gerrit.onap Code Review - sdc.git/blob

   1 /*
   2  * ============LICENSE_START=======================================================
   3  *  Copyright (C) 2019 Nordix Foundation
   4  *  ================================================================================
   5  *  Licensed under the Apache License, Version 2.0 (the "License");
   6  *  you may not use this file except in compliance with the License.
   7  *  You may obtain a copy of the License at
   8  *
   9  *        http://www.apache.org/licenses/LICENSE-2.0
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License.
  15  *
  16  *  SPDX-License-Identifier: Apache-2.0
  17  *  ============LICENSE_END=========================================================
  18  */
  19
  20 package org.openecomp.sdc.vendorsoftwareproduct.impl.orchestration.csar.validation;
  21
  22 import static org.hamcrest.core.Is.is;
  23 import static org.junit.Assert.assertThat;
  24 import static org.junit.Assert.fail;
  25 import static org.mockito.ArgumentMatchers.any;
  26 import static org.mockito.Mockito.when;
  27 import static org.mockito.MockitoAnnotations.initMocks;
  28
  29 import java.io.IOException;
  30 import java.net.URISyntaxException;
  31 import java.nio.file.Files;
  32 import java.nio.file.Paths;
  33 import org.junit.Before;
  34 import org.junit.Test;
  35 import org.mockito.Mock;
  36 import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.OnboardingPackageProcessor;
  37 import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManager;
  38 import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManagerException;
  39 import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardPackageInfo;
  40 import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardSignedPackage;
  41
  42 public class CsarSecurityValidatorTest {
  43
  44     private static final String BASE_DIR = "/vspmanager.csar/";
  45     private CsarSecurityValidator csarSecurityValidator;
  46     @Mock
  47     SecurityManager securityManager;
  48
  49     @Before
  50     public void setUp() {
  51         initMocks(this);
  52         csarSecurityValidator = new CsarSecurityValidator(securityManager);
  53     }
  54
  55     @Test
  56     public void isSignatureValidTestCorrectStructureAndValidSignatureExists() throws SecurityManagerException {
  57         final byte[] packageBytes = getFileBytesOrFail("signing/signed-package.zip");
  58         final OnboardSignedPackage onboardSignedPackage = loadSignedPackage("signed-package.zip",
  59             packageBytes);
  60         when(securityManager.verifySignedData(any(), any(), any())).thenReturn(true);
  61         final boolean isSignatureValid = csarSecurityValidator.verifyPackageSignature(onboardSignedPackage);
  62         assertThat("Signature should be valid", isSignatureValid, is(true));
  63     }
  64
  65     @Test(expected = SecurityManagerException.class)
  66     public void isSignatureValidTestCorrectStructureAndNotValidSignatureExists() throws SecurityManagerException {
  67         final byte[] packageBytes = getFileBytesOrFail("signing/signed-package-tampered-data.zip");
  68         final OnboardSignedPackage onboardSignedPackage = loadSignedPackage("signed-package-tampered-data.zip",
  69             packageBytes);
  70         //no mocked securityManager
  71         csarSecurityValidator = new CsarSecurityValidator();
  72         csarSecurityValidator.verifyPackageSignature(onboardSignedPackage);
  73     }
  74
  75     private byte[] getFileBytesOrFail(final String path) {
  76         try {
  77             return getFileBytes(path);
  78         } catch (final URISyntaxException | IOException e) {
  79             fail("Could not load file " + path);
  80             return null;
  81         }
  82     }
  83
  84     private byte[] getFileBytes(final String path) throws URISyntaxException, IOException {
  85         return Files.readAllBytes(Paths.get(
  86             CsarSecurityValidatorTest.class.getResource(BASE_DIR + path).toURI()));
  87     }
  88
  89     private OnboardSignedPackage loadSignedPackage(final String packageName, final byte[] packageBytes) {
  90         final OnboardingPackageProcessor onboardingPackageProcessor =
  91             new OnboardingPackageProcessor(packageName, packageBytes);
  92         final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
  93         if (onboardPackageInfo == null) {
  94             fail("Unexpected error. Could not load original package");
  95         }
  96
  97         return (OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage();
  98     }
  99 }