Refactor after filtering

README.md

@@ -1,35 +1,31 @@
-# KUKSA.VAL
-![kuksa.val Logo](./doc/pictures/logo.png)
+# KUKSA Common
+![KUKSA Logo](./assets/logo.png)
 
-This is KUKSA.val, the KUKSA **V**ehicle **A**bstraction **L**ayer.
+This repository is intended to contain common files that are needed by multiple KUKSA repositories.
 
+Content of this repository
 
-KUKSA.val provides in-vehicle software components for working with in-vehicle signals modelled using the [COVESA VSS data model](https://github.com/COVESA/vehicle_signal_specification).
+| Content      | Location    |  Comment |
+| ------------ | ----------- | ------------ |
+| Official VSS releases in JSON format | [vss](./vss) | Supported by both KUKSA Databroker and KUKSA Server
+| KUKSA Example keys and certificates for TLS | [tls](./tls) | Supported by both KUKSA Databroker and KUKSA Server
+| KUKSA Databroker Tokens | [jwt](./jwt/) | Not supported by KUKSA Server 
 
-If you are new here, try the [Quickstart](doc/quickstart.md), which should not take more than 10 min of your time.
+*Note: The tokens supported by KUKSA Server are available in [kuksa.val](https://github.com/eclipse/kuksa.val/tree/master/kuksa_certificates/jwt) repository!*
 
+## Usage
 
-[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](https://opensource.org/licenses/Apache-2.0)
-[![Gitter](https://img.shields.io/gitter/room/kuksa-val/community)](https://gitter.im/kuksa-val/community)
+This repository is supposed to contain the "master version" of the artifacts stored in this repository.
+Two methods to use the artifacts are listed below.
 
-[![Build kuksa-val-server](https://github.com/eclipse/kuksa.val/actions/workflows/kuksa_val_docker.yml/badge.svg)](https://github.com/eclipse/kuksa.val/actions/workflows/kuksa_val_docker.yml?query=branch%3Amaster)
-[![Build kuksa-databroker](https://github.com/eclipse/kuksa.val/actions/workflows/kuksa_databroker_build.yml/badge.svg)](https://github.com/eclipse/kuksa.val/actions/workflows/kuksa_databroker_build.yml?query=branch%3Amaster)
-[![codecov](https://codecov.io/gh/eclipse/kuksa.val/branch/master/graph/badge.svg?token=M4FT175771)](https://codecov.io/gh/eclipse/kuksa.val)
+### Submodule
 
-KUKSA.val contains several components
+Repositories may include this repository as a submodule.
 
-| Component      | Description |
-| -------------- | ----------- |
-| [KUKSA Databroker](./kuksa_databroker) | Efficient in-vehicle signal broker written in RUST providing authorized access to VSS data using gRPC
-| [KUKSA Server](kuksa-val-server) | Feature rich in-vehicle data server written in C++ providing authorized access to VSS data using W3C VISS websocket protocol
-| [KUKSA Python Client and SDK](./kuksa-client)   | Command line tool to interactively explore and modify the VSS data points and data structure. Python library for easy interaction with KUKSA Databroker and Server
-| [KUKSA GO Client](./kuksa_go_client)   | Example client written in the [GO](https://go.dev/) programming language for easy interaction with KUKSA Databroker and Server
-| [Example Applications](./kuksa_apps) | Some example apps for different programming languages and frameworks
-| [Feeders and Providers](https://github.com/eclipse/kuksa.val.feeders/) | Multiple feeders and providers for exchanging vehicle data with KUKSA databroker and Server
+### File copy
 
-## More information
-
-* [KUKSA.val TLS Concept](doc/tls.md)
+Repositories may copy files stored in this repository, but if so they should preferably state
+that this repository contains the "master version".
 
 ## Pre-commit set up
 This repository is set up to use [pre-commit](https://pre-commit.com/) hooks.

jwt/README.md

@@ -1,7 +1,7 @@
 # Databroker Example Tokens
 
-This directory contains example tokens for demo and test purposes for KUKSA.val Databroker.
-For more information on token format see [documentation](../doc/KUKSA.val_data_broker/authorization.md).
+This directory contains example tokens for demo and test purposes for KUKSA Databroker.
+For more information on token format see [documentation](./authorization.md).
 
 ## Available tokens
 
@@ -15,14 +15,16 @@ For more information on token format see [documentation](../doc/KUKSA.val_data_b
 
 ## Create new tokens
 
-Tokens can be generated as described in [documentation](../kuksa_certificates/README.md).
+Two helper scripts exist for generating keys and tokens
+
+* [recreateJWTkeyPair.sh](recreateJWTkeyPair.sh) to regenerate the JWT keys used for signing
+* [createToken.py](createToken.py) to create signed tokens, requires `*.json` files as parameters
+
 Note that token generation must take place from the directory containing `createToken.py`
 
 An example is shown below:
 
 ```
-~/kuksa.val/kuksa_certificates/jwt$ python -m createToken ../../jwt/actuate-provide-all.json 
-Reading private key from jwt.key
-Reading JWT payload from ../../jwt/actuate-provide-all.json
-Writing signed access token to ../../jwt/actuate-provide-all.token
+pip install -r requirements.txt
+python -m createToken actuate-provide-all.json 
 ```

kuksa_certificates/jwt/recreateJWTkeyPair.sh → jwt/recreateJWTkeyPair.sh

@@ -9,7 +9,7 @@
 
 
 
-echo "Recreating kuksa.val key pair used for JWT verification"
+echo "Recreating KUKSA key pair used for JWT verification"
 echo "-------------------------------------------------------"
 
 
@@ -20,4 +20,4 @@ printf "\nCreating public key\n"
 openssl rsa -in jwt.key -pubout -outform PEM -out jwt.key.pub
 
 printf '\nYou can use the PRIVATE key "jwt.key" to generate new tokens using https://jwt.io or the "createToken.py" script.\n'
-echo 'You need to give the PUBLIC key "jwt.key.pub" to the kuksa.val server, so it can verify correctly signed JWT tokens.'
+echo 'You need to give the PUBLIC key "jwt.key.pub" to the KUKSA Databroker, so it can verify correctly signed JWT tokens.'

tls/README.md

@@ -0,0 +1,46 @@
+# Example Keys and Certificates and Tokens for KUKSA.val
+
+This directory contains example keys and certificates that can be used for testing TLS support for KUKSA clients and servers.
+Many of the clients and servers in this repository use keys, tokens and certificates from this directory by default.
+
+
+## Keys and Certificates for TLS connections
+
+This directory contain a set of example certificates, used by the KUKSA-project during development and testing.
+They may or may not be useful for your test environment.
+If needed you can customize `genCerts.sh` and generate keys and certificates that fits your environment.
+
+See the [KUKSA TLS documentation](https://github.com/eclipse/kuksa.val//doc/tls.md) for general information on the KUKSA TLS concept.
+
+This directory contains the following files with cryptographical information.
+
+ Component      | Description |
+| -------------- | ----------- |
+| `CA.key` | Root key, tnot needed by KUKSA.val applications
+| `CA.pem` | Root certificate, valid for 3650 days ( 10 years). |
+| `Server.key` | Server key, needed by KUKSA.val Databroker/Server for TLS. |
+| `Server.pem` | Server certificate chain, valid for 365 days, needed by KUKSA.val Databroker/Server for TLS. |
+| `Client.key` | Client key, currently not needed as mutual authentication is not supported. |
+| `Client.pem` | Client certificate chain, valid for 365 days, currently not needed as mutual authentication is not supported. |
+
+If the certificates have expired or you by any other reason need to regenerate keys or certificates you can use
+the `genCerts.sh` cript as described below.
+
+### Generating Keys and Certificates for TLS Connections
+
+Execute the script
+
+```
+> ./genCerts.sh
+```
+
+This creates `Client.pem` and `Server.pem` valid for 365 days since the day of generation.
+If you want to also generate new keys, then delete the keys you want to regenerate before running the script.
+This will trigger the script to generate new keys before generating the corresponding certificate.
+If you want to regenerate `CA.pem` you must first delete it.
+
+**NOTE: The script genCerts.sh may not be suitable to use for generating keys and certificates for your production environment!**
+
+**NOTE: Please consult with your Project Security Manager (or equivalent role in your organization) on how your keys and certificates shall be generated!**
+
+

data/vss-core/README.md → vss/README.md

@@ -1,8 +1,8 @@
-# KUKSA.val VSS handling
+# KUKSA VSS Data
 
 ## Introduction
 
-KUKSA.val is adapted to use Vehicle Signals Specification as defined by COVESA.
+KUKSA is adapted to use Vehicle Signals Specification as defined by COVESA.
 The ambition is to always support the latest released version available at the
 [COVESA VSS release page](https://github.com/COVESA/vehicle_signal_specification/releases).
 In addition older versions may be supported. This folder contains copies of all versions supported.
@@ -53,7 +53,7 @@ use the full name. When official release is created replace the copied *.json-fi
 ## Tests after update
 
 ### Kuksa-val-server unit tests
-* Run kuksa-val-server unit tests according to [documentation](../../kuksa-val-server/test/unit-test/readme.md)
+* Run kuksa-val-server unit tests according to [documentation](https://github.com/eclipse/kuksa.val/kuksa-val-server/test/unit-test/readme.md)
 
 ### Kuksa-val-server smoke test
 * Build and start kuksa-val-server with new VSS release as described in the [README](https://github.com/eclipse/kuksa.val/blob/master/kuksa-val-server/README.md)
@@ -139,7 +139,7 @@ Test Client> getValue Vehicle.CurrentLocation.Latitude
 
 ### Kuksa_databroker smoke test
 
-Build and run kuksa_databroker using the new VSS file according to [documentation](../../kuksa_databroker/README.md), e.g.
+Build and run kuksa_databroker using the new VSS file according to [documentation](https://github.com/eclipse/kuksa.val/kuksa_databroker/README.md), e.g.
 
 ```sh
 $cargo run --bin databroker -- --metadata ../data/vss-core/vss_release_4.0.json