gerrit.onap Code Review - sdc.git/blob

   1 /*
   2  * ============LICENSE_START=======================================================
   3  *  Copyright (C) 2019 Nordix Foundation
   4  *  ================================================================================
   5  *  Licensed under the Apache License, Version 2.0 (the "License");
   6  *  you may not use this file except in compliance with the License.
   7  *  You may obtain a copy of the License at
   8  *
   9  *        http://www.apache.org/licenses/LICENSE-2.0
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License.
  15  *
  16  *  SPDX-License-Identifier: Apache-2.0
  17  *  ============LICENSE_END=========================================================
  18  */
  19
  20 package org.openecomp.sdc.vendorsoftwareproduct.impl.orchestration.csar.validation;
  21
  22 import static org.hamcrest.core.Is.is;
  23 import static org.junit.Assert.assertThat;
  24 import static org.junit.Assert.fail;
  25 import static org.mockito.ArgumentMatchers.any;
  26 import static org.mockito.Mockito.when;
  27 import static org.mockito.MockitoAnnotations.initMocks;
  28
  29 import java.io.IOException;
  30 import java.net.URISyntaxException;
  31 import java.nio.file.Files;
  32 import java.nio.file.Paths;
  33 import org.junit.Before;
  34 import org.junit.Test;
  35 import org.mockito.Mock;
  36 import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.OnboardingPackageProcessor;
  37 import org.openecomp.sdc.vendorsoftwareproduct.impl.onboarding.validation.CnfPackageValidator;
  38 import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManager;
  39 import org.openecomp.sdc.vendorsoftwareproduct.security.SecurityManagerException;
  40 import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardPackageInfo;
  41 import org.openecomp.sdc.vendorsoftwareproduct.types.OnboardSignedPackage;
  42
  43 public class CsarSecurityValidatorTest {
  44
  45     private static final String BASE_DIR = "/vspmanager.csar/";
  46     private CsarSecurityValidator csarSecurityValidator;
  47     @Mock
  48     SecurityManager securityManager;
  49
  50     @Before
  51     public void setUp() {
  52         initMocks(this);
  53         csarSecurityValidator = new CsarSecurityValidator(securityManager);
  54     }
  55
  56     @Test
  57     public void isSignatureValidTestCorrectStructureAndValidSignatureExists() throws SecurityManagerException {
  58         final byte[] packageBytes = getFileBytesOrFail("signing/signed-package.zip");
  59         final OnboardSignedPackage onboardSignedPackage = loadSignedPackage("signed-package.zip",
  60             packageBytes, null);
  61         when(securityManager.verifySignedData(any(), any(), any())).thenReturn(true);
  62         final boolean isSignatureValid = csarSecurityValidator.verifyPackageSignature(onboardSignedPackage);
  63         assertThat("Signature should be valid", isSignatureValid, is(true));
  64     }
  65
  66     @Test(expected = SecurityManagerException.class)
  67     public void isSignatureValidTestCorrectStructureAndNotValidSignatureExists() throws SecurityManagerException {
  68         final byte[] packageBytes = getFileBytesOrFail("signing/signed-package-tampered-data.zip");
  69         final OnboardSignedPackage onboardSignedPackage = loadSignedPackage("signed-package-tampered-data.zip",
  70             packageBytes, null);
  71         //no mocked securityManager
  72         csarSecurityValidator = new CsarSecurityValidator();
  73         csarSecurityValidator.verifyPackageSignature(onboardSignedPackage);
  74     }
  75
  76     private byte[] getFileBytesOrFail(final String path) {
  77         try {
  78             return getFileBytes(path);
  79         } catch (final URISyntaxException | IOException e) {
  80             fail("Could not load file " + path);
  81             return null;
  82         }
  83     }
  84
  85     private byte[] getFileBytes(final String path) throws URISyntaxException, IOException {
  86         return Files.readAllBytes(Paths.get(
  87             CsarSecurityValidatorTest.class.getResource(BASE_DIR + path).toURI()));
  88     }
  89
  90     private OnboardSignedPackage loadSignedPackage(final String packageName, final byte[] packageBytes,
  91         CnfPackageValidator cnfPackageValidator) {
  92         final OnboardingPackageProcessor onboardingPackageProcessor =
  93             new OnboardingPackageProcessor(packageName, packageBytes, cnfPackageValidator, null);
  94         final OnboardPackageInfo onboardPackageInfo = onboardingPackageProcessor.getOnboardPackageInfo().orElse(null);
  95         if (onboardPackageInfo == null) {
  96             fail("Unexpected error. Could not load original package");
  97         }
  98
  99         return (OnboardSignedPackage) onboardPackageInfo.getOriginalOnboardPackage();
 100     }
 101 }