summaryrefslogtreecommitdiffstats
path: root/csarvalidation/src/main
diff options
context:
space:
mode:
authorBogumil Zebek <bogumil.zebek@nokia.com>2019-07-26 10:25:09 +0200
committerZebek Bogumil <bogumil.zebek@nokia.com>2019-07-31 11:06:50 +0200
commite66d2541cf7ee1836784681331b6909421a86d63 (patch)
treea67705ff015b7c78511e9cecc47c25c3fdddbb61 /csarvalidation/src/main
parentdc6775fbc0779eb2db77ab8215fcb7847b94a4cf (diff)
Option 1 - vnf only
Change-Id: I281dddab930328f24b9267aa6afc6ae08fd9ed01 Issue-ID: VNFSDK-396 Signed-off-by: Zebek Bogumil <bogumil.zebek@nokia.com>
Diffstat (limited to 'csarvalidation/src/main')
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/CSARArchive.java130
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/PnfCSARArchive.java27
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/VnfManifestParser.java144
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR146092.java12
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965.java4
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966.java42
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/parser/CmsParser.java10
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/parser/ManifestConsts.java4
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/parser/SourcesParser.java20
-rw-r--r--csarvalidation/src/main/java/org/onap/cvc/csar/security/CmsSignatureValidator.java5
-rw-r--r--csarvalidation/src/main/resources/open-cli-schema/sol004/vtp-validate-csar-r787966.yaml4
-rw-r--r--csarvalidation/src/main/resources/vnfreqs.properties2
12 files changed, 273 insertions, 131 deletions
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/CSARArchive.java b/csarvalidation/src/main/java/org/onap/cvc/csar/CSARArchive.java
index f1aff70..2b84997 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/CSARArchive.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/CSARArchive.java
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -29,6 +30,8 @@ import java.util.Objects;
import java.util.Optional;
import org.apache.commons.io.FileUtils;
+import org.apache.commons.lang3.tuple.Pair;
+import org.onap.cvc.csar.parser.SourcesParser;
import org.yaml.snakeyaml.Yaml;
import com.fasterxml.jackson.core.JsonProcessingException;
@@ -43,12 +46,6 @@ import com.fasterxml.jackson.databind.ObjectMapper;
public class CSARArchive implements AutoCloseable {
public static final String SOL0004_2_4_1 = "V2.4.1 (2018-02)";
- public String getSOL004Version() {
- return SOL0004_2_4_1;
- }
-
- private FileArchive.Workspace workspace;
- protected Path tempDir;
public static final String TEMP_DIR = "/tmp";
@@ -105,24 +102,8 @@ public class CSARArchive implements AutoCloseable {
public static final String Entry_Definition__template_version = "template_version";
- public static final String Entry_Manifest__metadata = "metadata";
-
- public static final String Entry_Manifest__metadata__vnf_provider_id = "vnf_provider_id";
-
- public static final String Entry_Manifest__metadata__vnf_product_name = "vnf_product_name";
-
- public static final String Entry_Manifest__metadata__vnf_release_data_time = "vnf_release_data_time";
-
- public static final String Entry_Manifest__metadata__vnf_package_version = "vnf_package_version";
-
- public static final String Entry_Manifest__non_mano_artifact_sets = "non_mano_artifact_sets";
-
public static final String CSAR_Archive = "CSAR Archive";
- public FileArchive.Workspace getWorkspace() {
- return this.workspace;
- }
-
public enum Mode {
WITH_TOSCA_META_DIR,
WITHOUT_TOSCA_META_DIR
@@ -739,6 +720,9 @@ public class CSARArchive implements AutoCloseable {
public static class Manifest{
private boolean isNonManoAvailable;
+ private List<SourcesParser.Source> sources = new ArrayList<>();
+ private String cms;
+
public static class Metadata {
private String providerId;
@@ -806,6 +790,22 @@ public class CSARArchive implements AutoCloseable {
this.nonMano = nonMano;
this.isNonManoAvailable = true;
}
+
+ public List<SourcesParser.Source> getSources() {
+ return Collections.unmodifiableList(sources);
+ }
+
+ public void setSources(List<SourcesParser.Source> sources) {
+ this.sources.addAll(sources);
+ }
+
+ public String getCms() {
+ return this.cms;
+ }
+
+ public void setCms(String cms) {
+ this.cms = cms;
+ }
}
private TOSCAMeta toscaMeta = new TOSCAMeta();
@@ -830,6 +830,26 @@ public class CSARArchive implements AutoCloseable {
private List<CSARError> errors = new ArrayList<>();
+ private FileArchive.Workspace workspace;
+
+ protected Path tempDir;
+
+ public CSARArchive(){
+ this(new Manifest());
+ }
+
+ public CSARArchive(Manifest manifest) {
+ this.manifest = manifest;
+ }
+
+ public FileArchive.Workspace getWorkspace() {
+ return this.workspace;
+ }
+
+ public String getSOL004Version() {
+ return SOL0004_2_4_1;
+ }
+
public TOSCAMeta getToscaMeta() {
return toscaMeta;
}
@@ -874,14 +894,6 @@ public class CSARArchive implements AutoCloseable {
return errors;
}
- public CSARArchive(){
- this(new Manifest());
- }
-
- public CSARArchive(Manifest manifest) {
- this.manifest = manifest;
- }
-
public String getProductName() {
if (this.toscaMeta.getMode().equals(Mode.WITH_TOSCA_META_DIR)) {
@@ -922,56 +934,24 @@ public class CSARArchive implements AutoCloseable {
void parseManifest() throws IOException {
- int lineNo =0;
- List<String>lines = FileUtils.readLines(this.manifestMfFile);
- //first hit the metadata: section
- for (String line: lines) {
- lineNo ++;
- line = line.trim();
+ VnfManifestParser vnfManifestParser = VnfManifestParser.getInstance(
+ this.getManifestMfFile()
+ );
- if (line.startsWith("#")) {
- continue;
- }
+ Pair<Manifest.Metadata, List<CSARError>> metadataData = vnfManifestParser.fetchMetadata();
+ Pair<List<SourcesParser.Source>, List<CSARError>> sourcesSectionData = vnfManifestParser.fetchSourcesSection();
+ Pair<String, List<CSARError>> cmsSectionData = vnfManifestParser.fetchCMS();
- //continue till it reaches the metadata section
- if (line.equalsIgnoreCase(Entry_Manifest__metadata + ":")) {
- break;
- }
- }
+ CSARArchive.Manifest manifest = this.getManifest();
+ manifest.setMetadata(metadataData.getKey());
+ this.getErrors().addAll(metadataData.getValue());
- if (lineNo < lines.size()) {
- for (int i = lineNo; i< lines.size(); i++) {
- String line = lines.get(i).trim();
+ manifest.setSources(sourcesSectionData.getKey());
+ this.getErrors().addAll(sourcesSectionData.getValue());
- if (line.startsWith("#") || line.isEmpty()) {
- continue;
- }
+ manifest.setCms(cmsSectionData.getKey());
+ this.getErrors().addAll(cmsSectionData.getValue());
- String[] tokens = line.split(":");
- if (tokens.length < 2) continue;
- String key = tokens[0];
- String value = tokens[1];
-
- //continue till it reaches the metadata section
- if (key.equalsIgnoreCase(Entry_Manifest__metadata__vnf_package_version)) {
- this.manifest.getMetadata().setPackageVersion(value);
- } else if (key.equalsIgnoreCase(Entry_Manifest__metadata__vnf_product_name)) {
- this.manifest.getMetadata().setProductName(value);
- } else if (key.equalsIgnoreCase(Entry_Manifest__metadata__vnf_provider_id)) {
- this.manifest.getMetadata().setProviderId(value);
- } else if (key.equalsIgnoreCase(Entry_Manifest__metadata__vnf_release_data_time)) {
- this.manifest.getMetadata().setReleaseDateTime(value);
- } else {
- //Non-Mano entries are not processed as of now...
- errors.add(
- new CSARErrorIgnored(
- key,
- this.manifestMfFile.getName(),
- i,
- null));
- }
- }
- }
}
private void parseDefinitionMetadata() throws IOException {
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/PnfCSARArchive.java b/csarvalidation/src/main/java/org/onap/cvc/csar/PnfCSARArchive.java
index f8e36d1..a6e2745 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/PnfCSARArchive.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/PnfCSARArchive.java
@@ -19,8 +19,6 @@ import org.apache.commons.lang3.tuple.Pair;
import org.onap.cvc.csar.parser.SourcesParser;
import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
@@ -28,7 +26,7 @@ import java.util.Optional;
public class PnfCSARArchive extends CSARArchive {
public PnfCSARArchive(){
- super(new PnfManifest());
+ super(new Manifest());
}
@Override
@@ -42,7 +40,7 @@ public class PnfCSARArchive extends CSARArchive {
Pair<String, List<CSARError>> cmsSectionData = pnfManifestParser.fetchCMS();
Optional<Pair<Map<String, Map<String, List<String>>>, List<CSARError>>> nonManoArtifactsData = pnfManifestParser.fetchNonManoArtifacts();
- PnfManifest manifest = (PnfManifest) this.getManifest();
+ Manifest manifest = this.getManifest();
manifest.setMetadata(metadataData.getKey());
this.getErrors().addAll(metadataData.getValue());
@@ -68,25 +66,4 @@ public class PnfCSARArchive extends CSARArchive {
String getEntryChangeLogParamName() {
return "ETSI-Entry-Change-Log";
}
-
- public static class PnfManifest extends Manifest {
- private List<SourcesParser.Source> sources = new ArrayList<>();
- private String cms;
-
- public List<SourcesParser.Source> getSources() {
- return Collections.unmodifiableList(sources);
- }
-
- void setSources(List<SourcesParser.Source> sources) {
- this.sources.addAll(sources);
- }
-
- public String getCms() {
- return this.cms;
- }
-
- public void setCms(String cms) {
- this.cms = cms;
- }
- }
}
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/VnfManifestParser.java b/csarvalidation/src/main/java/org/onap/cvc/csar/VnfManifestParser.java
new file mode 100644
index 0000000..d122fed
--- /dev/null
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/VnfManifestParser.java
@@ -0,0 +1,144 @@
+/*
+ * Copyright 2019 Nokia
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.onap.cvc.csar;
+
+import org.apache.commons.lang3.tuple.Pair;
+import org.onap.cvc.csar.parser.CmsParser;
+import org.onap.cvc.csar.parser.SourcesParser;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+class VnfManifestParser {
+
+ private static final String ENTRY_MANIFEST_METADATA = "metadata";
+ private static final String ENTRY_MANIFEST_METADATA_VNF_PROVIDER_ID = "vnf_provider_id";
+ private static final String ENTRY_MANIFEST_METADATA_VNF_PRODUCT_NAME = "vnf_product_name";
+ private static final String ENTRY_MANIFEST_METADATA_VNF_RELEASE_DATA_TIME = "vnf_release_data_time";
+ private static final String ENTRY_MANIFEST_METADATA_VNF_PACKAGE_VERSION = "vnf_package_version";
+
+ private final List<String> lines;
+ private final String vnfManifestFileName;
+ private final SourcesParser sourcesParser;
+ private final CmsParser cmsParser;
+
+ private VnfManifestParser(List<String> lines, String vnfManifestFileName, SourcesParser sourcesParser, CmsParser cmsParser) {
+ this.lines = lines;
+ this.vnfManifestFileName = vnfManifestFileName;
+ this.sourcesParser = sourcesParser;
+ this.cmsParser = cmsParser;
+ }
+
+ static VnfManifestParser getInstance(File vnfManifestFile) throws IOException {
+ String fileName = vnfManifestFile.getAbsolutePath();
+ try (Stream<String> stream = Files.lines(Paths.get(fileName))) {
+ List<String> lines = stream
+ .map(String::trim)
+ .collect(Collectors.toList());
+
+ final String vnfManifestFileName = vnfManifestFile.getName();
+ return new VnfManifestParser(
+ lines,
+ vnfManifestFileName,
+ new SourcesParser(vnfManifestFileName),
+ new CmsParser(vnfManifestFileName)
+ );
+ }
+ }
+
+
+ Pair<CSARArchive.Manifest.Metadata, List<CSARArchive.CSARError>> fetchMetadata(){
+
+ final CSARArchive.Manifest.Metadata metadata = new CSARArchive.Manifest.Metadata();
+ final List<CSARArchive.CSARError> errors = new ArrayList<>();
+
+ int lineNo =0;
+
+ //first hit the metadata: section
+ for (String line: lines) {
+ lineNo ++;
+ line = line.trim();
+
+ //continue till it reaches the metadata section
+ if (line.equalsIgnoreCase(ENTRY_MANIFEST_METADATA + ":")) {
+ break;
+ }
+ }
+
+ if (lineNo < lines.size()) {
+ parseMetadataSection(metadata, errors, lineNo);
+ }
+
+ return Pair.of(metadata, errors);
+ }
+
+ private void parseMetadataSection(CSARArchive.Manifest.Metadata metadata, List<CSARArchive.CSARError> errors, int lineNo) {
+ for (int i = lineNo; i< lines.size(); i++) {
+ String line = lines.get(i).trim();
+
+ String[] tokens = line.split(":");
+ if (skipLine( line ) || tokens.length < 2){
+ continue;
+ }
+
+ String key = tokens[0];
+ String value = tokens[1];
+
+ //continue till it reaches the metadata section
+ if (key.equalsIgnoreCase(ENTRY_MANIFEST_METADATA_VNF_PACKAGE_VERSION)) {
+ metadata.setPackageVersion(value);
+ } else if (key.equalsIgnoreCase(ENTRY_MANIFEST_METADATA_VNF_PRODUCT_NAME)) {
+ metadata.setProductName(value);
+ } else if (key.equalsIgnoreCase(ENTRY_MANIFEST_METADATA_VNF_PROVIDER_ID)) {
+ metadata.setProviderId(value);
+ } else if (key.equalsIgnoreCase(ENTRY_MANIFEST_METADATA_VNF_RELEASE_DATA_TIME)) {
+ metadata.setReleaseDateTime(value);
+ } else {
+ //Non-Mano entries are not processed as of now...
+ errors.add(
+ new CSARArchive.CSARErrorIgnored(
+ key,
+ vnfManifestFileName,
+ i,
+ null));
+ }
+ }
+ }
+
+ Pair<List<SourcesParser.Source>, List<CSARArchive.CSARError>> fetchSourcesSection() {
+ return this.sourcesParser.parse(this.lines);
+ }
+
+ Pair<String, List<CSARArchive.CSARError>> fetchCMS() {
+ return this.cmsParser.parse(this.lines);
+ }
+
+ private boolean skipLine(String line) {
+ return line.startsWith("#")
+ || line.isEmpty()
+ || line.toLowerCase().startsWith("source")
+ || line.toLowerCase().startsWith("algorithm")
+ || line.toLowerCase().startsWith("hash");
+ }
+}
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR146092.java b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR146092.java
index b84dea7..c9a4de1 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR146092.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR146092.java
@@ -74,6 +74,12 @@ public class VTPValidateCSARR146092 extends VTPValidateCSARBase {
private final Map<String, Map<String, List<String>>> nonMano;
private final List<CSARArchive.CSARError> errors = new ArrayList<>();
+ private ValidateNonManoSection(CSARArchive csar, String fileName, Map<String, Map<String, List<String>>> nonMano) {
+ this.csar = csar;
+ this.fileName = fileName;
+ this.nonMano = nonMano;
+ }
+
static Optional<ValidateNonManoSection> getInstance(CSARArchive csar) {
final File manifestMfFile = csar.getManifestMfFile();
if(manifestMfFile == null){
@@ -84,12 +90,6 @@ public class VTPValidateCSARR146092 extends VTPValidateCSARBase {
return Optional.of(new ValidateNonManoSection(csar, fileName,nonMano));
}
- private ValidateNonManoSection(CSARArchive csar, String fileName, Map<String, Map<String, List<String>>> nonMano) {
- this.csar = csar;
- this.fileName = fileName;
- this.nonMano = nonMano;
- }
-
public List<CSARArchive.CSARError> validate() {
List<String> attributeNames = Arrays.asList(
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965.java b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965.java
index 97efd11..ef233f8 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965.java
@@ -24,9 +24,11 @@ import org.onap.cvc.csar.CSARArchive;
import org.onap.cvc.csar.FileArchive;
import org.onap.cvc.csar.cc.VTPValidateCSARBase;
import org.onap.cvc.csar.security.CmsSignatureValidator;
+import org.onap.cvc.csar.security.CmsSignatureValidatorException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.Optional;
@@ -100,7 +102,7 @@ public class VTPValidateCSARR787965 extends VTPValidateCSARBase {
}
}
- private void verifyTwoFileCertification(Path pathToCsarFile, Path pathToCertFile, Path pathToCmsFile) throws Exception {
+ private void verifyTwoFileCertification(Path pathToCsarFile, Path pathToCertFile, Path pathToCmsFile) throws IOException, CmsSignatureValidatorException {
final CmsSignatureValidator securityManager = new CmsSignatureValidator();
byte[] csarContent = Files.readAllBytes(pathToCsarFile);
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966.java b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966.java
index 2be0db8..7a14709 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966.java
@@ -22,7 +22,6 @@ import org.onap.cli.fw.error.OnapCommandException;
import org.onap.cli.fw.schema.OnapCommandSchema;
import org.onap.cvc.csar.CSARArchive;
import org.onap.cvc.csar.FileArchive;
-import org.onap.cvc.csar.PnfCSARArchive;
import org.onap.cvc.csar.cc.VTPValidateCSARBase;
import org.onap.cvc.csar.parser.SourcesParser;
import org.onap.cvc.csar.security.ShaHashCodeGenerator;
@@ -82,6 +81,13 @@ public class VTPValidateCSARR787966 extends VTPValidateCSARBase {
}
}
+ public static class CSARErrorUnableToFindSource extends CSARArchive.CSARError {
+ CSARErrorUnableToFindSource(String path) {
+ super("0x4006");
+ this.message = String.format("Source '%s' does not exist!", path);
+ }
+ }
+
@Override
protected void validateCSAR(CSARArchive csar) throws OnapCommandException {
@@ -102,28 +108,42 @@ public class VTPValidateCSARR787966 extends VTPValidateCSARBase {
private void validate(CSARArchive csar, Path csarRootDirectory ) throws IOException, NoSuchAlgorithmException {
- final PnfCSARArchive.PnfManifest manifest = (PnfCSARArchive.PnfManifest) csar.getManifest();
+ final CSARArchive.Manifest manifest = csar.getManifest();
final CSARArchive.TOSCAMeta toscaMeta = csar.getToscaMeta();
validateSecurityStructure(toscaMeta, csarRootDirectory, manifest);
validateSources(csarRootDirectory, manifest);
}
- private void validateSecurityStructure(CSARArchive.TOSCAMeta toscaMeta , Path csarRootDirectory, PnfCSARArchive.PnfManifest manifest) {
- final File entryCertificate = csarRootDirectory.resolve(toscaMeta.getEntryCertificate()).toFile();
- if (!entryCertificate.exists() && !manifest.getCms().isEmpty()) {
+ private void validateSecurityStructure(CSARArchive.TOSCAMeta toscaMeta , Path csarRootDirectory, CSARArchive.Manifest manifest) {
+ final Optional<File> entryCertificate = resolveCertificateFilePath(toscaMeta, csarRootDirectory);
+ if (!entryCertificate.isPresent() || !entryCertificate.get().exists() && !manifest.getCms().isEmpty()) {
this.errors.add(new CSARErrorUnableToFindCertificate());
- } else if (entryCertificate.exists() && manifest.getCms().isEmpty()) {
+ } else if (entryCertificate.get().exists() && manifest.getCms().isEmpty()) {
this.errors.add(new CSARErrorUnableToFindCmsSection());
}
}
- private void validateSources(Path csarRootDirectory, PnfCSARArchive.PnfManifest manifest) throws NoSuchAlgorithmException, IOException {
+ private Optional<File> resolveCertificateFilePath(CSARArchive.TOSCAMeta toscaMeta, Path csarRootDirectory) {
+ final String certificatePath = toscaMeta.getEntryCertificate();
+ if(certificatePath == null){
+ return Optional.empty();
+ } else {
+ return Optional.of(csarRootDirectory.resolve(certificatePath).toFile());
+ }
+ }
+
+ private void validateSources(Path csarRootDirectory, CSARArchive.Manifest manifest) throws NoSuchAlgorithmException, IOException {
final List<SourcesParser.Source> sources = manifest.getSources();
for (SourcesParser.Source source: sources){
- if(!source.getAlgorithm().isEmpty()) {
- validateSourceHashCode(csarRootDirectory, source);
- } else if(source.getAlgorithm().isEmpty() && !source.getHash().isEmpty()){
- this.errors.add(new CSARErrorUnableToFindAlgorithm(source.getValue()));
+ final Path sourcePath = csarRootDirectory.resolve(source.getValue());
+ if(!Files.exists(sourcePath)){
+ this.errors.add(new CSARErrorUnableToFindSource(source.getValue()));
+ } else {
+ if (!source.getAlgorithm().isEmpty()) {
+ validateSourceHashCode(csarRootDirectory, source);
+ } else if (source.getAlgorithm().isEmpty() && !source.getHash().isEmpty()) {
+ this.errors.add(new CSARErrorUnableToFindAlgorithm(source.getValue()));
+ }
}
}
}
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/parser/CmsParser.java b/csarvalidation/src/main/java/org/onap/cvc/csar/parser/CmsParser.java
index b1bf4b4..aa0fb48 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/parser/CmsParser.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/parser/CmsParser.java
@@ -48,9 +48,7 @@ public class CmsParser {
for (String line : lines) {
ManifestLine manifestLine = ManifestLine.of(line);
- if (cmsSectionParsing && (manifestLine.startsWith(METADATA_SECTION_TAG_SECTION)
- || manifestLine.startsWith(NON_MANO_ARTIFACT_SETS_TAG_SECTION)
- || manifestLine.startsWith(SOURCE_TAG_SECTION))) {
+ if (cmsSectionParsing && isContainSepecialTag(manifestLine)) {
isSpecialTagReached = true;
} else if (!isSpecialTagReached && line.contains(BEGIN_CMS_SECTION)) {
cmsSectionParsing = true;
@@ -75,6 +73,12 @@ public class CmsParser {
return constructResponse(buf, errors, cmsSectionParsing, endCmsMarkerReached);
}
+ private boolean isContainSepecialTag(ManifestLine manifestLine) {
+ return manifestLine.startsWith(METADATA_SECTION_TAG_SECTION)
+ || manifestLine.startsWith(NON_MANO_ARTIFACT_SETS_TAG_SECTION)
+ || manifestLine.startsWith(SOURCE_TAG_SECTION);
+ }
+
private Pair<String, List<CSARArchive.CSARError>> constructResponse(StringBuilder buf, List<CSARArchive.CSARError> errors, boolean cmsSectionParsing, boolean endCmsMarkerReached) {
if(endCmsMarkerReached) {
return Pair.of(buf.toString(), errors);
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/parser/ManifestConsts.java b/csarvalidation/src/main/java/org/onap/cvc/csar/parser/ManifestConsts.java
index da17317..afa0e2d 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/parser/ManifestConsts.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/parser/ManifestConsts.java
@@ -20,8 +20,6 @@ package org.onap.cvc.csar.parser;
final class ManifestConsts {
- private ManifestConsts(){}
-
static final String METADATA_SECTION_TAG_SECTION = "metadata";
static final String SOURCE_TAG_SECTION = "source";
static final String ALGORITHM = "algorithm";
@@ -35,4 +33,6 @@ final class ManifestConsts {
static final String BEGIN_CMS_SECTION = "BEGIN CMS";
static final String END_CMS_SECTION = "END CMS";
+ private ManifestConsts(){}
+
}
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/parser/SourcesParser.java b/csarvalidation/src/main/java/org/onap/cvc/csar/parser/SourcesParser.java
index 5f3f0d7..9cbef8a 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/parser/SourcesParser.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/parser/SourcesParser.java
@@ -45,9 +45,7 @@ public class SourcesParser {
for (int lineNumber = 0; lineNumber < lines.size(); lineNumber++) {
String line = lines.get(lineNumber);
ManifestLine manifestLine = ManifestLine.of(line);
- if (sourceSectionParsing && (manifestLine.startsWith(METADATA_SECTION_TAG_SECTION)
- || manifestLine.startsWith(NON_MANO_ARTIFACT_SETS_TAG_SECTION)
- || line.contains(CMS))) {
+ if (sourceSectionParsing && isContainSpecialTag(line, manifestLine)) {
isSpecialTagReached = true;
} else if (!isSpecialTagReached && manifestLine.startsWith(SOURCE_TAG_SECTION)) {
sourceSectionParsing = true;
@@ -62,6 +60,12 @@ public class SourcesParser {
return Pair.of(sources, errors);
}
+ private boolean isContainSpecialTag(String line, ManifestLine manifestLine) {
+ return manifestLine.startsWith(METADATA_SECTION_TAG_SECTION)
+ || manifestLine.startsWith(NON_MANO_ARTIFACT_SETS_TAG_SECTION)
+ || line.contains(CMS);
+ }
+
private Source handleSourceLine(List<Source> sources, List<CSARArchive.CSARError> errors, int lineNumber, ManifestLine manifestLine) {
Source source;
String value = parseSourceSectionLine(manifestLine, lineNumber, errors);
@@ -140,8 +144,14 @@ public class SourcesParser {
@Override
public boolean equals(Object o) {
- if (this == o) return true;
- if (o == null || getClass() != o.getClass()) return false;
+ if (this == o) {
+ return true;
+ }
+
+ if (o == null || getClass() != o.getClass()) {
+ return false;
+ }
+
Source source1 = (Source) o;
return Objects.equals(value, source1.value) &&
Objects.equals(algorithm, source1.algorithm) &&
diff --git a/csarvalidation/src/main/java/org/onap/cvc/csar/security/CmsSignatureValidator.java b/csarvalidation/src/main/java/org/onap/cvc/csar/security/CmsSignatureValidator.java
index 316c802..a168541 100644
--- a/csarvalidation/src/main/java/org/onap/cvc/csar/security/CmsSignatureValidator.java
+++ b/csarvalidation/src/main/java/org/onap/cvc/csar/security/CmsSignatureValidator.java
@@ -27,6 +27,8 @@ import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.operator.OperatorCreationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.ByteArrayInputStream;
import java.io.IOException;
@@ -39,6 +41,8 @@ import java.util.Collection;
public class CmsSignatureValidator {
+ private static final Logger LOG = LoggerFactory.getLogger(CmsSignatureValidator.class);
+
public boolean verifySignedData(
final byte[] signature,
final byte[] certificate,
@@ -51,6 +55,7 @@ public class CmsSignatureValidator {
return firstSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert));
} catch (CMSSignerDigestMismatchException e){
//message-digest attribute value does not match calculated value
+ LOG.warn("CMS signer digest mismatch.", e);
return false;
}
catch (OperatorCreationException | IOException | CMSException e) {
diff --git a/csarvalidation/src/main/resources/open-cli-schema/sol004/vtp-validate-csar-r787966.yaml b/csarvalidation/src/main/resources/open-cli-schema/sol004/vtp-validate-csar-r787966.yaml
index 3b039a1..0482836 100644
--- a/csarvalidation/src/main/resources/open-cli-schema/sol004/vtp-validate-csar-r787966.yaml
+++ b/csarvalidation/src/main/resources/open-cli-schema/sol004/vtp-validate-csar-r787966.yaml
@@ -17,7 +17,7 @@ open_cli_schema_version: 1.0
name: csar-validate-r787966
description: |
- The VNF/PNF package shall contain a Digest (a.k.a. hash) for each of the components of the VNF/PNF package. The table of hashes is included in the manifest file, which is signed with the VNF provider private key. In addition, the VNF provider shall include a signing certificate that includes the VNF provider public key, following a pre-defined naming convention and located either at the root of the archive or in a predefined location (e.g. directory).
+ The VNF/PNF package shall contain a Digest (a.k.a. hash) for each of the components of the VNF package. The table of hashes is included in the manifest file, which is signed with the VNF provider private key. In addition, the VNF provider shall include a signing certificate that includes the VNF provider public key, following a pre-defined naming convention and located either at the root of the archive or in a predefined location (e.g. directory).
info:
product: onap-vtp
@@ -38,7 +38,7 @@ parameters:
short_option: p
type: bool
is_optional: true
- default_value: true
+ default_value: false
results:
direction: landscape
attributes:
diff --git a/csarvalidation/src/main/resources/vnfreqs.properties b/csarvalidation/src/main/resources/vnfreqs.properties
index b2ae957..8b5d488 100644
--- a/csarvalidation/src/main/resources/vnfreqs.properties
+++ b/csarvalidation/src/main/resources/vnfreqs.properties
@@ -1,4 +1,4 @@
-vnfreqs.enabled=r02454,r04298,r07879,r09467,r13390,r23823,r26881,r27310,r35851,r40293,r43958,r66070,r77707,r77786,r87234,r10087,r21322,r26885,r40820,r35854,r65486,r17852,r46527,r15837,r54356,r67895,r95321,r32155,r01123,r51347,r787965
+vnfreqs.enabled=r02454,r04298,r07879,r09467,r13390,r23823,r26881,r27310,r35851,r40293,r43958,r66070,r77707,r77786,r87234,r10087,r21322,r26885,r40820,r35854,r65486,r17852,r46527,r15837,r54356,r67895,r95321,r32155,r01123,r51347,r787965,r787966
pnfreqs.enabled=r10087,r87234,r35854,r15837,r17852,r293901,r146092,r57019,r787965,r787966
# ignored all chef and ansible related tests
vnferrors.ignored=0x1005,0x1006,r07879-0x1000,r13390-0x1000,r27310-0x1000,r40293-0x1000,r77786-0x1000,r04298-0x1000,r07879-0x1000,r10087-0x1000,r13390-0x1000,r23823-0x1000,r26881-0x1000,r40820-0x1000,r35851-0x1000,r32155-0x1000,r54356-0x1000,r67895-0x1000,r95321-0x1000,r46527-0x1000,r02454-0x1000