diff options
author | Bogumil Zebek <bogumil.zebek@nokia.com> | 2019-08-14 10:52:37 +0200 |
---|---|---|
committer | Zebek Bogumil <bogumil.zebek@nokia.com> | 2019-08-22 12:10:38 +0200 |
commit | 0562debfc5cdd31e61c016aea40272c6c02ad3cb (patch) | |
tree | 79e011e5247c1179d784723bb57c6bede0b3fb14 /csarvalidation/src/test/resources | |
parent | 870a89675528664aa5c0aca57f50c584b76a8b8f (diff) |
CMS signature validation
Change-Id: Ie5d1c835d0e6a760f1b7de651a3833cb87b727e0
Issue-ID: VNFSDK-396
Signed-off-by: Zebek Bogumil <bogumil.zebek@nokia.com>
Diffstat (limited to 'csarvalidation/src/test/resources')
-rw-r--r-- | csarvalidation/src/test/resources/README.txt | 20 | ||||
-rw-r--r-- | csarvalidation/src/test/resources/cvc/csar/parser/MainServiceTemplate.mf | 10 | ||||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/MainServiceTemplate.mf | 38 | ||||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/README.txt | 6 | ||||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/r130206/csar-option1-invalid.csar (renamed from csarvalidation/src/test/resources/pnf/r787966/csar-option1-invalid.csar) | bin | 5745 -> 5743 bytes | |||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/r130206/csar-option1-valid.csar | bin | 0 -> 7324 bytes | |||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/r130206/csar-option1-validSection.csar (renamed from csarvalidation/src/test/resources/pnf/r787966/csar-option1-valid.csar) | bin | 6549 -> 6170 bytes |
7 files changed, 64 insertions, 10 deletions
diff --git a/csarvalidation/src/test/resources/README.txt b/csarvalidation/src/test/resources/README.txt new file mode 100644 index 0000000..1360ce9 --- /dev/null +++ b/csarvalidation/src/test/resources/README.txt @@ -0,0 +1,20 @@ +How to sign CSAR file - option 2 +--------------------- +openssl req -new -nodes -x509 -keyout root-private-key.pem > root.cert +openssl req -new -nodes -keyout sample-pnf-private-key.pem > sample-pnf-request.pem +openssl x509 -req -CA root.cert -CAkey root-private-key.pem -CAcreateserial < sample-pnf-request.pem > sample-pnf.cert +openssl cms -sign -binary -nocerts -outform pem -signer sample-pnf.cert -inkey sample-pnf-private-key.pem < sample-pnf.csar > sample-pnf.cms + +How to sign CSAR file - option 1 +-------------------------------- +openssl req -new -nodes -x509 -keyout root-private-key.pem > root-certificate.cert +TIP: As a 'Organizational Unit Name' set, for example: Certificate Authority + +openssl req -new -nodes -keyout signing-private-key.pem > signing-request.pem +TIP: As a 'Organizational Unit Name' set, for example: Nokia. Name values must be different! + +openssl x509 -req -CA root-certificate.cert -CAkey root-private-key.pem -CAcreateserial < signing-request.pem > signing-certificate.cert + +openssl cms -sign -signer signing-certificate.cert -inkey signing-private-key.pem -outform pem -binary < MainServiceTemplate.mf > signature-and-certificate.cms + +openssl cms -verify -content MainServiceTemplate.mf -CAfile root-certificate.cert -inform pem -binary < signature-and-certificate.cms > /dev/null diff --git a/csarvalidation/src/test/resources/cvc/csar/parser/MainServiceTemplate.mf b/csarvalidation/src/test/resources/cvc/csar/parser/MainServiceTemplate.mf new file mode 100644 index 0000000..556c006 --- /dev/null +++ b/csarvalidation/src/test/resources/cvc/csar/parser/MainServiceTemplate.mf @@ -0,0 +1,10 @@ +metadata: + pnfd_name: RadioNode + pnfd_provider: Ericsson + pnfd_archive_version: 1.0 + pnfd_release_date_time: 2019-01-14T11:25:00+00:00 + +-----BEGIN CMS----- +MIIGDAYJKoZIhvcNAQcCoIIF/TCCBfkCAQExDTALBglghkgBZQMEAgEwCwYJKoZI +hvcNAQcBoIIDRTCCA0EwggIpAhRJ6KO7OFR2BuRDZwcd2TT4/wrEqDANBgkqhkiG +-----END CMS----- diff --git a/csarvalidation/src/test/resources/pnf/MainServiceTemplate.mf b/csarvalidation/src/test/resources/pnf/MainServiceTemplate.mf index 6987eb1..6bc88b2 100644 --- a/csarvalidation/src/test/resources/pnf/MainServiceTemplate.mf +++ b/csarvalidation/src/test/resources/pnf/MainServiceTemplate.mf @@ -35,7 +35,37 @@ non_mano_artifact_sets: source: Artifacts/Other/review_log.txt -----BEGIN CMS----- -MIGDBgsqhkiG9w0BCRABCaB0MHICAQAwDQYLKoZIhvcNAQkQAwgwXgYJKoZIhvcN -AQcBoFEET3icc87PK0nNK9ENqSxItVIoSa0o0S/ISczMs1ZIzkgsKk4tsQ0N1nUM -dvb05OXi5XLPLEtViMwvLVLwSE0sKlFIVHAqSk3MBkkBAJv0Fx0= ------END CMS-----
\ No newline at end of file +MIIGDAYJKoZIhvcNAQcCoIIF/TCCBfkCAQExDTALBglghkgBZQMEAgEwCwYJKoZI +hvcNAQcBoIIDRTCCA0EwggIpAhRJ6KO7OFR2BuRDZwcd2TT4/wrEqDANBgkqhkiG +9w0BAQsFADBlMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8G +A1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMR4wHAYDVQQLDBVDZXJ0aWZp +Y2F0ZSBBdXRob3JpdHkwHhcNMTkwODEzMDg0NDU4WhcNMTkwOTEyMDg0NDU4WjBV +MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 +ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQ4wDAYDVQQLDAVOb2tpYTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAPRCM8g0cm1nuojFuk01Lo1iAbj7STEbiqJn +Xk4BEEspM4snShj35bO9DHSunXivdCzen4BE7hLpetpbr+7ptqpV7NuR9DgYD399 +eAltb4oLnkLWgODCxhFOnwrKjnXSbP8KX3kmYRJmDzsSjJrpattfxNCa2aHzubyA +W0Mv9Ni2R0scnBY+ubydwn223d/743T2pfXsiOV6Ucjhz+9XWU96b7e9GxN12EJQ +R6R4O9dz3CSZmQsiMMYROD5elV59Y9ucSkhdrUjPzjveqjEA9FWc0piBpe42c9Mo +Lr8S5hKaaC8ONfSUBuEysKC5g6D6OS1Kxii3zbUbNzpxXti8tmUCAwEAATANBgkq +hkiG9w0BAQsFAAOCAQEAVJGCH8VL/ha1RYmoZBefCT/AQc50GlcIJtPCB8Y7ygkX +Y2Ybj6SrF66+wq6hQsU9xtxHyn08nfOdGWfNJ9yq4SO8RF7Oz4NxkQ+KFhi2QUGZ +5TwdWLr0Q+zKTZgpLZm1rtlyyz+2AUwcPPVHhDfJX0kqz/0UPHWFDxXfJyOwmQdN +E4qhO9uB3zEujJwM8B7wXfDwsNg6xbKBytm67IHQN3OF/Bfcugx7eCVJ08XA8Irj +CovwPvjxaL32iYTXmiBl+vSb3lEarbinMkMCq80yx3LtIg1goGVO+Tp+yOoVxNUL +psSXr9kdWncI1venEjk/SvggxtT4RJ6dLH358qFu+TGCAo0wggKJAgEBMH0wZTEL +MAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVy +bmV0IFdpZGdpdHMgUHR5IEx0ZDEeMBwGA1UECwwVQ2VydGlmaWNhdGUgQXV0aG9y +aXR5AhRJ6KO7OFR2BuRDZwcd2TT4/wrEqDALBglghkgBZQMEAgGggeQwGAYJKoZI +hvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwODEzMDg0NTI2 +WjAvBgkqhkiG9w0BCQQxIgQgOtAYNJkSFj5rU8K7Ujz6BdefH7sITKBcMmBcm/hI +TUAweQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsG +CWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcN +AwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEA +Sj+3i3Mcxz6Uqf8WcLNiR3K3QeQUEQJurPHW/BzidjPx+PoZ+6jP8sAkulUu/yeo +rv3dDQGq0cF6KE3gKi3IXgCOB5nZ/O4BtvPcKOlQk14fMdBnHQMgGb27dNLMheuo +t4YJVEZNm+1NoYZBMyESm1Ns3DHmq7dqpFMWSad85gMTsbD/q896ZMiua+bLvnlg +qJXtYrnJPx9KqSzNFhzTqwFMJ9OASaHm+eV9/EWWLJ0rgUmheI0sb2Pa5i93w6dr +HhE7UbSCHDlDDgrOosJkbuI4UCX/njXrU2ukXbrWz/FjH84Mek039z+w4M6fBnl5 +4xuyO1o65LlKHoxwnRH9lQ== +-----END CMS----- diff --git a/csarvalidation/src/test/resources/pnf/README.txt b/csarvalidation/src/test/resources/pnf/README.txt deleted file mode 100644 index 8984d6f..0000000 --- a/csarvalidation/src/test/resources/pnf/README.txt +++ /dev/null @@ -1,6 +0,0 @@ -How to sign CSAR file ---------------------- -openssl req -new -nodes -x509 -keyout root-private-key.pem > root.cert -openssl req -new -nodes -keyout sample-pnf-private-key.pem > sample-pnf-request.pem -openssl x509 -req -CA root.cert -CAkey root-private-key.pem -CAcreateserial < sample-pnf-request.pem > sample-pnf.cert -openssl cms -sign -binary -nocerts -outform pem -signer sample-pnf.cert -inkey sample-pnf-private-key.pem < sample-pnf.csar > sample-pnf.cms
\ No newline at end of file diff --git a/csarvalidation/src/test/resources/pnf/r787966/csar-option1-invalid.csar b/csarvalidation/src/test/resources/pnf/r130206/csar-option1-invalid.csar Binary files differindex 0213b60..187c008 100644 --- a/csarvalidation/src/test/resources/pnf/r787966/csar-option1-invalid.csar +++ b/csarvalidation/src/test/resources/pnf/r130206/csar-option1-invalid.csar diff --git a/csarvalidation/src/test/resources/pnf/r130206/csar-option1-valid.csar b/csarvalidation/src/test/resources/pnf/r130206/csar-option1-valid.csar Binary files differnew file mode 100644 index 0000000..7cca18d --- /dev/null +++ b/csarvalidation/src/test/resources/pnf/r130206/csar-option1-valid.csar diff --git a/csarvalidation/src/test/resources/pnf/r787966/csar-option1-valid.csar b/csarvalidation/src/test/resources/pnf/r130206/csar-option1-validSection.csar Binary files differindex 17aa662..bc90a75 100644 --- a/csarvalidation/src/test/resources/pnf/r787966/csar-option1-valid.csar +++ b/csarvalidation/src/test/resources/pnf/r130206/csar-option1-validSection.csar |