Examples with ValidationRun net.ripe.rpki.validator3.domain.ValidationRun used on opensource projects

Example 11 with ValidationRun

use of net.ripe.rpki.validator3.domain.ValidationRun in project rpki-validator-3 by RIPE-NCC.

the class TrustAnchorValidationServiceTest method test_success.

@Test
public void test_success() {
    TrustAnchor ta = createRipeNccTrustAnchor();
    trustAnchors.add(ta);
    ta.setLocations(Arrays.asList("src/test/resources/ripe-ncc-ta.cer"));
    subject.validate(ta.getId());
    ta.setLocations(Arrays.asList(DUMMY_RSYNC_URI));
    X509ResourceCertificate certificate = ta.getCertificate();
    assertThat(certificate).isNotNull();
    Optional<TrustAnchorValidationRun> validationRun = validationRuns.findLatestCompletedForTrustAnchor(ta);
    assertThat(validationRun).isPresent();
    assertThat(validationRun.get().getStatus()).isEqualTo(ValidationRun.Status.SUCCEEDED);
    assertThat(validationRun.get().getValidationChecks()).isEmpty();
}

Example 12 with ValidationRun

use of net.ripe.rpki.validator3.domain.ValidationRun in project rpki-validator-3 by RIPE-NCC.

the class TrustAnchorValidationServiceTest method test_empty_file.

@Test
public void test_empty_file() {
    TrustAnchor ta = createRipeNccTrustAnchor();
    trustAnchors.add(ta);
    ta.setLocations(Arrays.asList("src/test/resources/empty-file.cer"));
    subject.validate(ta.getId());
    ta.setLocations(Arrays.asList(DUMMY_RSYNC_URI));
    assertThat(ta.getCertificate()).isNull();
    Optional<TrustAnchorValidationRun> validationRun = validationRuns.findLatestCompletedForTrustAnchor(ta);
    assertThat(validationRun).isPresent();
    List<ValidationCheck> validationChecks = validationRun.get().getValidationChecks();
    assertThat(validationChecks).hasSize(1);
    assertThat(validationChecks.get(0).getKey()).isEqualTo(ErrorCodes.REPOSITORY_OBJECT_MINIMUM_SIZE);
}

Example 13 with ValidationRun

use of net.ripe.rpki.validator3.domain.ValidationRun in project rpki-validator-3 by RIPE-NCC.

the class TrustAnchorValidationServiceTest method test_rsync_failure.

@Test
public void test_rsync_failure() {
    TrustAnchor ta = createRipeNccTrustAnchor();
    ta.setLocations(Arrays.asList(DUMMY_RSYNC_URI));
    trustAnchors.add(ta);
    subject.validate(ta.getId());
    assertThat(ta.getCertificate()).isNull();
    Optional<TrustAnchorValidationRun> validationRun = validationRuns.findLatestCompletedForTrustAnchor(ta);
    assertThat(validationRun).isPresent();
    List<ValidationCheck> validationChecks = validationRun.get().getValidationChecks();
    assertThat(validationChecks).hasSize(1);
    assertThat(validationChecks.get(0).getKey()).isEqualTo(ErrorCodes.RSYNC_FETCH);
}

Example 14 with ValidationRun

use of net.ripe.rpki.validator3.domain.ValidationRun in project rpki-validator-3 by RIPE-NCC.

the class TrustAnchorValidationServiceTest method test_bad_subject_public_key.

@Test
public void test_bad_subject_public_key() {
    TrustAnchor ta = createRipeNccTrustAnchor();
    ta.setSubjectPublicKeyInfo(ta.getSubjectPublicKeyInfo().toUpperCase());
    trustAnchors.add(ta);
    ta.setLocations(Arrays.asList("src/test/resources/ripe-ncc-ta.cer"));
    subject.validate(ta.getId());
    ta.setLocations(Arrays.asList(DUMMY_RSYNC_URI));
    assertThat(ta.getCertificate()).isNull();
    Optional<TrustAnchorValidationRun> validationRun = validationRuns.findLatestCompletedForTrustAnchor(ta);
    assertThat(validationRun).isPresent();
    List<ValidationCheck> validationChecks = validationRun.get().getValidationChecks();
    assertThat(validationChecks).hasSize(1);
    assertThat(validationChecks.get(0).getKey()).isEqualTo("trust.anchor.subject.key.matches.locator");
}

Example 15 with ValidationRun

use of net.ripe.rpki.validator3.domain.ValidationRun in project rpki-validator-3 by RIPE-NCC.

the class RrdpServiceTest method should_parse_notification_verify_snapshot_hash.

@Test
public void should_parse_notification_verify_snapshot_hash() {
    final Objects.Publish cert = new Objects.Publish("rsync://host/path/cert.cer", Objects.aParseableCertificate());
    final Objects.Publish crl = new Objects.Publish("rsync://host/path/crl1.crl", Objects.aParseableCrl());
    rrdpClient.add(cert.uri, cert.content);
    rrdpClient.add(crl.uri, crl.content);
    final int serial = 1;
    final String sessionId = UUID.randomUUID().toString();
    final byte[] snapshotXml = Objects.snapshotXml(serial, sessionId, cert, crl);
    final String snapshotUri = "https://host/path/snapshot.xml";
    final Objects.SnapshotInfo snapshot = new Objects.SnapshotInfo(snapshotUri, Hex.parse("FFFFFF"));
    rrdpClient.add(snapshot.uri, snapshotXml);
    final byte[] notificationXml = Objects.notificationXml(serial, sessionId, snapshot);
    final String notificationUri = "https://rrdp.ripe.net/notification.xml";
    rrdpClient.add(notificationUri, notificationXml);
    final TrustAnchor trustAnchor = TestObjects.newTrustAnchor();
    entityManager.persist(trustAnchor);
    final RpkiRepository rpkiRepository = new RpkiRepository(trustAnchor, notificationUri, RpkiRepository.Type.RRDP);
    entityManager.persist(rpkiRepository);
    final RrdpRepositoryValidationRun validationRun = new RrdpRepositoryValidationRun(rpkiRepository);
    subject.storeRepository(rpkiRepository, validationRun);
    final List<RpkiObject> objects = rpkiObjects.all().collect(Collectors.toList());
    assertEquals(0, objects.size());
    assertEquals(1, validationRun.getValidationChecks().size());
    final ValidationCheck validationCheck = validationRun.getValidationChecks().get(0);
    assertEquals(ErrorCodes.RRDP_FETCH, validationCheck.getKey());
    assertEquals(ValidationCheck.Status.ERROR, validationCheck.getStatus());
    assertEquals("Hash of the snapshot file " + snapshotUri + " is " + Hex.format(Sha256.hash(snapshotXml)) + ", but notification file says FFFFFF", validationCheck.getParameters().get(0));
    assertEquals(rpkiRepository.getRrdpNotifyUri(), validationCheck.getLocation());
}