From 19773b769c6762a12876064c70a34cc31d2b12da Mon Sep 17 00:00:00 2001 From: "andre.schmid" Date: Thu, 26 Sep 2019 13:22:44 +0100 Subject: Validate SOL004 manifest signature order SOL004 Manifest signature must be the last entry of the manifest. Change-Id: Ie3835f7140ccdf92ef5518ca2d7571930de81971 Issue-ID: SDC-2587 Signed-off-by: andre.schmid --- .../sdc/tosca/csar/AbstractOnboardingManifest.java | 5 +++++ .../org/openecomp/sdc/tosca/csar/Manifest.java | 2 ++ .../sdc/tosca/csar/SOL004ManifestOnboarding.java | 26 ++++++++++++++++------ 3 files changed, 26 insertions(+), 7 deletions(-) (limited to 'openecomp-be/lib/openecomp-tosca-lib/src/main') diff --git a/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/AbstractOnboardingManifest.java b/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/AbstractOnboardingManifest.java index 7cc11e564d..326eb6a517 100644 --- a/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/AbstractOnboardingManifest.java +++ b/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/AbstractOnboardingManifest.java @@ -371,6 +371,11 @@ abstract class AbstractOnboardingManifest implements Manifest { return ImmutableMap.copyOf(nonManoSources); } + @Override + public boolean isSigned() { + return getCmsSignature().isPresent(); + } + @Override public Optional getCmsSignature() { return Optional.ofNullable(cmsSignature); diff --git a/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/Manifest.java b/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/Manifest.java index c0ccbbc14d..31b04f0d8b 100644 --- a/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/Manifest.java +++ b/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/Manifest.java @@ -71,6 +71,8 @@ public interface Manifest { */ Optional getType(); + boolean isSigned(); + /** * Gets the CMS manifest signature if present in manifest * @return diff --git a/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/SOL004ManifestOnboarding.java b/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/SOL004ManifestOnboarding.java index bb0b07a63f..8e67d7b5de 100644 --- a/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/SOL004ManifestOnboarding.java +++ b/openecomp-be/lib/openecomp-tosca-lib/src/main/java/org/openecomp/sdc/tosca/csar/SOL004ManifestOnboarding.java @@ -80,7 +80,6 @@ public class SOL004ManifestOnboarding extends AbstractOnboardingManifest { break; case NON_MANO_ARTIFACT_SETS: processNonManoArtifactEntry(); - continueToProcess = false; break; case SOURCE: processSource(); @@ -100,6 +99,9 @@ public class SOL004ManifestOnboarding extends AbstractOnboardingManifest { Optional currentLine = readNextNonEmptyLine(); while (currentLine.isPresent()) { final ManifestTokenType manifestTokenType = detectLineEntry().orElse(null); + if (manifestTokenType == ManifestTokenType.CMS_BEGIN) { + return; + } if (manifestTokenType != null) { reportError(Messages.MANIFEST_INVALID_NON_MANO_KEY, manifestTokenType.getToken()); continueToProcess = false; @@ -162,25 +164,35 @@ public class SOL004ManifestOnboarding extends AbstractOnboardingManifest { */ private void readCmsSignature() { if (cmsSignature != null) { - reportError(Messages.MANIFEST_DUPLICATED_CMS_SIGNATURE); + reportError(Messages.MANIFEST_SIGNATURE_DUPLICATED); continueToProcess = false; return; } + final StringBuilder cmsSignatureBuilder = new StringBuilder(); + + cmsSignatureBuilder.append(currentLine).append("\n"); Optional currentLine = readNextNonEmptyLine(); if(!getCurrentLine().isPresent()) { return; } - StringBuilder stringBuilder = new StringBuilder(); - while (currentLine.isPresent() && detectLineEntry().orElse(null) != ManifestTokenType.CMS_END) { - stringBuilder.append(currentLine.get()); - stringBuilder.append("\n"); + while (currentLine.isPresent()) { + if (detectLineEntry().orElse(null) == ManifestTokenType.CMS_END) { + cmsSignatureBuilder.append(currentLine.get()); + break; + } + cmsSignatureBuilder.append(currentLine.get()).append("\n"); currentLine = readNextNonEmptyLine(); } if (currentLine.isPresent()) { - cmsSignature = stringBuilder.toString(); + cmsSignature = cmsSignatureBuilder.toString(); readNextNonEmptyLine(); } + + if (getCurrentLine().isPresent()) { + reportError(Messages.MANIFEST_SIGNATURE_LAST_ENTRY); + continueToProcess = false; + } } /** -- cgit 1.2.3-korg