From 0562debfc5cdd31e61c016aea40272c6c02ad3cb Mon Sep 17 00:00:00 2001
From: Bogumil Zebek <bogumil.zebek@nokia.com>
Date: Wed, 14 Aug 2019 10:52:37 +0200
Subject: CMS signature validation

Change-Id: Ie5d1c835d0e6a760f1b7de651a3833cb87b727e0
Issue-ID: VNFSDK-396
Signed-off-by: Zebek Bogumil <bogumil.zebek@nokia.com>
---
 .../VTPValidateCSARR130206IntegrationTest.java     | 124 +++++++++++++++++++++
 .../VTPValidateCSARR787965IntegrationTest.java     |  22 ++--
 .../VTPValidateCSARR787966IntegrationTest.java     | 100 -----------------
 3 files changed, 137 insertions(+), 109 deletions(-)
 create mode 100644 csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java
 delete mode 100644 csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java

(limited to 'csarvalidation/src/test/java/org/onap/cvc/csar/cc')

diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java
new file mode 100644
index 0000000..90da946
--- /dev/null
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR130206IntegrationTest.java
@@ -0,0 +1,124 @@
+/*
+ * Copyright 2019 Nokia
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.onap.cvc.csar.cc.sol004;
+
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.onap.cvc.csar.CSARArchive;
+
+import java.util.List;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.onap.cvc.csar.cc.sol004.IntegrationTestUtils.configureTestCase;
+import static org.onap.cvc.csar.cc.sol004.IntegrationTestUtils.convertToMessagesList;
+
+
+public class VTPValidateCSARR130206IntegrationTest {
+
+    private static final boolean IS_PNF = true;
+    private VTPValidateCSARR130206 testCase;
+
+    @Before
+    public void setUp() {
+        testCase = new VTPValidateCSARR130206();
+    }
+
+    @Test
+    public void shouldReturnProperRequestNumber() {
+        assertThat(testCase.getVnfReqsNo()).isEqualTo("R130206");
+    }
+
+    @Test
+    @Ignore("It is impossible to write test which will always pass, because certificate used to sign the file has time validity." +
+            "To verify signed package please please follow instructions from test/resources/README.txt file and comment @Ignore tag. " +
+            "Use instructions for option 1. Test was created for manual verification."
+    )
+    public void manual_shouldValidateProperCsar() throws Exception {
+
+        // given
+        configureTestCase(testCase, "pnf/r130206/csar-option1-valid.csar", "vtp-validate-csar-r130206.yaml", IS_PNF);
+
+        // when
+        testCase.execute();
+
+        // then
+        List<CSARArchive.CSARError> errors = testCase.getErrors();
+        assertThat(errors.size()).isEqualTo(0);
+    }
+
+    @Test
+    public void shouldReportThatOnlySignatureIsInvalid() throws Exception {
+
+        // given
+        configureTestCase(testCase, "pnf/r130206/csar-option1-validSection.csar", "vtp-validate-csar-r130206.yaml", IS_PNF);
+
+        // when
+        testCase.execute();
+
+        // then
+        List<CSARArchive.CSARError> errors = testCase.getErrors();
+        assertThat(errors.size()).isEqualTo(1);
+        assertThat(convertToMessagesList(errors)).contains(
+                "File has invalid CMS signature!"
+        );
+    }
+
+    @Test
+    public void shouldReportErrorsForInvalidCsar() throws Exception {
+
+        // given
+        configureTestCase(testCase, "pnf/r130206/csar-option1-invalid.csar", "vtp-validate-csar-r130206.yaml", IS_PNF);
+
+        // when
+        testCase.execute();
+
+        // then
+        List<CSARArchive.CSARError> errors = testCase.getErrors();
+        assertThat(errors.size()).isEqualTo(5);
+        assertThat(convertToMessagesList(errors)).contains(
+                "Unable to find CMS section in manifest!",
+                "Source 'Definitions/MainServiceTemplate.yaml' has wrong hash!",
+                "Source 'Artifacts/Other/my_script.csh' has hash, but unable to find algorithm tag!",
+                "Unable to calculate digest - file missing: Artifacts/NonExisting2.txt",
+                "File has invalid CMS signature!"
+        );
+    }
+
+
+    @Test
+    public void shouldReportThanInVnfPackageCertFileWasNotDefined() throws Exception {
+
+        // given
+        configureTestCase(testCase, "sample2.csar", "vtp-validate-csar-r130206.yaml", false);
+
+        // when
+        testCase.execute();
+
+        // then
+        List<CSARArchive.CSARError> errors = testCase.getErrors();
+        assertThat(convertToMessagesList(errors)).contains(
+                "Unable to find cert file defined by Entry-Certificate!",
+                "Unable to find CMS section in manifest!",
+                "Missing. Entry [tosca_definitions_version]"
+        );
+    }
+
+
+
+}
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
index eb41d6a..49696e6 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
@@ -18,6 +18,7 @@
 package org.onap.cvc.csar.cc.sol004;
 
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Test;
 import org.onap.cvc.csar.CSARArchive;
 
@@ -61,7 +62,11 @@ public class VTPValidateCSARR787965IntegrationTest {
     }
 
     @Test
-    public void shouldReportThatZipContainsSignatureWithCertificationFileAndPackageIsProbableValid() throws Exception {
+    @Ignore("It is impossible to write test which will always pass, because certificate used to sign the file has time validity." +
+            "To verify signed package please please follow instructions from test/resources/README.txt file and comment @Ignore tag. " +
+            "Use instructions for option 2. Test was created for manual verification."
+    )
+    public void manual_shouldReportThatZipContainsSignatureWithCertificationFileAndPackageIsValid() throws Exception {
 
         // given
         configureTestCase(testCase, "pnf/r787965/signature-and-certificate.zip", "vtp-validate-csar-r787965.yaml", IS_PNF);
@@ -71,12 +76,7 @@ public class VTPValidateCSARR787965IntegrationTest {
 
         // then
         List<CSARArchive.CSARError> errors = testCase.getErrors();
-        assertThat(errors.size()).isEqualTo(1);
-        assertThat(convertToMessagesList(errors)).contains(
-                "Warning. Zip package probably is valid. " +
-                        "It contains only signature with certification cms and csar package. " +
-                        "Unable to verify csar signature."
-        );
+        assertThat(errors.size()).isEqualTo(0);
     }
 
     @Test
@@ -97,7 +97,11 @@ public class VTPValidateCSARR787965IntegrationTest {
     }
 
     @Test
-    public void shouldDoNotReportAnyErrorWhenPackageHasValidSignature() throws Exception {
+    @Ignore("It is impossible to write test which will always pass, because certificate used to sign the file has time validity." +
+            "To verify signed package please please follow instructions from test/resources/README.txt file and comment @Ignore tag. " +
+            "Use instructions for option 2. Test was created for manual verification."
+    )
+    public void manual_shouldDoNotReportAnyErrorWhenPackageHasValidSignature() throws Exception {
 
         // given
         configureTestCase(testCase, "pnf/signed-package-valid-signature.zip", "vtp-validate-csar-r787965.yaml", IS_PNF);
@@ -110,4 +114,4 @@ public class VTPValidateCSARR787965IntegrationTest {
         assertThat(errors.size()).isEqualTo(0);
     }
 
-}
\ No newline at end of file
+}
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java
deleted file mode 100644
index d48869a..0000000
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787966IntegrationTest.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Copyright 2019 Nokia
- * <p>
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package org.onap.cvc.csar.cc.sol004;
-
-import org.junit.Before;
-import org.junit.Test;
-import org.onap.cvc.csar.CSARArchive;
-
-import java.util.List;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.onap.cvc.csar.cc.sol004.IntegrationTestUtils.configureTestCase;
-import static org.onap.cvc.csar.cc.sol004.IntegrationTestUtils.convertToMessagesList;
-
-
-public class VTPValidateCSARR787966IntegrationTest {
-
-    private static final boolean IS_PNF = true;
-    private VTPValidateCSARR787966 testCase;
-
-    @Before
-    public void setUp() {
-        testCase = new VTPValidateCSARR787966();
-    }
-
-    @Test
-    public void shouldReturnProperRequestNumber() {
-        assertThat(testCase.getVnfReqsNo()).isEqualTo("R787966");
-    }
-
-    @Test
-    public void shouldValidateProperCsar() throws Exception {
-
-        // given
-        configureTestCase(testCase, "pnf/r787966/csar-option1-valid.csar", "vtp-validate-csar-r787966.yaml", IS_PNF);
-
-        // when
-        testCase.execute();
-
-        // then
-        List<CSARArchive.CSARError> errors = testCase.getErrors();
-        assertThat(errors.size()).isEqualTo(0);
-    }
-
-    @Test
-    public void shouldReportErrorsForInvalidCsar() throws Exception {
-
-        // given
-        configureTestCase(testCase, "pnf/r787966/csar-option1-invalid.csar", "vtp-validate-csar-r787966.yaml", IS_PNF);
-
-        // when
-        testCase.execute();
-
-        // then
-        List<CSARArchive.CSARError> errors = testCase.getErrors();
-        assertThat(errors.size()).isEqualTo(4);
-        assertThat(convertToMessagesList(errors)).contains(
-                "Unable to find CMS section in manifest!",
-                "Source 'Definitions/MainServiceTemplate.yaml' has wrong hash!",
-                "Source 'Artifacts/Other/my_script.csh' has hash, but unable to find algorithm tag!",
-                "Source 'Artifacts/NonExisting.txt' does not exist!"
-        );
-    }
-
-
-    @Test
-    public void shouldReportThanInVnfPackageCertFileWasNotDefined() throws Exception {
-
-        // given
-        configureTestCase(testCase, "sample2.csar", "vtp-validate-csar-r787966.yaml", false);
-
-        // when
-        testCase.execute();
-
-        // then
-        List<CSARArchive.CSARError> errors = testCase.getErrors();
-        assertThat(convertToMessagesList(errors)).contains(
-                "Unable to find cert file defined by Entry-Certificate!",
-                "Missing. Entry [tosca_definitions_version]"
-        );
-    }
-
-
-
-}
\ No newline at end of file
-- 
cgit 1.2.3-korg