:b6: + 5c:9c:49:fb:b6:4c:69:e6:e9:2a:94:64:dc:eb:08: + 33:a0:2c:63:84:40:0f:c4:d6:f3:3d:33:de:08:ab: + ad:21:d4:58:14:de:9a:96:d6:a8:bd:69:7d:a1:2d: + dd:11:7c:53:27:4b:0d:60:e6:aa:3e:ec:74:a7:bc: + ef:86:05:57:22:4c:a3:e0:eb:3c:f8:8b:d1:fb:3f: + 8d:e3:e2:22:ef:cf:d3:c1:ff:55:0d:8e:bf:4e:60: + 50:6f:3f:16:28:81:5e:9d:39:48:ee:fb:2c:08:83: + cd:a3:6c:ed:68:45:8f:1b:d4:ef:2a:7b:f0:50:75: + 8e:1a:cb:4e:c7:7f:71:34:76:96:af:d2:12:41:71: + 8c:e7:e4:29:53:9a:09:2a:92:85:b3:fd:52:40:a6: + bb:79:93:53:c5:ed:3a:40:fd:e3:12:a9:00:1c:ac: + 4c:f7 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE + X509v3 Subject Key Identifier: + 08:0C:D0:E5:51:5B:A6:E7:E9:07:C7:69:3E:BA:AB:36:A3:8B:D3:4B + X509v3 Authority Key Identifier: + keyid:08:0C:D0:E5:51:5B:A6:E7:E9:07:C7:69:3E:BA:AB:36:A3:8B:D3:4B + + Signature Algorithm: sha1WithRSAEncryption + 7c:38:02:94:99:44:19:9d:81:b6:4a:82:6a:4d:68:2c:f5:52: + 92:1d:16:a9:2d:06:a6:bc:06:29:fc:e5:61:b9:15:67:05:f3: + c7:ce:5c:8e:5d:78:04:b8:c7:4d:d9:bf:05:42:3d:44:95:9c: + 26:f4:78:2c:19:22:57:2c:81:2e:a3:88:89:5b:8f:32:75:11: + 49:0c:1b:1f:05:41:1c:4e:29:71:ab:3f:5e:28:39:3f:27:eb: + 0c:32:89:23:50:6c:c9:77:4a:fc:73:bd:8a:91:c4:ef:70:5b: + 67:bb:b9:a7:8b:60:30:c6:09:f2:eb:d4:dd:ce:c4:e8:bc:33: + 17:2c:7a:80:fb:8a:63:49:7b:3c:bd:c1:3f:bc:67:ef:97:ca: + 6b:78:11:17:a2:57:9b:56:73:5e:ad:e6:21:4e:62:fd:29:6b: + 28:f5:32:ff:1a:00:b2:5c:aa:2a:f4:0a:a0:74:7a:76:65:ab: + 3d:e9:92:9d:0b:4c:09:2a:3b:7d:0f:24:d7:e5:4a:19:4e:06: + e1:53:0d:30:5a:5b:4d:56:4b:bb:83:d2:42:a4:f0:58:94:38: + 74:23:ea:02:13:76:4a:5e:a9:1c:32:f1:95:b1:9e:d1:8d:84: + 73:a9:52:94:91:61:f0:67:ed:6f:f6:96:f9:56:c0:fd:e8:0f: + b6:ee:bf:4f -----BEGIN CERTIFICATE----- -MIIDejCCAmKgAwIBAgIJAINbMi0Mb24EMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNV -BAYTAklFMRIwEAYDVQQIDAlXZXN0bWVhdGgxEDAOBgNVBAcMB0F0aGxvbmUxDDAK -BgNVBAoMA0VTWTEPMA0GA1UECwwGVGVjaG5vMB4XDTE5MDQyOTEyNTY0OFoXDTI5 -MDQyNjEyNTY0OFowUjELMAkGA1UEBhMCSUUxEjAQBgNVBAgMCVdlc3RtZWF0aDEQ -MA4GA1UEBwwHQXRobG9uZTEMMAoGA1UECgwDRVNZMQ8wDQYDVQQLDAZUZWNobm8w -ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBFiFHPO+6prpZfUsGaKTk -tWSJN+4b+EtGgVqjYP/Oo0LLWvpAYgvgA/6198Gmt+dJCiOEa3y9+G+BW4XSFQnd -IwbZlO599rkM5sz9VkBgpZHVE5QLOoko9ahZi8/ny8iSyF0IH8jE+dijXcHsYTCX -tkKw9OE6HO+y04caBLdeidVzYUW/mSB+LBY9/PKwTOcWRM4em8l5sx8xZ3HtV27P -1arNAFxq2K0cxoNPZJ+9xSN8yaZwc3QyXRYP8EDGN59SCAZWxkXAEhGaNm5golnY -KCxsCKDGa5Zu4/JuwPbSUOvSkpojz2dft+keMVKIN14R5ng9EinLDO/ooMMz4pbT -AgMBAAGjUzBRMB0GA1UdDgQWBBQl0gdoNInn0JvQoTUhU0MTvohrSDAfBgNVHSME -GDAWgBQl0gdoNInn0JvQoTUhU0MTvohrSDAPBgNVHRMBAf8EBTADAQH/MA0GCSqG -SIb3DQEBCwUAA4IBAQCJBq2ELa/OXonAarawEqvaVxek0zw+BE/9XC1fTdA1QI1K -ozRFWxYOkSjTvkdEz+IxuCMvqMjPOrmwDNsVyjRlK1RtBn3RQSHx4T5rCHuvxD0G -yffFxniJlOU2oMYD71bnW8AqlvyHckIF7jNFD+GnPoSCJWoakcV1RCvgkeZxNwAM -sTnwaLtR1qrkl27NrvwUtwfRebUt/M7c+V7ZgWq1J8P859ZISqnbLgfzWhZ1CQ3X -9FTO2sX8gQPvP7VkvHuXKNDuiMYvcXziMOp3G39RBoEvSLHq4xnJAw+YwaerOn5s -CWHkzJ1IgLvuGfn22uEW+C+9DlMipfsEX1GfhviL +MIIDxjCCAq6gAwIBAgIBATANBgkqhkiG9w0BAQUFADB0MRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQLDA5TaW1wbGUgUm9vdCBDQTEXMBUGA1UEAwwOU2ltcGxlIFJv +b3QgQ0EwHhcNMjEwMTE0MTExNDE1WhcNMzEwMTE0MTExNDE1WjB0MRMwEQYKCZIm +iZPyLGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApT +aW1wbGUgSW5jMRcwFQYDVQQLDA5TaW1wbGUgUm9vdCBDQTEXMBUGA1UEAwwOU2lt +cGxlIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkeiZj +wdmAI+rIgS4u4ne+N8HWjDWkPFN84LGx4Z9JR/7mJF4WKKvCD9ZbA/ISaImu2A9N +Ed5oGX9X00M+4pjwlHzB9V0diBIontCwK6XRbkGCHuEx2nFPtlycSfu2TGnm6SqU +ZNzrCDOgLGOEQA/E1vM9M94Iq60h1FgU3pqW1qi9aX2hLd0RfFMnSw1g5qo+7HSn +vO+GBVciTKPg6zz4i9H7P43j4iLvz9PB/1UNjr9OYFBvPxYogV6dOUju+ywIg82j +bO1oRY8b1O8qe/BQdY4ay07Hf3E0dpav0hJBcYzn5ClTmgkqkoWz/VJAprt5k1PF +7TpA/eMSqQAcrEz3AgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E +BTADAQH/MB0GA1UdDgQWBBQIDNDlUVum5+kHx2k+uqs2o4vTSzAfBgNVHSMEGDAW +gBQIDNDlUVum5+kHx2k+uqs2o4vTSzANBgkqhkiG9w0BAQUFAAOCAQEAfDgClJlE +GZ2BtkqCak1oLPVSkh0WqS0GprwGKfzlYbkVZwXzx85cjl14BLjHTdm/BUI9RJWc +JvR4LBkiVyyBLqOIiVuPMnURSQwbHwVBHE4pcas/Xig5PyfrDDKJI1BsyXdK/HO9 +ipHE73BbZ7u5p4tgMMYJ8uvU3c7E6LwzFyx6gPuKY0l7PL3BP7xn75fKa3gRF6JX +m1ZzXq3mIU5i/SlrKPUy/xoAslyqKvQKoHR6dmWrPemSnQtMCSo7fQ8k1+VKGU4G +4VMNMFpbTVZLu4PSQqTwWJQ4dCPqAhN2Sl6pHDLxlbGe0Y2Ec6lSlJFh8Gftb/aW ++VbA/egPtu6/Tw== -----END CERTIFICATE----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/signing-ca1.crt b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/signing-ca1.crt new file mode 100644 index 0000000000..1576239925 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/signing-ca1.crt @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 3 (0x3) + Signature Algorithm: sha1WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, OU=Simple Root CA, CN=Simple Root CA + Validity + Not Before: Jan 14 11:16:01 2021 GMT + Not After : Jan 14 11:16:01 2031 GMT + Subject: DC=org, DC=simple, O=Simple Inc, OU=Simple Signing CA, CN=Simple Signing CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:da:7b:d8:40:6a:3f:ac:c1:8c:34:e7:2b:af:7d: + 48:f3:e5:eb:a3:62:1f:a0:05:17:1b:00:7f:02:5f: + 61:89:0f:5a:8f:b6:21:d5:46:4a:b8:8d:77:30:dc: + 4a:e3:7b:6f:cb:21:64:98:07:20:93:fb:0a:0d:05: + cd:b5:d7:89:7f:1f:ce:8f:52:5f:96:62:b4:f6:93: + 6c:91:42:0c:a8:37:53:f8:5e:e2:14:f8:83:5f:e3: + 9a:fd:28:75:89:ee:be:b3:f8:1a:66:cc:a3:65:13: + 15:74:d9:ae:1c:6e:3b:dc:71:02:90:b6:8f:d8:74: + 26:56:76:fa:af:a8:44:93:9d:12:de:7a:23:de:15: + a7:8d:7b:54:ad:c2:a6:14:a3:af:4b:73:0c:7d:07: + 29:78:21:85:c6:6c:44:9e:31:91:e9:8a:b4:37:c6: + 63:48:c6:41:78:0a:9f:d4:12:75:65:d5:a0:72:68: + b3:71:29:93:78:94:a3:96:77:4a:ef:62:b9:a8:fa: + ec:11:38:e4:49:31:00:84:89:f1:11:99:6c:02:3c: + 6a:7d:1c:d0:60:4b:75:5d:83:6d:04:15:20:48:50: + 0e:1c:7c:56:0a:7b:2f:76:a3:2e:d0:9e:2d:cf:47: + ff:17:a3:76:2d:8d:d8:fd:23:20:d8:24:9b:64:3a: + 44:57 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 2F:77:F6:0E:2A:F9:54:74:3A:A1:07:54:67:B8:66:5C:FA:AE:D7:17 + X509v3 Authority Key Identifier: + keyid:08:0C:D0:E5:51:5B:A6:E7:E9:07:C7:69:3E:BA:AB:36:A3:8B:D3:4B + + Signature Algorithm: sha1WithRSAEncryption + 6d:55:6b:90:64:91:09:73:fb:3e:22:85:12:8d:cf:f5:8c:90: + e0:ee:34:9e:74:30:d3:0c:e9:fa:5c:c9:b7:5c:7e:0b:6b:3b: + 00:03:ea:7b:bc:fe:28:cc:9c:a1:1e:08:b4:69:a2:11:b7:f0: + 23:5e:33:3f:4b:e2:eb:1d:28:b7:ef:43:68:b8:ca:eb:a3:fb: + 98:92:3b:e1:a9:18:86:fe:3d:6b:2f:0d:f5:b7:09:10:fe:66: + 89:a3:09:29:e2:2f:d5:16:ef:5e:94:96:14:10:79:1c:f6:82: + c9:82:2d:bb:76:90:f1:e0:2d:67:01:17:7b:69:84:83:31:87: + f7:16:a1:f9:46:23:9c:36:81:51:3b:8a:c2:c9:0e:da:a9:bf: + 73:aa:46:ff:5d:35:35:34:4b:fc:63:c5:03:37:8e:26:a2:c4: + 95:d0:5b:94:46:94:bf:23:e7:4b:e0:7c:48:28:04:13:b5:e7: + b1:59:5e:85:f4:23:63:3d:f8:f5:d5:ca:90:f2:20:25:36:82: + 50:a8:75:17:d0:b7:32:12:9d:6e:2b:fa:99:15:6b:9f:c7:c3: + 7f:2e:ee:5b:19:b7:bf:f4:8e:be:79:50:93:87:08:a0:20:5c: + d0:45:5c:00:e5:ea:c4:12:4a:b1:59:fb:24:a3:6f:a5:cc:ce: + 73:c1:87:ac +-----BEGIN CERTIFICATE----- +MIIDzzCCAregAwIBAgIBAzANBgkqhkiG9w0BAQUFADB0MRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQLDA5TaW1wbGUgUm9vdCBDQTEXMBUGA1UEAwwOU2ltcGxlIFJv +b3QgQ0EwHhcNMjEwMTE0MTExNjAxWhcNMzEwMTE0MTExNjAxWjB6MRMwEQYKCZIm +iZPyLGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApT +aW1wbGUgSW5jMRowGAYDVQQLDBFTaW1wbGUgU2lnbmluZyBDQTEaMBgGA1UEAwwR +U2ltcGxlIFNpZ25pbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDae9hAaj+swYw05yuvfUjz5eujYh+gBRcbAH8CX2GJD1qPtiHVRkq4jXcw3Erj +e2/LIWSYByCT+woNBc2114l/H86PUl+WYrT2k2yRQgyoN1P4XuIU+INf45r9KHWJ +7r6z+BpmzKNlExV02a4cbjvccQKQto/YdCZWdvqvqESTnRLeeiPeFaeNe1StwqYU +o69Lcwx9Byl4IYXGbESeMZHpirQ3xmNIxkF4Cp/UEnVl1aByaLNxKZN4lKOWd0rv +Yrmo+uwROORJMQCEifERmWwCPGp9HNBgS3Vdg20EFSBIUA4cfFYKey92oy7Qni3P +R/8Xo3Ytjdj9IyDYJJtkOkRXAgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNV +HRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQvd/YOKvlUdDqhB1RnuGZc+q7XFzAf +BgNVHSMEGDAWgBQIDNDlUVum5+kHx2k+uqs2o4vTSzANBgkqhkiG9w0BAQUFAAOC +AQEAbVVrkGSRCXP7PiKFEo3P9YyQ4O40nnQw0wzp+lzJt1x+C2s7AAPqe7z+KMyc +oR4ItGmiEbfwI14zP0vi6x0ot+9DaLjK66P7mJI74akYhv49ay8N9bcJEP5miaMJ +KeIv1RbvXpSWFBB5HPaCyYItu3aQ8eAtZwEXe2mEgzGH9xah+UYjnDaBUTuKwskO +2qm/c6pG/101NTRL/GPFAzeOJqLEldBblEaUvyPnS+B8SCgEE7XnsVlehfQjYz34 +9dXKkPIgJTaCUKh1F9C3MhKdbiv6mRVrn8fDfy7uWxm3v/SOvnlQk4cIoCBc0EVc +AOXqxBJKsVn7JKNvpczOc8GHrA== +-----END CERTIFICATE----- diff --git a/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/signing-ca2.crt b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/signing-ca2.crt new file mode 100644 index 0000000000..c0f743a450 --- /dev/null +++ b/openecomp-be/backend/openecomp-sdc-vendor-software-product-manager/src/test/resources/cert/signing-ca2.crt @@ -0,0 +1,82 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4 (0x4) + Signature Algorithm: sha1WithRSAEncryption + Issuer: DC=org, DC=simple, O=Simple Inc, OU=Simple Root CA, CN=Simple Root CA + Validity + Not Before: Jan 14 11:29:38 2021 GMT + Not After : Jan 14 11:29:38 2031 GMT + Subject: DC=org, DC=simple, O=Simple Inc, OU=Simple Signing CA, CN=Simple Signing CA + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:b7:a4:4b:30:86:d8:af:90:5b:d7:a2:f9:ab:34: + 1d:dd:0a:40:b5:11:3a:33:8a:01:d1:24:18:5e:0a: + ad:a4:d2:cd:b7:0f:46:16:5a:b5:5c:dd:d9:10:cf: + b5:6a:14:e8:23:c3:35:f7:85:2f:82:13:7e:03:76: + 28:c1:7d:dd:ed:3b:78:b3:4e:b8:ac:b8:87:97:2c: + 21:67:e3:5b:74:c1:87:d1:bc:ba:1e:f3:98:8e:eb: + 16:90:09:4f:fa:bb:d2:92:fc:77:79:74:9e:de:41: + 4e:3e:fd:cc:5c:08:33:d4:58:f7:44:5c:86:62:c4: + 8d:70:c1:a1:e7:87:0a:0b:6a:16:07:da:66:ff:bb: + 1b:be:1b:0e:14:25:a0:36:d4:e5:63:b2:a5:fd:08: + e7:4f:c4:4e:d4:77:db:28:5d:59:cd:c0:05:55:c2: + 00:9d:44:94:b4:f7:9d:32:d2:3c:f9:1b:a4:ca:80: + 85:c2:14:36:24:f2:5f:50:b3:33:3e:ec:9e:58:71: + 94:d5:3d:d1:97:f7:bd:cc:a5:aa:11:6a:38:3b:c6: + ff:ab:a2:81:ab:67:f2:10:cd:43:79:75:09:c3:93: + 22:10:5b:58:34:bb:d4:17:ec:2b:90:a2:7a:1b:68: + ab:de:25:34:70:48:19:29:57:ee:e4:f8:2e:76:07: + 56:e5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: critical + Certificate Sign, CRL Sign + X509v3 Basic Constraints: critical + CA:TRUE, pathlen:0 + X509v3 Subject Key Identifier: + 25:C0:9E:5E:BC:5B:CA:3A:22:00:6C:34:28:31:DD:E6:18:AB:B6:BE + X509v3 Authority Key Identifier: + keyid:08:0C:D0:E5:51:5B:A6:E7:E9:07:C7:69:3E:BA:AB:36:A3:8B:D3:4B + + Signature Algorithm: sha1WithRSAEncryption + 40:16:4b:11:e2:d4:f2:ed:e7:b2:04:6f:3a:0e:66:2d:45:4b: + 3e:95:27:47:0e:35:7d:14:c7:40:bf:ce:9d:fd:25:60:03:8d: + 4f:7d:8a:7c:1f:11:f8:4c:27:e1:0c:72:3c:3f:ef:15:ac:3c: + b7:9c:d3:81:e9:58:7f:be:e6:8e:9a:e8:13:12:68:2c:2e:a6: + 75:45:d5:91:ec:3a:3f:95:60:2b:59:36:6f:ea:68:8c:01:4b: + 96:ad:1c:45:20:fe:61:db:fd:0c:c3:6a:84:72:47:8e:f5:60: + 76:98:90:00:27:a1:65:15:95:69:a3:1c:a9:48:6b:96:4e:13: + 93:54:a7:fb:5c:93:4b:c6:94:97:9f:09:36:70:b6:7a:cc:b6: + 1d:8d:1e:0d:b3:54:11:a9:7a:ab:ec:80:76:e9:14:e2:a8:99: + cb:4f:7f:58:ef:65:e7:fe:f6:b5:31:45:9e:69:c7:f6:4d:a8: + 33:d9:15:d7:e1:1c:93:ff:03:75:be:53:8c:a9:02:f2:e7:c3: + 0b:06:f6:72:83:32:55:da:ac:8f:5c:ad:3d:0d:a0:e2:87:d2: + bb:6f:b0:07:0a:ee:bd:2b:5a:09:10:9c:39:1a:66:6e:86:be: + 30:ce:79:dc:40:22:78:ca:a2:fb:44:3b:f9:5b:a0:45:9d:7d: + 99:3f:66:3e +-----BEGIN CERTIFICATE----- +MIIDzzCCAregAwIBAgIBBDANBgkqhkiG9w0BAQUFADB0MRMwEQYKCZImiZPyLGQB +GRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApTaW1wbGUg +SW5jMRcwFQYDVQQLDA5TaW1wbGUgUm9vdCBDQTEXMBUGA1UEAwwOU2ltcGxlIFJv +b3QgQ0EwHhcNMjEwMTE0MTEyOTM4WhcNMzEwMTE0MTEyOTM4WjB6MRMwEQYKCZIm +iZPyLGQBGRYDb3JnMRYwFAYKCZImiZPyLGQBGRYGc2ltcGxlMRMwEQYDVQQKDApT +aW1wbGUgSW5jMRowGAYDVQQLDBFTaW1wbGUgU2lnbmluZyBDQTEaMBgGA1UEAwwR +U2ltcGxlIFNpZ25pbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQC3pEswhtivkFvXovmrNB3dCkC1ETozigHRJBheCq2k0s23D0YWWrVc3dkQz7Vq +FOgjwzX3hS+CE34DdijBfd3tO3izTrisuIeXLCFn41t0wYfRvLoe85iO6xaQCU/6 +u9KS/Hd5dJ7eQU4+/cxcCDPUWPdEXIZixI1wwaHnhwoLahYH2mb/uxu+Gw4UJaA2 +1OVjsqX9COdPxE7Ud9soXVnNwAVVwgCdRJS0950y0jz5G6TKgIXCFDYk8l9QszM+ +7J5YcZTVPdGX973MpaoRajg7xv+rooGrZ/IQzUN5dQnDkyIQW1g0u9QX7CuQonob +aKveJTRwSBkpV+7k+C52B1blAgMBAAGjZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNV +HRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQlwJ5evFvKOiIAbDQoMd3mGKu2vjAf +BgNVHSMEGDAWgBQIDNDlUVum5+kHx2k+uqs2o4vTSzANBgkqhkiG9w0BAQUFAAOC +AQEAQBZLEeLU8u3nsgRvOg5mLUVLPpUnRw41fRTHQL/Onf0lYAONT32KfB8R+Ewn +4QxyPD/vFaw8t5zTgelYf77mjproExJoLC6mdUXVkew6P5VgK1k2b+pojAFLlq0c +RSD+Ydv9DMNqhHJHjvVgdpiQACehZRWVaaMcqUhrlk4Tk1Sn+1yTS8aUl58JNnC2 +esy2HY0eDbNUEal6q+yAdukU4qiZy09/WO9l5/72tTFFnmnH9k2oM9kV1+Eck/8D +db5TjKkC8ufDCwb2coMyVdqsj1ytPQ2g4ofSu2+wBwruvStaCRCcORpmboa+MM55 +3EAieMqi+0Q7+VugRZ19mT9mPg== +-----END CERTIFICATE----- |