summaryrefslogtreecommitdiffstats
path: root/csarvalidation/src/test/java/org
diff options
context:
space:
mode:
authorBogumil Zebek <bogumil.zebek@nokia.com>2019-08-14 10:52:37 +0200
committerZebek Bogumil <bogumil.zebek@nokia.com>2019-08-22 12:10:38 +0200
commit0562debfc5cdd31e61c016aea40272c6c02ad3cb (patch)
tree79e011e5247c1179d784723bb57c6bede0b3fb14 /csarvalidation/src/test/java/org
parent870a89675528664aa5c0aca57f50c584b76a8b8f (diff)
CMS signature validation
Change-Id: Ie5d1c835d0e6a760f1b7de651a3833cb87b727e0 Issue-ID: VNFSDK-396 Signed-off-by: Zebek Bogumil <bogumil.zebek@nokia.com>
Diffstat (limited to 'csarvalidation/src/test/java/org')
-rw-r--r--csarvalidation/src/test/java/org/onap/cvc/csar/PnfManifestParserTest.java36
-rw-r--r--csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java (renamed from csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java)46
-rw-r--r--csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java22
-rw-r--r--csarvalidation/src/test/java/org/onap/cvc/csar/parser/ManifestFileSplitterTest.java50
4 files changed, 131 insertions, 23 deletions
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/PnfManifestParserTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/PnfManifestParserTest.java
index 6e56959..a708f47 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/PnfManifestParserTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/PnfManifestParserTest.java
@@ -120,9 +120,39 @@ public class PnfManifestParserTest {
List<CSARArchive.CSARError> errors = sourcesPair.getValue();
assertThat(cms).isEqualTo(
- "MIGDBgsqhkiG9w0BCRABCaB0MHICAQAwDQYLKoZIhvcNAQkQAwgwXgYJKoZIhvcN" +
- "AQcBoFEET3icc87PK0nNK9ENqSxItVIoSa0o0S/ISczMs1ZIzkgsKk4tsQ0N1nUM" +
- "dvb05OXi5XLPLEtViMwvLVLwSE0sKlFIVHAqSk3MBkkBAJv0Fx0="
+ "MIIGDAYJKoZIhvcNAQcCoIIF/TCCBfkCAQExDTALBglghkgBZQMEAgEwCwYJKoZI"+
+ "hvcNAQcBoIIDRTCCA0EwggIpAhRJ6KO7OFR2BuRDZwcd2TT4/wrEqDANBgkqhkiG"+
+ "9w0BAQsFADBlMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8G"+
+ "A1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR4wHAYDVQQLDBVDZXJ0aWZp"+
+ "Y2F0ZSBBdXRob3JpdHkwHhcNMTkwODEzMDg0NDU4WhcNMTkwOTEyMDg0NDU4WjBV"+
+ "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50"+
+ "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ4wDAYDVQQLDAVOb2tpYTCCASIwDQYJKoZI"+
+ "hvcNAQEBBQADggEPADCCAQoCggEBAPRCM8g0cm1nuojFuk01Lo1iAbj7STEbiqJn"+
+ "Xk4BEEspM4snShj35bO9DHSunXivdCzen4BE7hLpetpbr+7ptqpV7NuR9DgYD399"+
+ "eAltb4oLnkLWgODCxhFOnwrKjnXSbP8KX3kmYRJmDzsSjJrpattfxNCa2aHzubyA"+
+ "W0Mv9Ni2R0scnBY+ubydwn223d/743T2pfXsiOV6Ucjhz+9XWU96b7e9GxN12EJQ"+
+ "R6R4O9dz3CSZmQsiMMYROD5elV59Y9ucSkhdrUjPzjveqjEA9FWc0piBpe42c9Mo"+
+ "Lr8S5hKaaC8ONfSUBuEysKC5g6D6OS1Kxii3zbUbNzpxXti8tmUCAwEAATANBgkq"+
+ "hkiG9w0BAQsFAAOCAQEAVJGCH8VL/ha1RYmoZBefCT/AQc50GlcIJtPCB8Y7ygkX"+
+ "Y2Ybj6SrF66+wq6hQsU9xtxHyn08nfOdGWfNJ9yq4SO8RF7Oz4NxkQ+KFhi2QUGZ"+
+ "5TwdWLr0Q+zKTZgpLZm1rtlyyz+2AUwcPPVHhDfJX0kqz/0UPHWFDxXfJyOwmQdN"+
+ "E4qhO9uB3zEujJwM8B7wXfDwsNg6xbKBytm67IHQN3OF/Bfcugx7eCVJ08XA8Irj"+
+ "CovwPvjxaL32iYTXmiBl+vSb3lEarbinMkMCq80yx3LtIg1goGVO+Tp+yOoVxNUL"+
+ "psSXr9kdWncI1venEjk/SvggxtT4RJ6dLH358qFu+TGCAo0wggKJAgEBMH0wZTEL"+
+ "MAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVy"+
+ "bmV0IFdpZGdpdHMgUHR5IEx0ZDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9y"+
+ "aXR5AhRJ6KO7OFR2BuRDZwcd2TT4/wrEqDALBglghkgBZQMEAgGggeQwGAYJKoZI"+
+ "hvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwODEzMDg0NTI2"+
+ "WjAvBgkqhkiG9w0BCQQxIgQgOtAYNJkSFj5rU8K7Ujz6BdefH7sITKBcMmBcm/hI"+
+ "TUAweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsG"+
+ "CWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcN"+
+ "AwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEA"+
+ "Sj+3i3Mcxz6Uqf8WcLNiR3K3QeQUEQJurPHW/BzidjPx+PoZ+6jP8sAkulUu/yeo"+
+ "rv3dDQGq0cF6KE3gKi3IXgCOB5nZ/O4BtvPcKOlQk14fMdBnHQMgGb27dNLMheuo"+
+ "t4YJVEZNm+1NoYZBMyESm1Ns3DHmq7dqpFMWSad85gMTsbD/q896ZMiua+bLvnlg"+
+ "qJXtYrnJPx9KqSzNFhzTqwFMJ9OASaHm+eV9/EWWLJ0rgUmheI0sb2Pa5i93w6dr"+
+ "HhE7UbSCHDlDDgrOosJkbuI4UCX/njXrU2ukXbrWz/FjH84Mek039z+w4M6fBnl5"+
+ "4xuyO1o65LlKHoxwnRH9lQ=="
);
assertThat(errors.size()).isEqualTo(0);
}
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java
index d48869a..90da946 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java
@@ -18,6 +18,7 @@
package org.onap.cvc.csar.cc.sol004;
import org.junit.Before;
+import org.junit.Ignore;
import org.junit.Test;
import org.onap.cvc.csar.CSARArchive;
@@ -28,26 +29,30 @@ import static org.onap.cvc.csar.cc.sol004.IntegrationTestUtils.configureTestCase
import static org.onap.cvc.csar.cc.sol004.IntegrationTestUtils.convertToMessagesList;
-public class VTPValidateCSARR787966IntegrationTest {
+public class VTPValidateCSARR130206IntegrationTest {
private static final boolean IS_PNF = true;
- private VTPValidateCSARR787966 testCase;
+ private VTPValidateCSARR130206 testCase;
@Before
public void setUp() {
- testCase = new VTPValidateCSARR787966();
+ testCase = new VTPValidateCSARR130206();
}
@Test
public void shouldReturnProperRequestNumber() {
- assertThat(testCase.getVnfReqsNo()).isEqualTo("R787966");
+ assertThat(testCase.getVnfReqsNo()).isEqualTo("R130206");
}
@Test
- public void shouldValidateProperCsar() throws Exception {
+ @Ignore("It is impossible to write test which will always pass, because certificate used to sign the file has time validity." +
+ "To verify signed package please please follow instructions from test/resources/README.txt file and comment @Ignore tag. " +
+ "Use instructions for option 1. Test was created for manual verification."
+ )
+ public void manual_shouldValidateProperCsar() throws Exception {
// given
- configureTestCase(testCase, "pnf/r787966/csar-option1-valid.csar", "vtp-validate-csar-r787966.yaml", IS_PNF);
+ configureTestCase(testCase, "pnf/r130206/csar-option1-valid.csar", "vtp-validate-csar-r130206.yaml", IS_PNF);
// when
testCase.execute();
@@ -58,22 +63,40 @@ public class VTPValidateCSARR787966IntegrationTest {
}
@Test
+ public void shouldReportThatOnlySignatureIsInvalid() throws Exception {
+
+ // given
+ configureTestCase(testCase, "pnf/r130206/csar-option1-validSection.csar", "vtp-validate-csar-r130206.yaml", IS_PNF);
+
+ // when
+ testCase.execute();
+
+ // then
+ List<CSARArchive.CSARError> errors = testCase.getErrors();
+ assertThat(errors.size()).isEqualTo(1);
+ assertThat(convertToMessagesList(errors)).contains(
+ "File has invalid CMS signature!"
+ );
+ }
+
+ @Test
public void shouldReportErrorsForInvalidCsar() throws Exception {
// given
- configureTestCase(testCase, "pnf/r787966/csar-option1-invalid.csar", "vtp-validate-csar-r787966.yaml", IS_PNF);
+ configureTestCase(testCase, "pnf/r130206/csar-option1-invalid.csar", "vtp-validate-csar-r130206.yaml", IS_PNF);
// when
testCase.execute();
// then
List<CSARArchive.CSARError> errors = testCase.getErrors();
- assertThat(errors.size()).isEqualTo(4);
+ assertThat(errors.size()).isEqualTo(5);
assertThat(convertToMessagesList(errors)).contains(
"Unable to find CMS section in manifest!",
"Source 'Definitions/MainServiceTemplate.yaml' has wrong hash!",
"Source 'Artifacts/Other/my_script.csh' has hash, but unable to find algorithm tag!",
- "Source 'Artifacts/NonExisting.txt' does not exist!"
+ "Unable to calculate digest - file missing: Artifacts/NonExisting2.txt",
+ "File has invalid CMS signature!"
);
}
@@ -82,7 +105,7 @@ public class VTPValidateCSARR787966IntegrationTest {
public void shouldReportThanInVnfPackageCertFileWasNotDefined() throws Exception {
// given
- configureTestCase(testCase, "sample2.csar", "vtp-validate-csar-r787966.yaml", false);
+ configureTestCase(testCase, "sample2.csar", "vtp-validate-csar-r130206.yaml", false);
// when
testCase.execute();
@@ -91,10 +114,11 @@ public class VTPValidateCSARR787966IntegrationTest {
List<CSARArchive.CSARError> errors = testCase.getErrors();
assertThat(convertToMessagesList(errors)).contains(
"Unable to find cert file defined by Entry-Certificate!",
+ "Unable to find CMS section in manifest!",
"Missing. Entry [tosca_definitions_version]"
);
}
-} \ No newline at end of file
+}
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
index eb41d6a..49696e6 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
@@ -18,6 +18,7 @@
package org.onap.cvc.csar.cc.sol004;
import org.junit.Before;
+import org.junit.Ignore;
import org.junit.Test;
import org.onap.cvc.csar.CSARArchive;
@@ -61,7 +62,11 @@ public class VTPValidateCSARR787965IntegrationTest {
}
@Test
- public void shouldReportThatZipContainsSignatureWithCertificationFileAndPackageIsProbableValid() throws Exception {
+ @Ignore("It is impossible to write test which will always pass, because certificate used to sign the file has time validity." +
+ "To verify signed package please please follow instructions from test/resources/README.txt file and comment @Ignore tag. " +
+ "Use instructions for option 2. Test was created for manual verification."
+ )
+ public void manual_shouldReportThatZipContainsSignatureWithCertificationFileAndPackageIsValid() throws Exception {
// given
configureTestCase(testCase, "pnf/r787965/signature-and-certificate.zip", "vtp-validate-csar-r787965.yaml", IS_PNF);
@@ -71,12 +76,7 @@ public class VTPValidateCSARR787965IntegrationTest {
// then
List<CSARArchive.CSARError> errors = testCase.getErrors();
- assertThat(errors.size()).isEqualTo(1);
- assertThat(convertToMessagesList(errors)).contains(
- "Warning. Zip package probably is valid. " +
- "It contains only signature with certification cms and csar package. " +
- "Unable to verify csar signature."
- );
+ assertThat(errors.size()).isEqualTo(0);
}
@Test
@@ -97,7 +97,11 @@ public class VTPValidateCSARR787965IntegrationTest {
}
@Test
- public void shouldDoNotReportAnyErrorWhenPackageHasValidSignature() throws Exception {
+ @Ignore("It is impossible to write test which will always pass, because certificate used to sign the file has time validity." +
+ "To verify signed package please please follow instructions from test/resources/README.txt file and comment @Ignore tag. " +
+ "Use instructions for option 2. Test was created for manual verification."
+ )
+ public void manual_shouldDoNotReportAnyErrorWhenPackageHasValidSignature() throws Exception {
// given
configureTestCase(testCase, "pnf/signed-package-valid-signature.zip", "vtp-validate-csar-r787965.yaml", IS_PNF);
@@ -110,4 +114,4 @@ public class VTPValidateCSARR787965IntegrationTest {
assertThat(errors.size()).isEqualTo(0);
}
-} \ No newline at end of file
+}
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/parser/ManifestFileSplitterTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/parser/ManifestFileSplitterTest.java
new file mode 100644
index 0000000..b530691
--- /dev/null
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/parser/ManifestFileSplitterTest.java
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2019 Nokia
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.onap.cvc.csar.parser;
+
+import org.assertj.core.api.Assertions;
+import org.junit.Test;
+
+import java.io.File;
+
+/*
+ How to sing files see to README.txt file into test/resources folder
+ */
+public class ManifestFileSplitterTest {
+
+ @Test
+ public void shouldSplitManifestFileOnDataPartAndCMS() {
+ File file = new File("./src/test/resources/cvc/csar/parser/MainServiceTemplate.mf");
+ ManifestFileSplitter manifestFileSplitter = new ManifestFileSplitter();
+
+ ManifestFileModel manifestFileModel = manifestFileSplitter.split(file);
+
+ Assertions.assertThat(manifestFileModel.getData()).contains("metadata:",
+ " pnfd_name: RadioNode",
+ " pnfd_provider: Ericsson",
+ " pnfd_archive_version: 1.0",
+ " pnfd_release_date_time: 2019-01-14T11:25:00+00:00");
+
+ Assertions.assertThat(manifestFileModel.getCMS()).contains(
+ "-----BEGIN CMS-----",
+ "MIIGDAYJKoZIhvcNAQcCoIIF/TCCBfkCAQExDTALBglghkgBZQMEAgEwCwYJKoZI",
+ "hvcNAQcBoIIDRTCCA0EwggIpAhRJ6KO7OFR2BuRDZwcd2TT4/wrEqDANBgkqhkiG",
+ "-----END CMS-----"
+ );
+ }
+}