summaryrefslogtreecommitdiffstats
path: root/csarvalidation/src/test/resources/README.txt
diff options
context:
space:
mode:
authorWeitao Gao <victor.gao@huawei.com>2019-09-04 08:24:35 +0000
committerGerrit Code Review <gerrit@onap.org>2019-09-04 08:24:35 +0000
commitfc685ddff28f6be4fd29ffbca85f66f56979dafb (patch)
tree075104f9276913d3baf91b7cafe9ab4faf6607ed /csarvalidation/src/test/resources/README.txt
parent26514e7bb8b174ba5bbbcf903b697160eb397e03 (diff)
parent0562debfc5cdd31e61c016aea40272c6c02ad3cb (diff)
Merge "CMS signature validation"
Diffstat (limited to 'csarvalidation/src/test/resources/README.txt')
-rw-r--r--csarvalidation/src/test/resources/README.txt20
1 files changed, 20 insertions, 0 deletions
diff --git a/csarvalidation/src/test/resources/README.txt b/csarvalidation/src/test/resources/README.txt
new file mode 100644
index 0000000..1360ce9
--- /dev/null
+++ b/csarvalidation/src/test/resources/README.txt
@@ -0,0 +1,20 @@
+How to sign CSAR file - option 2
+---------------------
+openssl req -new -nodes -x509 -keyout root-private-key.pem > root.cert
+openssl req -new -nodes -keyout sample-pnf-private-key.pem > sample-pnf-request.pem
+openssl x509 -req -CA root.cert -CAkey root-private-key.pem -CAcreateserial < sample-pnf-request.pem > sample-pnf.cert
+openssl cms -sign -binary -nocerts -outform pem -signer sample-pnf.cert -inkey sample-pnf-private-key.pem < sample-pnf.csar > sample-pnf.cms
+
+How to sign CSAR file - option 1
+--------------------------------
+openssl req -new -nodes -x509 -keyout root-private-key.pem > root-certificate.cert
+TIP: As a 'Organizational Unit Name' set, for example: Certificate Authority
+
+openssl req -new -nodes -keyout signing-private-key.pem > signing-request.pem
+TIP: As a 'Organizational Unit Name' set, for example: Nokia. Name values must be different!
+
+openssl x509 -req -CA root-certificate.cert -CAkey root-private-key.pem -CAcreateserial < signing-request.pem > signing-certificate.cert
+
+openssl cms -sign -signer signing-certificate.cert -inkey signing-private-key.pem -outform pem -binary < MainServiceTemplate.mf > signature-and-certificate.cms
+
+openssl cms -verify -content MainServiceTemplate.mf -CAfile root-certificate.cert -inform pem -binary < signature-and-certificate.cms > /dev/null