Examples with Asn net.ripe.ipresource.Asn used on opensource projects

Search in sources :

Example 1 with Asn

use of net.ripe.ipresource.Asn in project rpki-validator-3 by RIPE-NCC.

the class BgpRisDownloader method parseLine.

private BgpRisEntry parseLine(final String line, final Function<Object, Object> uniq) {
    final Matcher matcher = regexp.matcher(line);
    if (matcher.matches()) {
        final Asn asn = (Asn) uniq.apply(Asn.parse(matcher.group(1)));
        IpRange parsed = IpRange.parse(matcher.group(2));
        final UniqueIpResource start = (UniqueIpResource) uniq.apply(parsed.getStart());
        final UniqueIpResource end = (UniqueIpResource) uniq.apply(parsed.getEnd());
        final IpRange prefix = (IpRange) start.upTo(end);
        final int visibility = Integer.parseInt(matcher.group(3));
        return BgpRisEntry.of(asn, prefix, visibility);
    }
    return null;
}
Also used : IpRange(net.ripe.ipresource.IpRange) UniqueIpResource(net.ripe.ipresource.UniqueIpResource) Matcher(java.util.regex.Matcher) Asn(net.ripe.ipresource.Asn)

Example 2 with Asn

use of net.ripe.ipresource.Asn in project rpki-validator-3 by RIPE-NCC.

the class BgpRisParsingTest method parse2.

@Test
public void parse2() throws UnsupportedEncodingException {
    final String content = "blabla	65.88.145.0/24	344\n" + "4200003018	47.88.45.0/24	3";
    List<BgpRisEntry> parsed = parse(content);
    assertEquals(1, parsed.size());
    assertEquals(new Asn(4200003018L), parsed.get(0).origin);
    assertEquals(IpRange.parse("47.88.45.0/24"), parsed.get(0).prefix);
    assertEquals(3, parsed.get(0).visibility);
}
Also used : Asn(net.ripe.ipresource.Asn) Test(org.junit.Test)

Example 3 with Asn

use of net.ripe.ipresource.Asn in project rpki-validator-3 by RIPE-NCC.

the class TrustAnchorsFactory method createCertificateAuthority.

public X509ResourceCertificate createCertificateAuthority(CertificateAuthority ca, CertificateAuthority issuer, ValidityPeriod mftValidityPeriod) {
    ManifestCmsBuilder manifestBuilder = new ManifestCmsBuilder();
    X509ResourceCertificate caCertificate = createCaCertificate(ca, ca.keyPair.getPublic(), issuer.dn, issuer.crlDistributionPoint, issuer.keyPair);
    X509Crl crl = new X509CrlBuilder().withIssuerDN(caCertificate.getSubject()).withThisUpdateTime(DateTime.now()).withNextUpdateTime(DateTime.now().plusHours(8)).withAuthorityKeyIdentifier(ca.keyPair.getPublic()).withNumber(nextSerial()).build(ca.keyPair.getPrivate());
    rpkiObjects.add(new RpkiObject(ca.crlDistributionPoint, crl));
    manifestBuilder.addFile(ca.crlDistributionPoint.substring(ca.crlDistributionPoint.lastIndexOf('/') + 1), crl.getEncoded());
    if (ca.children != null) {
        for (CertificateAuthority child : ca.children) {
            X509ResourceCertificate childCertificate = createCertificateAuthority(child, ca);
            rpkiObjects.add(new RpkiObject(ca.repositoryURI + "/" + child.dn + ".cer", childCertificate));
            manifestBuilder.addFile(child.dn + ".cer", childCertificate.getEncoded());
        }
    }
    if (ca.roaPrefixes != null) {
        ca.roaPrefixes.stream().collect(groupingBy(RoaPrefix::getAsn)).forEach((asn, roaPrefix) -> {
            KeyPair roaKeyPair = KEY_PAIR_FACTORY.generate();
            IpResourceSet resources = new IpResourceSet();
            roaPrefix.stream().forEach(p -> resources.add(IpRange.parse(p.getPrefix())));
            X509ResourceCertificate roaCertificate = new X509ResourceCertificateBuilder().withResources(resources).withIssuerDN(new X500Principal(ca.dn)).withSubjectDN(new X500Principal("CN=AS" + asn + ", CN=roa, " + ca.dn)).withValidityPeriod(typicalValidityPeriod()).withPublicKey(roaKeyPair.getPublic()).withSigningKeyPair(ca.keyPair).withCa(false).withKeyUsage(KeyUsage.digitalSignature).withSerial(nextSerial()).withCrlDistributionPoints(URI.create(ca.crlDistributionPoint)).build();
            RoaCms roaCms = new RoaCmsBuilder().withAsn(new Asn(asn)).withPrefixes(roaPrefix.stream().map(p -> new net.ripe.rpki.commons.crypto.cms.roa.RoaPrefix(IpRange.parse(p.getPrefix()), p.getMaximumLength())).collect(toList())).withCertificate(roaCertificate).withSignatureProvider(BouncyCastleProvider.PROVIDER_NAME).build(roaKeyPair.getPrivate());
            rpkiObjects.add(new RpkiObject(ca.repositoryURI + "/" + "AS" + asn + ".roa", roaCms));
            manifestBuilder.addFile("AS" + asn + ".roa", roaCms.getEncoded());
        });
    }
    KeyPair manifestKeyPair = KEY_PAIR_FACTORY.generate();
    X509ResourceCertificate manifestCertificate = new X509ResourceCertificateBuilder().withInheritedResourceTypes(EnumSet.allOf(IpResourceType.class)).withIssuerDN(caCertificate.getSubject()).withSubjectDN(new X500Principal("CN=manifest, " + caCertificate.getSubject())).withValidityPeriod(mftValidityPeriod).withPublicKey(manifestKeyPair.getPublic()).withSigningKeyPair(ca.keyPair).withCa(false).withKeyUsage(KeyUsage.digitalSignature).withSerial(nextSerial()).withCrlDistributionPoints(URI.create(ca.crlDistributionPoint)).build();
    manifestBuilder.withCertificate(manifestCertificate).withManifestNumber(nextSerial()).withThisUpdateTime(DateTime.now()).withNextUpdateTime(DateTime.now().plusHours(8));
    ManifestCms manifest = manifestBuilder.build(manifestKeyPair.getPrivate());
    rpkiObjects.add(new RpkiObject(ca.manifestURI, manifest));
    return caCertificate;
}
Also used : KeyPair(java.security.KeyPair) X500Principal(javax.security.auth.x500.X500Principal) Duration(org.joda.time.Duration) Collectors.groupingBy(java.util.stream.Collectors.groupingBy) Autowired(org.springframework.beans.factory.annotation.Autowired) Security(java.security.Security) ValidityPeriod(net.ripe.rpki.commons.crypto.ValidityPeriod) Value(lombok.Value) CertificateRepositoryObjectFactory(net.ripe.rpki.commons.crypto.util.CertificateRepositoryObjectFactory) ArrayList(java.util.ArrayList) Asn(net.ripe.ipresource.Asn) IpResourceType(net.ripe.ipresource.IpResourceType) RoaCms(net.ripe.rpki.commons.crypto.cms.roa.RoaCms) CertificateTreeValidationServiceTest(net.ripe.rpki.validator3.domain.validation.CertificateTreeValidationServiceTest) X509CrlBuilder(net.ripe.rpki.commons.crypto.crl.X509CrlBuilder) X509ResourceCertificate(net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate) RoaCmsBuilder(net.ripe.rpki.commons.crypto.cms.roa.RoaCmsBuilder) X509CertificateInformationAccessDescriptor(net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor) X509ResourceCertificateBuilder(net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateBuilder) BigInteger(java.math.BigInteger) URI(java.net.URI) IpResourceSet(net.ripe.ipresource.IpResourceSet) KeyPairFactory(net.ripe.rpki.commons.crypto.util.KeyPairFactory) EnumSet(java.util.EnumSet) Resources(com.google.common.io.Resources) Transactional(javax.transaction.Transactional) IpRange(net.ripe.ipresource.IpRange) DateTime(org.joda.time.DateTime) TrustAnchorValidationServiceTest(net.ripe.rpki.validator3.domain.validation.TrustAnchorValidationServiceTest) IOException(java.io.IOException) PublicKey(java.security.PublicKey) X509Crl(net.ripe.rpki.commons.crypto.crl.X509Crl) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) Consumer(java.util.function.Consumer) Component(org.springframework.stereotype.Component) List(java.util.List) Collectors.toList(java.util.stream.Collectors.toList) Builder(lombok.Builder) ManifestCmsBuilder(net.ripe.rpki.commons.crypto.cms.manifest.ManifestCmsBuilder) Instant(org.joda.time.Instant) PostConstruct(javax.annotation.PostConstruct) ValidationResult(net.ripe.rpki.commons.validation.ValidationResult) ManifestCms(net.ripe.rpki.commons.crypto.cms.manifest.ManifestCms) X509CertificateUtil(net.ripe.rpki.commons.crypto.x509cert.X509CertificateUtil) Collections(java.util.Collections) KeyUsage(org.bouncycastle.asn1.x509.KeyUsage) X509CrlBuilder(net.ripe.rpki.commons.crypto.crl.X509CrlBuilder) KeyPair(java.security.KeyPair) X509Crl(net.ripe.rpki.commons.crypto.crl.X509Crl) ManifestCmsBuilder(net.ripe.rpki.commons.crypto.cms.manifest.ManifestCmsBuilder) RoaCmsBuilder(net.ripe.rpki.commons.crypto.cms.roa.RoaCmsBuilder) RoaCms(net.ripe.rpki.commons.crypto.cms.roa.RoaCms) IpResourceSet(net.ripe.ipresource.IpResourceSet) X500Principal(javax.security.auth.x500.X500Principal) ManifestCms(net.ripe.rpki.commons.crypto.cms.manifest.ManifestCms) X509ResourceCertificate(net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate) X509ResourceCertificateBuilder(net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateBuilder) IpResourceType(net.ripe.ipresource.IpResourceType) Asn(net.ripe.ipresource.Asn)

Example 4 with Asn

use of net.ripe.ipresource.Asn in project rpki-validator-3 by RIPE-NCC.

the class ObjectController method list.

@GetMapping(path = "/validated")
public ResponseEntity<ApiResponse<ValidatedObjects>> list(Locale locale) {
    final Map<Long, TrustAnchorResource> trustAnchorsById = trustAnchors.findAll().stream().collect(Collectors.toMap(TrustAnchor::getId, ta -> TrustAnchorResource.of(ta, locale)));
    final Map<Long, Links> trustAnchorLinks = trustAnchorsById.entrySet().stream().collect(Collectors.toMap(entry -> entry.getKey(), entry -> new Links(entry.getValue().getLinks().getLink("self").withRel(TrustAnchor.TYPE))));
    final Stream<RoaPrefix> validatedPrefixes = validatedRpkiObjects.findCurrentlyValidatedRoaPrefixes(null, null, null).getObjects().filter(new IgnoreFiltersPredicate(ignoreFilters.all()).negate()).map(prefix -> {
        Links links = trustAnchorLinks.get(prefix.getTrustAnchor().getId());
        return new RoaPrefix(String.valueOf(prefix.getAsn()), prefix.getPrefix().toString(), prefix.getEffectiveLength(), links);
    });
    final Stream<RoaPrefix> assertions = roaPrefixAssertions.all().map(assertion -> new RoaPrefix(new Asn(assertion.getAsn()).toString(), IpRange.parse(assertion.getPrefix()).toString(), assertion.getMaximumLength() != null ? assertion.getMaximumLength() : IpRange.parse(assertion.getPrefix()).getPrefixLength(), null));
    final Stream<RoaPrefix> combinedPrefixes = Stream.concat(validatedPrefixes, assertions).distinct();
    final Stream<ValidatedRpkiObjects.RouterCertificate> certificates = validatedRpkiObjects.findCurrentlyValidatedRouterCertificates().getObjects();
    final Stream<RouterCertificate> filteredRouterCertificates = bgpSecFilterService.filterCertificates(certificates).map(o -> new RouterCertificate(o.getAsn(), o.getSubjectKeyIdentifier(), o.getSubjectPublicKeyInfo()));
    final Stream<RouterCertificate> bgpSecAssertions = this.bgpSecAssertions.all().map(b -> {
        final List<String> asns = Collections.singletonList(String.valueOf(b.getAsn()));
        return new RouterCertificate(asns, b.getSki(), b.getPublicKey());
    });
    final Stream<RouterCertificate> combinedAssertions = Stream.concat(filteredRouterCertificates, bgpSecAssertions).distinct();
    return ResponseEntity.ok(ApiResponse.<ValidatedObjects>builder().data(new ValidatedObjects(settings.isInitialValidationRunCompleted(), trustAnchorsById.values(), combinedPrefixes, combinedAssertions)).build());
}
Also used : Links(org.springframework.hateoas.Links) Autowired(org.springframework.beans.factory.annotation.Autowired) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) BgpSecFilterService(net.ripe.rpki.validator3.api.bgpsec.BgpSecFilterService) Value(lombok.Value) Asn(net.ripe.ipresource.Asn) TrustAnchorResource(net.ripe.rpki.validator3.api.trustanchors.TrustAnchorResource) Api(net.ripe.rpki.validator3.api.Api) RpkiObjects(net.ripe.rpki.validator3.domain.RpkiObjects) Locale(java.util.Locale) Map(java.util.Map) RoaPrefixAssertions(net.ripe.rpki.validator3.domain.RoaPrefixAssertions) GetMapping(org.springframework.web.bind.annotation.GetMapping) TrustAnchor(net.ripe.rpki.validator3.domain.TrustAnchor) ValidatedRpkiObjects(net.ripe.rpki.validator3.domain.ValidatedRpkiObjects) IpRange(net.ripe.ipresource.IpRange) TrustAnchors(net.ripe.rpki.validator3.domain.TrustAnchors) Collection(java.util.Collection) IgnoreFilters(net.ripe.rpki.validator3.domain.IgnoreFilters) RestController(org.springframework.web.bind.annotation.RestController) Collectors(java.util.stream.Collectors) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) Stream(java.util.stream.Stream) BgpSecAssertions(net.ripe.rpki.validator3.domain.BgpSecAssertions) IgnoreFiltersPredicate(net.ripe.rpki.validator3.domain.IgnoreFiltersPredicate) Settings(net.ripe.rpki.validator3.domain.Settings) ResponseEntity(org.springframework.http.ResponseEntity) ApiResponse(net.ripe.rpki.validator3.api.ApiResponse) Collections(java.util.Collections) ApiModelProperty(io.swagger.annotations.ApiModelProperty) IgnoreFiltersPredicate(net.ripe.rpki.validator3.domain.IgnoreFiltersPredicate) Links(org.springframework.hateoas.Links) Asn(net.ripe.ipresource.Asn) TrustAnchorResource(net.ripe.rpki.validator3.api.trustanchors.TrustAnchorResource) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 5 with Asn

use of net.ripe.ipresource.Asn in project rpki-validator-3 by RIPE-NCC.

the class RoaPrefixAssertionsController method toResource.

private RoaPrefixAssertionResource toResource(RoaPrefixAssertion assertion) {
    Asn asn = new Asn(assertion.getAsn());
    List<BgpPreviewService.BgpPreviewEntry> affected = bgpPreviewService.findAffected(asn, IpRange.parse(assertion.getPrefix()), assertion.getMaximumLength());
    ImmutableList.Builder<BgpPreviewController.BgpPreview> validated = ImmutableList.builder();
    ImmutableList.Builder<BgpPreviewController.BgpPreview> invalidated = ImmutableList.builder();
    affected.forEach(x -> {
        BgpPreviewController.BgpPreview entry = BgpPreviewController.BgpPreview.of(x.getOrigin().toString(), x.getPrefix().toString(), x.getValidity().toString());
        if (x.getValidity() == BgpPreviewService.Validity.VALID && x.getOrigin().equals(asn)) {
            validated.add(entry);
        } else if (x.getValidity() != BgpPreviewService.Validity.VALID) {
            invalidated.add(entry);
        }
    });
    return RoaPrefixAssertionResource.of(assertion.getId(), assertion.getAsn(), assertion.getPrefix(), assertion.getMaximumLength(), assertion.getComment(), validated.build(), invalidated.build());
}
Also used : ImmutableList(com.google.common.collect.ImmutableList) BgpPreviewController(net.ripe.rpki.validator3.api.bgp.BgpPreviewController) Asn(net.ripe.ipresource.Asn)

Aggregations

Asn (net.ripe.ipresource.Asn)7 IpRange (net.ripe.ipresource.IpRange)4 Collections (java.util.Collections)3 List (java.util.List)3 ImmutableList (com.google.common.collect.ImmutableList)2 ArrayList (java.util.ArrayList)2 Collection (java.util.Collection)2 Map (java.util.Map)2 Collectors (java.util.stream.Collectors)2 Stream (java.util.stream.Stream)2 Value (lombok.Value)2 Slf4j (lombok.extern.slf4j.Slf4j)2 IgnoreFiltersPredicate (net.ripe.rpki.validator3.domain.IgnoreFiltersPredicate)2 ValidatedRpkiObjects (net.ripe.rpki.validator3.domain.ValidatedRpkiObjects)2 Autowired (org.springframework.beans.factory.annotation.Autowired)2 ImmutableSortedSet (com.google.common.collect.ImmutableSortedSet)1 Resources (com.google.common.io.Resources)1 ApiModelProperty (io.swagger.annotations.ApiModelProperty)1 IOException (java.io.IOException)1 BigInteger (java.math.BigInteger)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial