From b2f9dc5d3bc02564b4d952caa0bf2ccd20dfc6af Mon Sep 17 00:00:00 2001
From: kooper <sergey.sachkov@est.tech>
Date: Tue, 2 Apr 2019 09:22:01 +0000
Subject: Verify signature

Change-Id: I8fc5d50d74d3dd8031c96ee16708489dc7c789b8
Issue-ID: SDC-2163
Signed-off-by: kooper <sergey.sachkov@est.tech>
---
 .../sdcrests/vsp/rest/data/PackageArchiveTest.java | 99 ++++++++++++++++++++++
 1 file changed, 99 insertions(+)
 create mode 100644 openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java

(limited to 'openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java')

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java
new file mode 100644
index 0000000000..6458a65d17
--- /dev/null
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/vendor-software-products-rest/vendor-software-products-rest-services/src/test/java/org/openecomp/sdcrests/vsp/rest/data/PackageArchiveTest.java
@@ -0,0 +1,99 @@
+package org.openecomp.sdcrests.vsp.rest.data;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManager;
+import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManagerException;
+import org.powermock.reflect.Whitebox;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
+import static junit.framework.TestCase.assertTrue;
+import static org.junit.Assert.assertFalse;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.MockitoAnnotations.initMocks;
+import static org.powermock.api.mockito.PowerMockito.when;
+
+public class PackageArchiveTest {
+    private static final String BASE_DIR = "/vspmanager.csar/";
+
+    @Mock
+    SecurityManager manager;
+
+    @Before
+    public void setUp(){
+        initMocks(this);
+    }
+
+
+    @Test
+    public void isSignedTestCheckingWrongFile() throws IOException,
+            URISyntaxException {
+        PackageArchive packageArchive = getArchive("notCsar.txt");
+        assertFalse("2 or 3 files expected for signed package present or signature valid for " +
+                "empty file", packageArchive.isSigned());
+    }
+
+    @Test
+    public void isSignedTestWrongPackageStructure2EmptyDirInRoot() throws IOException,
+            URISyntaxException {
+        PackageArchive packageArchive = getArchive("signing/2-empty-directories-in-root.zip");
+        assertFalse(packageArchive.isSigned());
+    }
+
+    @Test
+    public void isSignedTestWrongPackageStructure2EmptyFilesAndEmptyDirInRoot() throws IOException,
+            URISyntaxException {
+        PackageArchive packageArchive = getArchive("signing/2-empty-files-1-empty-directory-in-root.zip");
+        assertFalse(packageArchive.isSigned());
+    }
+
+    @Test
+    public void isSignedTestWrongPackageStructure2EmptyFilesAndDirWithContentInRoot() throws IOException,
+            URISyntaxException {
+        PackageArchive packageArchive = getArchive("signing/2-empty-files-1-directory-with-contents-in-root.zip");
+        assertFalse(packageArchive.isSigned());
+    }
+
+    @Test
+    public void isSignedTestCorrectStructureNoSignature() throws IOException,
+            URISyntaxException {
+        PackageArchive packageArchive = getArchive("signing/2-files-in-root.zip");
+        assertFalse(packageArchive.isSigned());
+    }
+
+    @Test
+    public void isSignedTestCorrectStructureAndSignatureExists() throws IOException,
+            URISyntaxException {
+        PackageArchive packageArchive = getArchive("signing/csar-and-cms-in-root.zip");
+        assertTrue(packageArchive.isSigned());
+    }
+
+    @Test
+    public void isSignatureValidTestCorrectStructureAndValidSignatureExists() throws IOException,
+            URISyntaxException, SecurityManagerException {
+        PackageArchive packageArchive = getArchive("signing/signed-package.zip");
+        Whitebox.setInternalState(packageArchive, "securityManager", manager);
+        when(manager.verifySignedData(any(), any(), any())).thenReturn(true);
+        assertTrue("Signature invalid for signed package",
+                packageArchive.isSignatureValid());
+    }
+
+    @Test(expected = SecurityManagerException.class)
+    public void isSignatureValidTestCorrectStructureAndNotValidSignatureExists() throws IOException,
+            URISyntaxException, SecurityManagerException {
+        PackageArchive packageArchive = getArchive("signing/signed-package-tampered-data.zip");
+        Whitebox.setInternalState(packageArchive, "securityManager", manager);
+        when(manager.verifySignedData(any(), any(), any())).thenThrow(new SecurityManagerException("error!"));
+        packageArchive.isSignatureValid();
+    }
+
+    private PackageArchive getArchive(String path) throws URISyntaxException, IOException {
+        return new PackageArchive(Files.readAllBytes(Paths.get(
+                PackageArchiveTest.class.getResource(BASE_DIR + path).toURI())));
+    }
+}
-- 
cgit 1.2.3-korg