From 379eb896b050fbb1f88ca7e736665c573f8c9f74 Mon Sep 17 00:00:00 2001
From: Bogumil Zebek <bogumil.zebek@nokia.com>
Date: Fri, 31 May 2019 13:58:12 +0200
Subject: Handle signature in cms

Change-Id: Ied997305efe347859cbd069f2887f792adc775c0
Issue-ID: VNFSDK-414
Signed-off-by: Zebek Bogumil <bogumil.zebek@nokia.com>
---
 .../java/org/onap/cvc/csar/CsarValidatorTest.java  |   2 +-
 .../java/org/onap/cvc/csar/FileArchiveTest.java    |   2 +-
 .../VTPValidateCSARR787965IntegrationTest.java     |  20 +++-
 .../cvc/csar/rsa/RSACertificateValidatorTest.java  | 105 ---------------------
 .../pnf/signed-package-invalid-signature.zip       | Bin 0 -> 3689 bytes
 .../pnf/signed-package-valid-signature.zip         | Bin 0 -> 3777 bytes
 .../src/test/resources/pnf/signed-package.zip      | Bin 3449 -> 0 bytes
 7 files changed, 18 insertions(+), 111 deletions(-)
 delete mode 100644 csarvalidation/src/test/java/org/onap/cvc/csar/rsa/RSACertificateValidatorTest.java
 create mode 100644 csarvalidation/src/test/resources/pnf/signed-package-invalid-signature.zip
 create mode 100644 csarvalidation/src/test/resources/pnf/signed-package-valid-signature.zip
 delete mode 100644 csarvalidation/src/test/resources/pnf/signed-package.zip

(limited to 'csarvalidation/src/test')

diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/CsarValidatorTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/CsarValidatorTest.java
index 25e36f6..e724283 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/CsarValidatorTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/CsarValidatorTest.java
@@ -60,7 +60,7 @@ public class CsarValidatorTest {
                 "csar-validate",
                 "--format", "json",
                 "--pnf",
-                "--csar", absoluteFilePath("pnf/signed-package.zip")});
+                "--csar", absoluteFilePath("pnf/signed-package-valid-signature.zip")});
         cli.handle();
         assertEquals(0, cli.getExitCode());
     }
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/FileArchiveTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/FileArchiveTest.java
index 1ac8073..738b4f6 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/FileArchiveTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/FileArchiveTest.java
@@ -56,7 +56,7 @@ public class FileArchiveTest {
         String absolutePath = folder.getRoot().getAbsolutePath();
 
         // when
-        FileArchive.Workspace workspace = new FileArchive(absolutePath).unpack(absoluteFilePath("pnf/signed-package.zip"));
+        FileArchive.Workspace workspace = new FileArchive(absolutePath).unpack(absoluteFilePath("pnf/signed-package-valid-signature.zip"));
 
         // then
         assertTrue(workspace.isZip());
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
index 5c11c8a..c19fe99 100644
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
+++ b/csarvalidation/src/test/java/org/onap/cvc/csar/cc/sol004/VTPValidateCSARR787965IntegrationTest.java
@@ -43,12 +43,10 @@ public class VTPValidateCSARR787965IntegrationTest {
     }
 
     @Test
-    public void shouldReportCsarHasInvalidSignature() throws Exception {
-        // We will not prepare positive test case, because X509 certification has expiration date and such test will
-        // stop working in the future.
+    public void shouldReportThatCsarHasInvalidSignature() throws Exception {
 
         // given
-        configureTestCase(testCase, "pnf/signed-package.zip");
+        configureTestCase(testCase, "pnf/signed-package-invalid-signature.zip");
 
         // when
         testCase.execute();
@@ -61,5 +59,19 @@ public class VTPValidateCSARR787965IntegrationTest {
         );
     }
 
+    @Test
+    public void shouldDoNotReportAnyErrorWhenPackageHasValidSignature() throws Exception {
+
+        // given
+        configureTestCase(testCase, "pnf/signed-package-valid-signature.zip");
+
+        // when
+        testCase.execute();
+
+        // then
+        List<CSARArchive.CSARError> errors = testCase.getErrors();
+        assertThat(errors.size()).isEqualTo(0);
+    }
+
 
 }
\ No newline at end of file
diff --git a/csarvalidation/src/test/java/org/onap/cvc/csar/rsa/RSACertificateValidatorTest.java b/csarvalidation/src/test/java/org/onap/cvc/csar/rsa/RSACertificateValidatorTest.java
deleted file mode 100644
index 9a3e124..0000000
--- a/csarvalidation/src/test/java/org/onap/cvc/csar/rsa/RSACertificateValidatorTest.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
- * Copyright 2019 Nokia
- * <p>
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
-package org.onap.cvc.csar.rsa;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.Mock;
-import org.mockito.junit.MockitoJUnitRunner;
-
-import java.security.PublicKey;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.*;
-
-@RunWith(MockitoJUnitRunner.class)
-public class RSACertificateValidatorTest {
-
-    @Mock
-    private X509RsaCertification x509RsaCertification;
-
-    @Mock
-    private PublicKey publicKey;
-
-    @Test
-    public void shouldReturnInformationThatCsarHasValidSignature() throws Exception {
-
-        // given
-        String publicCertificate ="-----BEGIN CERTIFICATE-----\n" +
-                "MIIDyzCCArMCCQCXF5To+FxujDANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UEBhMC\n" +
-                "SUUxETAPBgNVBAgMCExlaW5zdGVyMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoM\n" +
-                "CEVyaWNzc29uMRwwGgYDVQQLDBNCdXNpbmVzcyBBcmVhIFJhZGlvMSMwIQYDVQQD\n" +
-                "DBpSb290IGNlcnRpZmljYXRlIGF1dGhvcml0eTElMCMGCSqGSIb3DQEJARYWYXV0\n" +
-                "aG9yaXR5QGVyaWNzc29uLmNvbTAeFw0xOTAzMDcyMDA4MDRaFw0xOTA0MDYyMDA4\n" +
-                "MDRaMIGfMQswCQYDVQQGEwJJRTERMA8GA1UECAwITGVpbnN0ZXIxDzANBgNVBAcM\n" +
-                "BkR1YmxpbjERMA8GA1UECgwIRXJpY3Nzb24xHDAaBgNVBAsME0J1c2luZXNzIEFy\n" +
-                "ZWEgUmFkaW8xFzAVBgNVBAMMDlBhY2thZ2Ugc2lnbmVyMSIwIAYJKoZIhvcNAQkB\n" +
-                "FhNzaWduZXJAZXJpY3Nzb24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" +
-                "CgKCAQEA1bZWYbM3W9WK7E6brlMWw/pHdYmKrLmqnmyS4QWj6PoSudReX1x1QO+o\n" +
-                "jlzzlWn15ozgeDtsyQWRQakSkV8IUlywmM99tH7jGejrH87eLYv0IoJONVJLMsuQ\n" +
-                "chMd/cm0OGwUHHuk7iRnMGlcskp3FPvHlBRgBLrg+40yksJMmpHyS9amrG2/3bSa\n" +
-                "ssuc3F8ICNtejYVXDg5rIHyKIvD8Jaozf+V8FyFcFkfL7NyIS8rSuHM40vp3jlVO\n" +
-                "yNDztZ9orTA9Frucxr6y5UIXHd/bmh7YsjihyCoPOwvkfEy/S08S245eKS1zwgcE\n" +
-                "zkSwPC+XR7HwXoVb63hgBlcJCkUAswIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCC\n" +
-                "nWjpa+JeJj05UfX0tejdnHTotnT4AQfxp1YesG3O7ioIY4Y93/Cj8N+7rzeB392v\n" +
-                "eUMN2HKXGNRZhVJKs8fdoD/b5OxlwX1BattPS1Oh7HmLYzevOxotrm5YOR4KG2qa\n" +
-                "Rw/m6jFWxnAovpQTaCOgkuAJyF9l6wlQE4FyzyZMaThObcnLBzuQJjJXKMwaVT6D\n" +
-                "AQuMP3DRrH3aXlFpqV4bugLy8agSc2w9sF3w4osGZSwPjerJiulncUyBr+cjv1KB\n" +
-                "IfgzoP3b9frMBZmSpxeT3YzR1wZAh9AterRKAm6EGVxrnRDQ1b/OuW4y2RxQ/Q3G\n" +
-                "OUU/dbcjLaFvoQsv3aAk\n" +
-                "-----END CERTIFICATE-----\n";
-
-        String signature = "r+18GjD74DWNbp1U5zzbw7lB0QI5OXXBReGQ5DmRn/SFqQj0H22omSoolqlmwk8fc6pBfSTQl68yWEztH6m14dKTcYozVFpn1TS0qSgxMYjPJ5N/4+wrhC/70yosLATdc2w1U/9UYeFxP0QbCBSLtH9dDgTfm8e7Y25c7l6jSI+/VZ6b4lno5786y4W/VYeP6ktOvI0qbLtFPLfpxjqJ5idXUspkblhrZ6dHzURTlUWfYTku5NfLoIPL2Hdr8WfTBBTk+TYmAEBGC7J3SY5m1SZOOGElh80CfLGFVtdZ862Sgj2X8hV1isBTEJpczQwdMmid2xzdmZgbnkzFh9F/eQ==";
-        byte [] content = new byte[] {'t','e','s','t'};
-
-
-        String cert = "MIIDyzCCArMCCQCXF5To+FxujDANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UEBhMC\n" +
-                "SUUxETAPBgNVBAgMCExlaW5zdGVyMQ8wDQYDVQQHDAZEdWJsaW4xETAPBgNVBAoM\n" +
-                "CEVyaWNzc29uMRwwGgYDVQQLDBNCdXNpbmVzcyBBcmVhIFJhZGlvMSMwIQYDVQQD\n" +
-                "DBpSb290IGNlcnRpZmljYXRlIGF1dGhvcml0eTElMCMGCSqGSIb3DQEJARYWYXV0\n" +
-                "aG9yaXR5QGVyaWNzc29uLmNvbTAeFw0xOTAzMDcyMDA4MDRaFw0xOTA0MDYyMDA4\n" +
-                "MDRaMIGfMQswCQYDVQQGEwJJRTERMA8GA1UECAwITGVpbnN0ZXIxDzANBgNVBAcM\n" +
-                "BkR1YmxpbjERMA8GA1UECgwIRXJpY3Nzb24xHDAaBgNVBAsME0J1c2luZXNzIEFy\n" +
-                "ZWEgUmFkaW8xFzAVBgNVBAMMDlBhY2thZ2Ugc2lnbmVyMSIwIAYJKoZIhvcNAQkB\n" +
-                "FhNzaWduZXJAZXJpY3Nzb24uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n" +
-                "CgKCAQEA1bZWYbM3W9WK7E6brlMWw/pHdYmKrLmqnmyS4QWj6PoSudReX1x1QO+o\n" +
-                "jlzzlWn15ozgeDtsyQWRQakSkV8IUlywmM99tH7jGejrH87eLYv0IoJONVJLMsuQ\n" +
-                "chMd/cm0OGwUHHuk7iRnMGlcskp3FPvHlBRgBLrg+40yksJMmpHyS9amrG2/3bSa\n" +
-                "ssuc3F8ICNtejYVXDg5rIHyKIvD8Jaozf+V8FyFcFkfL7NyIS8rSuHM40vp3jlVO\n" +
-                "yNDztZ9orTA9Frucxr6y5UIXHd/bmh7YsjihyCoPOwvkfEy/S08S245eKS1zwgcE\n" +
-                "zkSwPC+XR7HwXoVb63hgBlcJCkUAswIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCC\n" +
-                "nWjpa+JeJj05UfX0tejdnHTotnT4AQfxp1YesG3O7ioIY4Y93/Cj8N+7rzeB392v\n" +
-                "eUMN2HKXGNRZhVJKs8fdoD/b5OxlwX1BattPS1Oh7HmLYzevOxotrm5YOR4KG2qa\n" +
-                "Rw/m6jFWxnAovpQTaCOgkuAJyF9l6wlQE4FyzyZMaThObcnLBzuQJjJXKMwaVT6D\n" +
-                "AQuMP3DRrH3aXlFpqV4bugLy8agSc2w9sF3w4osGZSwPjerJiulncUyBr+cjv1KB\n" +
-                "IfgzoP3b9frMBZmSpxeT3YzR1wZAh9AterRKAm6EGVxrnRDQ1b/OuW4y2RxQ/Q3G\n" +
-                "OUU/dbcjLaFvoQsv3aAk\n";
-
-        when(x509RsaCertification.generatePublicKey(cert)).thenReturn(publicKey);
-        when(x509RsaCertification.verify(content,signature, publicKey)).thenReturn(true);
-
-        // when
-        RSACertificateValidator rsaCertificateValidator = new RSACertificateValidator(x509RsaCertification);
-
-        // then
-        assertThat(rsaCertificateValidator.isValid(content, signature, publicCertificate)).isTrue();
-        verify(x509RsaCertification,times(1)).generatePublicKey(cert);
-        verify(x509RsaCertification,times(1)).verify(content,signature, publicKey);
-    }
-
-}
\ No newline at end of file
diff --git a/csarvalidation/src/test/resources/pnf/signed-package-invalid-signature.zip b/csarvalidation/src/test/resources/pnf/signed-package-invalid-signature.zip
new file mode 100644
index 0000000..231d193
Binary files /dev/null and b/csarvalidation/src/test/resources/pnf/signed-package-invalid-signature.zip differ
diff --git a/csarvalidation/src/test/resources/pnf/signed-package-valid-signature.zip b/csarvalidation/src/test/resources/pnf/signed-package-valid-signature.zip
new file mode 100644
index 0000000..15437d6
Binary files /dev/null and b/csarvalidation/src/test/resources/pnf/signed-package-valid-signature.zip differ
diff --git a/csarvalidation/src/test/resources/pnf/signed-package.zip b/csarvalidation/src/test/resources/pnf/signed-package.zip
deleted file mode 100644
index e4b7d00..0000000
Binary files a/csarvalidation/src/test/resources/pnf/signed-package.zip and /dev/null differ
-- 
cgit 1.2.3-korg