Uploaded image for project: 'Vnfsdk'
  1. Vnfsdk
  2. VNFSDK-595

Rule R130206 should looks for ETSI-Entry-Certificate definition in Tosca.meta file depend on CMS signature (with or without cert) and Tosca.meta file existence in csar

    XMLWordPrintable

Details

    • Story
    • Status: Closed
    • Medium
    • Resolution: Done
    • None
    • Guilin Release
    • None

    Description

      1. When CMS signature in manifest file doesn't contain certificate then:
        1. If TOSCA-Metadata/TOSCA.meta exists in csar package, then certifcate should be present i csar package in place indicated by the tag ETSI-Entry-Certificate: <path to cert>pnf_main_descriptor.cert - if it is not present then report error "Unable to find cert file defined by ETSI-Entry-Certificate!"
        2. If TOSCA-Metadata/TOSCA.meta doesn't exists in csar package ( https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/004/02.07.01_60/gs_NFV-SOL004v020701p.pdf chapter 4.3.6 point 2) then certificate should be in csar root folder. Certificate name should be like <tosca definitins main yaml name>.cert - if it is not present then report error "Unable to find cert file defined by ETSI-Entry-Certificate!"
      2. When CMS signature in manifest contains certificate then rule should check if by mistake certificate hasn't be added to csar file.
        1. If TOSCA-Metadata/TOSCA.meta exists then rule should check if exists:
          1. tag ETSI-Entry-Certificate: <path to cert>pnf_main_descriptor.cert> - if yes then report error "ETSI-Entry-Certificate entry in Tosca.meta is defined despite the certificate is included in the signature container"
          2. csar package in place indicated by the tag ETSI-Entry-Certificate: <path to cert>pnf_main_descriptor.cert - if yes then report error "ETSI-Entry-Certificate certificate present despite the certificate is included in the signature container"
        2. If TOSCA-Metadata/TOSCA.meta doesn't exists then in csar root folder shouldn't be present file <tosca definitins main yaml name>.cert - if yes then report error "ETSI-Entry-Certificate certificate present despite the certificate is included in the signature container"

      Attachments

        Issue Links

          relates to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. VNFSDK-597 PNF PreOnboarding in R7 - VNFSDK Enhancements

          • Medium - Failure of non-critical aspects of the system but results in an inconvenient situation. It causes some undesirable behavior, but the system is still functional. There is a reasonably satisfactory workaround. It is still a valid defect that should be corrected May be fixed after the release or in the next release.
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              amaciaga Aleksandra Maciaga
              kkuzmick Krzysztof Kuzmicki
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: