use of net.ripe.rpki.validator3.domain.RpkiRepository in project rpki-validator-3 by RIPE-NCC.
the class CertificateTreeValidationServiceTest method should_register_rpki_repositories.
@Test
public void should_register_rpki_repositories() {
TrustAnchor ta = factory.createRipeNccTrustAnchor();
trustAnchors.add(ta);
subject.validate(ta.getId());
entityManager.flush();
List<CertificateTreeValidationRun> completed = validationRuns.findAll(CertificateTreeValidationRun.class);
assertThat(completed).hasSize(1);
CertificateTreeValidationRun result = completed.get(0);
assertThat(result.getStatus()).isEqualTo(SUCCEEDED);
assertThat(rpkiRepositories.findAll(null, null)).first().extracting(RpkiRepository::getStatus, RpkiRepository::getLocationUri).containsExactly(RpkiRepository.Status.PENDING, "https://rrdp.ripe.net/notification.xml");
assertThat(ta.isInitialCertificateTreeValidationRunCompleted()).as("trust anchor initial validation run completed").isFalse();
assertThat(settings.isInitialValidationRunCompleted()).as("validator initial validation run completed").isFalse();
}
use of net.ripe.rpki.validator3.domain.RpkiRepository in project rpki-validator-3 by RIPE-NCC.
the class CertificateTreeValidationServiceTest method should_validate_minimal_trust_anchor.
@Test
@Ignore("Fix it --- if fails if TrustAnchorControllerTest is not run before it")
public void should_validate_minimal_trust_anchor() {
TrustAnchor ta = factory.createTrustAnchor(x -> {
});
trustAnchors.add(ta);
RpkiRepository repository = rpkiRepositories.register(ta, TA_RRDP_NOTIFY_URI, RpkiRepository.Type.RRDP);
repository.setDownloaded();
entityManager.flush();
subject.validate(ta.getId());
entityManager.flush();
List<CertificateTreeValidationRun> completed = validationRuns.findAll(CertificateTreeValidationRun.class);
assertThat(completed).hasSize(1);
CertificateTreeValidationRun result = completed.get(0);
assertThat(result.getValidationChecks()).isEmpty();
assertThat(result.getStatus()).isEqualTo(SUCCEEDED);
assertThat(result.getValidatedObjects()).extracting((x) -> x.getLocations().first()).containsExactlyInAnyOrder("rsync://rpki.test/test-trust-anchor.mft", "rsync://rpki.test/test-trust-anchor.crl");
assertThat(ta.isInitialCertificateTreeValidationRunCompleted()).as("trust anchor initial validation run completed").isTrue();
assertThat(settings.isInitialValidationRunCompleted()).as("validator initial validation run completed").isFalse();
}
use of net.ripe.rpki.validator3.domain.RpkiRepository in project rpki-validator-3 by RIPE-NCC.
the class RrdpService method doStoreRepository.
private void doStoreRepository(RpkiRepository rpkiRepository, RpkiRepositoryValidationRun validationRun) {
final Notification notification = rrdpClient.readStream(rpkiRepository.getRrdpNotifyUri(), rrdpParser::notification);
log.info("The local serial is '{}' and the latest serial is {}", rpkiRepository.getRrdpSerial(), notification.serial);
if (notification.sessionId.equals(rpkiRepository.getRrdpSessionId())) {
if (rpkiRepository.getRrdpSerial().compareTo(notification.serial) <= 0) {
try {
final List<Delta> deltas = notification.deltas.parallelStream().filter(d -> d.getSerial().compareTo(rpkiRepository.getRrdpSerial()) > 0).sorted(Comparator.comparing(DeltaInfo::getSerial)).map(di -> readDelta(notification, di)).collect(Collectors.toList());
verifyDeltaSerials(deltas, notification, rpkiRepository);
deltas.forEach(d -> {
storeDelta(d, validationRun);
rpkiRepository.setRrdpSerial(rpkiRepository.getRrdpSerial().add(BigInteger.ONE));
});
} catch (RrdpException e) {
log.info("Processing deltas failed {}, falling back to snapshot processing.", e.getMessage());
ValidationCheck validationCheck = new ValidationCheck(validationRun, rpkiRepository.getRrdpNotifyUri(), ValidationCheck.Status.WARNING, ErrorCodes.RRDP_FETCH_DELTAS, e.getMessage());
validationRun.addCheck(validationCheck);
readSnapshot(rpkiRepository, validationRun, notification);
}
}
} else {
log.info("Repository has session id '{}' but the downloaded version has session id '{}', fetching the snapshot", rpkiRepository.getRrdpSessionId(), notification.sessionId);
readSnapshot(rpkiRepository, validationRun, notification);
}
}
Aggregations