diff options
author | Bogumil Zebek <bogumil.zebek@nokia.com> | 2019-05-09 13:28:17 +0200 |
---|---|---|
committer | Zebek Bogumil <bogumil.zebek@nokia.com> | 2019-06-11 11:58:13 +0200 |
commit | bd711684187e95a1dd3cd53622714aae22bb417c (patch) | |
tree | 43aaca63aceb64c7e3d62a212b41f8571b4b26bd /csarvalidation/src/test | |
parent | 900dd46df0976d545ec66a4822fc1fc846f262b4 (diff) |
Security verification
Change-Id: I759e3698a25dd4f84dc345c3fd4c0d201b75d233
Issue-ID: VNFSDK-395
Signed-off-by: Zebek Bogumil <bogumil.zebek@nokia.com>
Diffstat (limited to 'csarvalidation/src/test')
-rw-r--r-- | csarvalidation/src/test/java/org/onap/cvc/csar/ZipFileContentValidatorTest.java | 134 | ||||
-rw-r--r-- | csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java | 37 | ||||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/r787965/broken.zip | bin | 0 -> 1867 bytes | |||
-rw-r--r-- | csarvalidation/src/test/resources/pnf/r787965/signature-and-certificate.zip | bin | 0 -> 4499 bytes |
4 files changed, 36 insertions, 135 deletions
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/ZipFileContentValidatorTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/ZipFileContentValidatorTest.java deleted file mode 100644 index 7da91f8..0000000 --- a/csarvalidation/src/test/java/org/onap/cvc/csar/ZipFileContentValidatorTest.java +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright 2019 Nokia - * <p> - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * <p> - * http://www.apache.org/licenses/LICENSE-2.0 - * <p> - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -package org.onap.cvc.csar; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.Mock; -import org.mockito.junit.MockitoJUnitRunner; - -import java.nio.file.Path; -import java.util.List; -import java.util.stream.Collectors; - -import static org.assertj.core.api.Assertions.assertThat; - -@RunWith(MockitoJUnitRunner.class) -public class ZipFileContentValidatorTest { - - @Mock - Path rootFolder; - @Mock - Path pathToCsarWorkspace; - @Mock - Path certFile; - @Mock - Path csarFile; - @Mock - Path cmsFile; - - private ZipFileContentValidator zipFileContentValidator; - - - @Before - public void setUp(){ - zipFileContentValidator = new ZipFileContentValidator(); - } - - @Test - public void shouldReportThatCertFileAndCmsFileIsNotAvailable() { - // given - FileArchive.Workspace workspace = FileArchive.Workspace.forZip( - rootFolder, - pathToCsarWorkspace, - null, - null, - null - ); - - // when - List<CSARArchive.CSARError> errors = zipFileContentValidator.validate(workspace); - - // then - assertThat(errors.size()).isEqualTo(2); - assertThat(errors.stream().map(CSARArchive.CSARError::getMessage).collect(Collectors.toList())).contains( - "Missing. Cert file is not available!", "Missing. CMS file is not available!" - ); - } - - @Test - public void shouldReportThatCertFileIsNotAvailable() { - // given - FileArchive.Workspace workspace = FileArchive.Workspace.forZip( - rootFolder, - pathToCsarWorkspace, - null, - cmsFile, - csarFile - ); - - // when - List<CSARArchive.CSARError> errors = zipFileContentValidator.validate(workspace); - - // then - assertThat(errors.size()).isEqualTo(1); - assertThat(errors.stream().map(CSARArchive.CSARError::getMessage).collect(Collectors.toList())).contains( - "Missing. Cert file is not available!" - ); - } - - @Test - public void shouldReportThatCmsFileIsNotAvailable() { - // given - FileArchive.Workspace workspace = FileArchive.Workspace.forZip( - rootFolder, - pathToCsarWorkspace, - certFile, - null, - csarFile - ); - - // when - List<CSARArchive.CSARError> errors = zipFileContentValidator.validate(workspace); - - // then - assertThat(errors.size()).isEqualTo(1); - assertThat(errors.stream().map(CSARArchive.CSARError::getMessage).collect(Collectors.toList())).contains( - "Missing. CMS file is not available!" - ); - } - - @Test - public void shouldNotReportAnyErrorWhenAllFilesAreAvailable() { - // given - FileArchive.Workspace workspace = FileArchive.Workspace.forZip( - rootFolder, - pathToCsarWorkspace, - certFile, - cmsFile, - csarFile - ); - - // when - List<CSARArchive.CSARError> errors = zipFileContentValidator.validate(workspace); - - // then - assertThat(errors.size()).isEqualTo(0); - } -}
\ No newline at end of file diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java index c19fe99..ffbf87e 100644 --- a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java +++ b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java @@ -60,6 +60,42 @@ public class VTPValidateCSARR787965IntegrationTest { } @Test + public void shouldReportThatZipContainsSignatureWithCertificationFileAndPackageIsProbableValid() throws Exception { + + // given + configureTestCase(testCase, "pnf/r787965/signature-and-certificate.zip"); + + // when + testCase.execute(); + + // then + List<CSARArchive.CSARError> errors = testCase.getErrors(); + assertThat(errors.size()).isEqualTo(1); + assertThat(convertToMessagesList(errors)).contains( + "Warning. Zip package probably is valid. " + + "It contains only signature with certification cms and csar package. " + + "Unable to verify csar signature." + ); + } + + @Test + public void shouldReportThatZipPackageIsBroken() throws Exception { + + // given + configureTestCase(testCase, "pnf/r787965/broken.zip"); + + // when + testCase.execute(); + + // then + List<CSARArchive.CSARError> errors = testCase.getErrors(); + assertThat(errors.size()).isEqualTo(1); + assertThat(convertToMessagesList(errors)).contains( + "Missing. Unable to find certification files." + ); + } + + @Test public void shouldDoNotReportAnyErrorWhenPackageHasValidSignature() throws Exception { // given @@ -73,5 +109,4 @@ public class VTPValidateCSARR787965IntegrationTest { assertThat(errors.size()).isEqualTo(0); } - }
\ No newline at end of file diff --git a/csarvalidation/src/test/resources/pnf/r787965/broken.zip b/csarvalidation/src/test/resources/pnf/r787965/broken.zip Binary files differnew file mode 100644 index 0000000..5447a8f --- /dev/null +++ b/csarvalidation/src/test/resources/pnf/r787965/broken.zip diff --git a/csarvalidation/src/test/resources/pnf/r787965/signature-and-certificate.zip b/csarvalidation/src/test/resources/pnf/r787965/signature-and-certificate.zip Binary files differnew file mode 100644 index 0000000..47470f4 --- /dev/null +++ b/csarvalidation/src/test/resources/pnf/r787965/signature-and-certificate.zip |