Add error when CMS and TOSCA meta file are present, however TOSCA does not contains ETSI-Entry-Certificate

Signed-off-by: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> Change-Id: I238ac7544f1eda9fa1bc0f2a89120dc3ae33437a Issue-ID: VNFSDK-660
author: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> 2020-10-13 14:10:28 +0200
committer: Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com> 2020-10-13 14:43:36 +0200
commit: 5e085985d5e333fbb000c37c8c508c0d46b7d7ee (patch)
tree: bd34d0079efa0dc18c023655447aa601be8fbee5 /csarvalidation/src/main/java/org
parent: c8f3d47d4ac7b33632165f2b70a4d1f3ceea43bf (diff)
1 files changed, 26 insertions, 9 deletions
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206.java b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206.java
index 822ddde..05feb54 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206.java
@@ -166,7 +166,15 @@ public class VTPValidateCSARR130206 extends VTPValidateCSARBase {
 
         CSARErrorRootCertificateIsPresentDespiteTheEtsiEntryCertificate() {
             super("0x4013");
-            this.message = "Certificate present in root catalog despite the certificate is included in ETSI-Entry-Certificate";
+            this.message = "Certificate present in root catalog despite the TOSCA.meta file";
+        }
+    }
+
+    public static class CSARErrorUnableToFindCertificateEntryInTosca extends CSARArchive.CSARError {
+
+        CSARErrorUnableToFindCertificateEntryInTosca() {
+            super("0x4014");
+            this.message = "Unable to find ETSI-Entry-Certificate in Tosca file";
         }
     }
 
@@ -199,7 +207,7 @@ public class VTPValidateCSARR130206 extends VTPValidateCSARBase {
         if (containsCms(csar.getManifest())) {
             validateCmsSignature(csar, csarRootDirectory);
         } else if (
-            containsCertificateInTosca(csar.getToscaMeta()) ||
+            ( containsToscaMeta(csar) && containsCertificateInTosca(csar.getToscaMeta()) ) ||
                 containsCertificateInRootCatalog(csar) ||
                 containsHashOrAlgorithm(csar.getManifest())) {
             this.errors.add(new CSARErrorUnableToFindCms());
@@ -213,7 +221,7 @@ public class VTPValidateCSARR130206 extends VTPValidateCSARBase {
             CmsSignatureData signatureData = this.manifestFileSignatureValidator.createSignatureData(csar.getManifestMfFile());
             if (signatureData.getCertificate().isPresent()) {
                 validateCertificationUsingCmsCertificate(signatureData, csar, csarRootDirectory);
-            } else if (containsCertificateInTosca(csar.getToscaMeta())) {
+            } else if (containsToscaMeta(csar)) {
                 validateCertificationUsingTosca(signatureData, csar, csarRootDirectory);
             } else if (containsCertificateInRootCatalog(csar)) {
                 validateCertificationUsingCertificateFromRootDirectory(signatureData, csar, csarRootDirectory);
@@ -231,6 +239,10 @@ public class VTPValidateCSARR130206 extends VTPValidateCSARBase {
         return cms != null && !cms.equals(EMPTY_STRING);
     }
 
+    private boolean containsToscaMeta(CSARArchive archive) {
+        return archive.getToscaMetaFile() != null;
+    }
+
     private boolean containsCertificateInTosca(CSARArchive.TOSCAMeta toscaMeta) {
         String certificate = toscaMeta.getEntryCertificate();
         return certificate != null && !certificate.equals(EMPTY_STRING);
@@ -276,12 +288,17 @@ public class VTPValidateCSARR130206 extends VTPValidateCSARBase {
     }
 
     private boolean loadCertificateFromTosca(CmsSignatureData signatureData, CSARArchive csar) {
-        try {
-            final Path absolutePathToEntryCertificate = csar.getFileFromCsar(csar.getToscaMeta().getEntryCertificate()).toPath();
-            signatureData.loadCertificate(absolutePathToEntryCertificate);
-            return true;
-        } catch (CertificateLoadingException e) {
-            this.errors.add(new CSARErrorUnableToFindEntryCertificate());
+        if(csar.getToscaMeta().getEntryCertificate() != null) {
+            try {
+                final Path absolutePathToEntryCertificate = csar.getFileFromCsar(csar.getToscaMeta().getEntryCertificate()).toPath();
+                signatureData.loadCertificate(absolutePathToEntryCertificate);
+                return true;
+            } catch (CertificateLoadingException e) {
+                this.errors.add(new CSARErrorUnableToFindEntryCertificate());
+                return false;
+            }
+        } else {
+            this.errors.add(new CSARErrorUnableToFindCertificateEntryInTosca());
             return false;
         }
     }
author	Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>	2020-10-13 14:10:28 +0200
committer	Bartosz Gardziejewski <bartosz.gardziejewski@nokia.com>	2020-10-13 14:43:36 +0200
commit	5e085985d5e333fbb000c37c8c508c0d46b7d7ee (patch)
tree	bd34d0079efa0dc18c023655447aa601be8fbee5 /csarvalidation/src/main/java/org
parent	c8f3d47d4ac7b33632165f2b70a4d1f3ceea43bf (diff)