diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 73b43dae9..7545c774b 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -16,7 +16,7 @@ jobs:
strategy:
matrix:
# test against latest update of each major Java version, as well as specific updates of LTS versions:
- java: [ 11, 17, 21 ]
+ java: [ 17, 21 ]
name: Java ${{ matrix.java }}
steps:
- uses: actions/checkout@v2
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c3addfd0b..922460da2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -19,7 +19,7 @@ jobs:
- name: Setup Java
uses: actions/setup-java@v1.4.3
with:
- java-version: 11
+ java-version: 17
- name: Release
env:
diff --git a/README.md b/README.md
index 0c8353162..58bbb701e 100644
--- a/README.md
+++ b/README.md
@@ -62,6 +62,11 @@ next (snapshot) release, e.g. `1.1-SNAPSHOT` after releasing `1.0`.
## Changelog
+## 2024-xx-yy 1.41
+ * Build with JDK 17
+ * Remove deprecated ManifestCms.CONTENT_TYPE_OID
+ * Remove deprecated ManifestCms.getHash
+
## 2024-xx-yy 1.40
* Clean up some style (SonarQube) warnings
diff --git a/pom.xml b/pom.xml
index 18032158c..920fe765c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -42,8 +42,8 @@
DEV
UTF-8
- 11
- 11
+ 17
+ 17
1.52
1.77
diff --git a/src/main/java/net/ripe/rpki/commons/crypto/cms/aspa/AspaCmsParser.java b/src/main/java/net/ripe/rpki/commons/crypto/cms/aspa/AspaCmsParser.java
index 287fe2ef9..356c2fddc 100644
--- a/src/main/java/net/ripe/rpki/commons/crypto/cms/aspa/AspaCmsParser.java
+++ b/src/main/java/net/ripe/rpki/commons/crypto/cms/aspa/AspaCmsParser.java
@@ -16,7 +16,6 @@
import javax.annotation.CheckForNull;
import java.util.Comparator;
import java.util.List;
-import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import static net.ripe.rpki.commons.crypto.util.Asn1Util.expect;
@@ -116,7 +115,7 @@ public void decodeAsn1Content(ASN1Encodable content) {
List providerAsList = StreamSupport.stream(providerAsnsSequence.spliterator(), false)
.map(this::parseProviderAsn)
- .collect(Collectors.toList());
+ .toList();
// * The elements of providers MUST be ordered in ascending numerical
// order.ΒΆ
diff --git a/src/main/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCms.java b/src/main/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCms.java
index 29aef0da0..f04a5b114 100644
--- a/src/main/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCms.java
+++ b/src/main/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCms.java
@@ -14,7 +14,7 @@
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
+import org.bouncycastle.cms.CMSSignedGenerator;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.joda.time.DateTime;
@@ -40,13 +40,9 @@ public class ManifestCms extends RpkiSignedObject {
public static final int DEFAULT_VERSION = 0;
- // since 1.34
- @Deprecated
- public static final String CONTENT_TYPE_OID = "1.2.840.113549.1.9.16.1.26";
-
public static final ASN1ObjectIdentifier CONTENT_TYPE = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.1.26");
- public static final String FILE_HASH_ALGORITHM = CMSSignedDataGenerator.DIGEST_SHA256;
+ public static final String FILE_HASH_ALGORITHM = CMSSignedGenerator.DIGEST_SHA256;
/**
* Allowed format of a manifest entry file name.
@@ -138,7 +134,7 @@ protected void validateWithCrl(String location, CertificateRepositoryObjectValid
private void checkEntries(ValidationResult result) {
List failedEntries = getFileNames().stream()
.filter(s -> !FILE_NAME_PATTERN.matcher(s).matches())
- .collect(Collectors.toList());
+ .toList();
result.rejectIfFalse(
failedEntries.isEmpty(),
ValidationString.MANIFEST_ENTRY_FILE_NAME_IS_RELATIVE,
@@ -166,21 +162,13 @@ private void checkManifestValidityTimes(ValidationOptions options, ValidationRes
}
- /**
- * @deprecated use {@link #verifyFileContents(String, byte[])} or {@link #getFileContentSpecification(String)}.
- */
- @Deprecated
- public byte[] getHash(String fileName) {
- return hashes.get(fileName);
- }
-
public boolean verifyFileContents(String fileName, byte[] contents) {
return getFileContentSpecification(fileName).isSatisfiedBy(contents);
}
public FileContentSpecification getFileContentSpecification(String fileName) {
Validate.isTrue(containsFile(fileName));
- return new FileContentSpecification(getHash(fileName));
+ return new FileContentSpecification(hashes.get(fileName));
}
public static byte[] hashContents(byte[] contents) {
diff --git a/src/main/java/net/ripe/rpki/commons/crypto/cms/roa/RoaCmsBuilder.java b/src/main/java/net/ripe/rpki/commons/crypto/cms/roa/RoaCmsBuilder.java
index fcd57a1b2..041fd53ad 100644
--- a/src/main/java/net/ripe/rpki/commons/crypto/cms/roa/RoaCmsBuilder.java
+++ b/src/main/java/net/ripe/rpki/commons/crypto/cms/roa/RoaCmsBuilder.java
@@ -1,6 +1,5 @@
package net.ripe.rpki.commons.crypto.cms.roa;
-import com.google.common.collect.ImmutableSortedSet;
import net.ripe.ipresource.Asn;
import net.ripe.ipresource.IpResourceType;
import net.ripe.rpki.commons.crypto.cms.RpkiSignedObjectBuilder;
@@ -113,7 +112,7 @@ ASN1Encodable encodeRoaIpAddressFamilySequence(List prefixes) {
List encodables = Stream.concat(
addRoaIpAddressFamily(IpResourceType.IPv4, prefixes),
addRoaIpAddressFamily(IpResourceType.IPv6, prefixes)
- ).collect(Collectors.toList());
+ ).toList();
Validate.isTrue(!encodables.isEmpty(), "no encodable prefixes");
return new DERSequence(encodables.toArray(new ASN1Encodable[encodables.size()]));
diff --git a/src/main/java/net/ripe/rpki/commons/provisioning/payload/AbstractProvisioningPayloadXmlSerializer.java b/src/main/java/net/ripe/rpki/commons/provisioning/payload/AbstractProvisioningPayloadXmlSerializer.java
index 1aa295b21..0de13c0c5 100644
--- a/src/main/java/net/ripe/rpki/commons/provisioning/payload/AbstractProvisioningPayloadXmlSerializer.java
+++ b/src/main/java/net/ripe/rpki/commons/provisioning/payload/AbstractProvisioningPayloadXmlSerializer.java
@@ -1,8 +1,8 @@
package net.ripe.rpki.commons.provisioning.payload;
+import net.ripe.rpki.commons.crypto.x509cert.X509CertificateParser;
import net.ripe.rpki.commons.crypto.x509cert.X509GenericCertificate;
import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate;
-import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateParser;
import net.ripe.rpki.commons.provisioning.payload.common.CertificateElement;
import net.ripe.rpki.commons.provisioning.payload.common.GenericClassElement;
import net.ripe.rpki.commons.provisioning.serialization.CertificateUrlListConverter;
@@ -27,12 +27,11 @@
import java.util.Base64;
import java.util.List;
import java.util.function.Supplier;
-import java.util.stream.Collectors;
import static net.ripe.rpki.commons.provisioning.payload.AbstractProvisioningPayload.SUPPORTED_VERSION;
public abstract class AbstractProvisioningPayloadXmlSerializer extends DomXmlSerializer {
- private static final String XMLNS = "http://www.apnic.net/specs/rescerts/up-down/";
+ private static final String UP_DOWN_XMLNS = "http://www.apnic.net/specs/rescerts/up-down/";
/**
* We use the MIME decoder (RFC 2045) here to make the ProcessApnicPdusTest#apnic_pdu_2011_08_15_1_has_errors test
@@ -43,11 +42,12 @@ public abstract class AbstractProvisioningPayloadXmlSerializer U parseClassElementXml(Element element, Supplier clazzSupplier) {
U clazz = clazzSupplier.get();
- clazz.setCertUris(CERTIFICATE_URL_LIST_CONVERTER.fromString(getRequiredAttributeValue(element, "cert_url")));
+ clazz.setCertUris(CERTIFICATE_URL_LIST_CONVERTER.fromString(getRequiredAttributeValue(element, ATTR_CERT_URL)));
clazz.setClassName(getRequiredAttributeValue(element, "class_name"));
clazz.setResourceSetAs(IP_RESOURCE_SET_PROVISIONING_CONVERTER.fromString(getRequiredAttributeValue(element, "resource_set_as")));
clazz.setResourceSetIpv4(IP_RESOURCE_SET_PROVISIONING_CONVERTER.fromString(getRequiredAttributeValue(element, "resource_set_ipv4")));
@@ -169,7 +169,7 @@ protected U parseClassElementXml(Element element
List certificateElements = getChildElements(element, "certificate")
.stream()
.map(this::parseCertificateElementXml)
- .collect(Collectors.toList());
+ .toList();
clazz.setCertificateElements(certificateElements);
Element issuerElement = getSingleChildElement(element, "issuer");
clazz.setIssuer(parseX509ResourceCertificate(issuerElement.getTextContent()));
@@ -178,7 +178,7 @@ protected U parseClassElementXml(Element element
protected Element generateClassElementXml(Document document, GenericClassElement classElement) {
Element node = document.createElementNS(xmlns, "class");
- node.setAttribute("cert_url", CERTIFICATE_URL_LIST_CONVERTER.toString(classElement.getCertificateAuthorityUri()));
+ node.setAttribute(ATTR_CERT_URL, CERTIFICATE_URL_LIST_CONVERTER.toString(classElement.getCertificateAuthorityUri()));
node.setAttribute("class_name", classElement.getClassName());
node.setAttribute("resource_set_as", IP_RESOURCE_SET_PROVISIONING_CONVERTER.toString(classElement.getResourceSetAsn()));
node.setAttribute("resource_set_ipv4", IP_RESOURCE_SET_PROVISIONING_CONVERTER.toString(classElement.getResourceSetIpv4()));
diff --git a/src/main/java/net/ripe/rpki/commons/provisioning/payload/list/response/ResourceClassListResponsePayloadSerializer.java b/src/main/java/net/ripe/rpki/commons/provisioning/payload/list/response/ResourceClassListResponsePayloadSerializer.java
index 98a5fda5f..d784b1232 100644
--- a/src/main/java/net/ripe/rpki/commons/provisioning/payload/list/response/ResourceClassListResponsePayloadSerializer.java
+++ b/src/main/java/net/ripe/rpki/commons/provisioning/payload/list/response/ResourceClassListResponsePayloadSerializer.java
@@ -7,7 +7,6 @@
import org.w3c.dom.Node;
import java.util.List;
-import java.util.stream.Collectors;
/**
* See RFC6492 section 3.3.1 (https://tools.ietf.org/html/rfc6492#section-3.3.1). Example:
@@ -27,7 +26,7 @@ protected ResourceClassListResponsePayload parseXmlPayload(Element message) {
List classes = getChildElements(message, "class")
.stream()
.map(element -> parseClassElementXml(element, ResourceClassListResponseClassElement::new))
- .collect(Collectors.toList());
+ .toList();
return new ResourceClassListResponsePayload(classes);
}
@@ -36,7 +35,7 @@ protected Iterable generateXmlPayload(Document document, Resourc
return payload.getClassElements()
.stream()
.map(clazz -> generateClassElementXml(document, clazz))
- .collect(Collectors.toList());
+ .toList();
}
}
diff --git a/src/main/java/net/ripe/rpki/commons/validation/ValidationResult.java b/src/main/java/net/ripe/rpki/commons/validation/ValidationResult.java
index 68f0beda3..a01faf42f 100644
--- a/src/main/java/net/ripe/rpki/commons/validation/ValidationResult.java
+++ b/src/main/java/net/ripe/rpki/commons/validation/ValidationResult.java
@@ -15,7 +15,6 @@
import java.util.Map.Entry;
import java.util.Set;
import java.util.TreeMap;
-import java.util.stream.Collectors;
public final class ValidationResult implements Serializable {
@@ -241,7 +240,7 @@ public Set getFailuresForCurrentLocation() {
public List getFailuresForAllLocations() {
return results.values().stream()
.flatMap(location -> location.error.stream())
- .collect(Collectors.toList());
+ .toList();
}
public List getFailures(ValidationLocation location) {
@@ -266,7 +265,7 @@ public boolean hasFailureForLocation(ValidationLocation location) {
public List getWarnings() {
return results.values().stream()
.flatMap(location -> location.warning.stream())
- .collect(Collectors.toList());
+ .toList();
}
public List getAllValidationChecksForCurrentLocation() {
diff --git a/src/main/java/net/ripe/rpki/commons/validation/objectvalidators/CertificateRepositoryObjectValidationContext.java b/src/main/java/net/ripe/rpki/commons/validation/objectvalidators/CertificateRepositoryObjectValidationContext.java
index a335f6520..84b7664ef 100644
--- a/src/main/java/net/ripe/rpki/commons/validation/objectvalidators/CertificateRepositoryObjectValidationContext.java
+++ b/src/main/java/net/ripe/rpki/commons/validation/objectvalidators/CertificateRepositoryObjectValidationContext.java
@@ -1,6 +1,5 @@
package net.ripe.rpki.commons.validation.objectvalidators;
-import com.google.common.collect.Lists;
import net.ripe.ipresource.IpResourceSet;
import net.ripe.rpki.commons.crypto.x509cert.X509CertificateObject;
import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificate;
@@ -11,6 +10,7 @@
import org.apache.commons.lang3.builder.ToStringStyle;
import java.net.URI;
+import java.util.ArrayList;
import java.util.List;
/**
@@ -32,7 +32,7 @@ public class CertificateRepositoryObjectValidationContext {
private IpResourceSet overclaiming = new IpResourceSet();
public CertificateRepositoryObjectValidationContext(URI location, X509ResourceCertificate certificate) {
- this(location, certificate, certificate.getResources(), Lists.newArrayList(certificate.getSubject().getName()));
+ this(location, certificate, certificate.getResources(), List.of(certificate.getSubject().getName()));
}
public CertificateRepositoryObjectValidationContext(URI location, X509ResourceCertificate certificate, IpResourceSet resources, List subjectChain) {
@@ -91,7 +91,7 @@ public void addOverclaiming(IpResourceSet overclaiming) {
public CertificateRepositoryObjectValidationContext createChildContext(URI childLocation, X509ResourceCertificate childCertificate) {
IpResourceSet effectiveResources = childCertificate.deriveResources(resources);
removeOverclaimingResources(effectiveResources);
- List childSubjects = Lists.newArrayList(subjectChain);
+ List childSubjects = new ArrayList<>(subjectChain);
childSubjects.add(childCertificate.getSubject().getName());
return new CertificateRepositoryObjectValidationContext(childLocation, childCertificate, effectiveResources, childSubjects);
}
diff --git a/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsBuilderTest.java b/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsBuilderTest.java
index 8e5f2199f..3fcf0c2c9 100644
--- a/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsBuilderTest.java
+++ b/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsBuilderTest.java
@@ -55,7 +55,6 @@ public void shouldTrackFilenameAndHash() {
}
- @SuppressWarnings("deprecation")
@Test
public void shouldCalculateHashAndWriteFile() throws IOException {
byte[] contents = "contents".getBytes();
@@ -67,7 +66,7 @@ public void shouldCalculateHashAndWriteFile() throws IOException {
// The hash below I got using 'shasum -a 256 /tmp/foo1' on OSX, where /tmp/foo1 is the file written above...
byte[] expectedHash = Hex.decode("d1b2a59fbea7e20077af9f91b27e95e865061b270be03ff539ab3b73587882e8");
- assertArrayEquals(expectedHash, result.getHash("foo1"));
+ assertArrayEquals(expectedHash, result.getFileContentSpecification("foo1").getHash());
assertTrue(result.verifyFileContents("foo1", contents));
assertFalse(result.verifyFileContents("foo1", Hex.decode("deadbeaf")));
diff --git a/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsTest.java b/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsTest.java
index d4f788c65..fe7f9e342 100644
--- a/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsTest.java
+++ b/src/test/java/net/ripe/rpki/commons/crypto/cms/manifest/ManifestCmsTest.java
@@ -1,6 +1,5 @@
package net.ripe.rpki.commons.crypto.cms.manifest;
-import com.google.common.collect.Lists;
import net.ripe.ipresource.IpResourceSet;
import net.ripe.ipresource.IpResourceType;
import net.ripe.rpki.commons.crypto.ValidityPeriod;
@@ -36,10 +35,7 @@
import java.math.BigInteger;
import java.net.URI;
import java.security.KeyPair;
-import java.util.Collections;
-import java.util.EnumSet;
-import java.util.HashMap;
-import java.util.Map;
+import java.util.*;
import java.util.Map.Entry;
import static net.ripe.rpki.commons.crypto.x509cert.X509CertificateBuilderHelper.*;
@@ -127,7 +123,7 @@ public void shouldValidateManifestCms() {
X509Crl crl = getRootCrl();
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
when(crlLocator.getCrl(ROOT_MANIFEST_CRL_LOCATION, context, result)).thenReturn(crl);
@@ -142,7 +138,7 @@ public void shouldValidateManifestCms() {
public void shouldNotValidateWithInvalidCrl() {
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
final ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
result.setLocation(new ValidationLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION));
final ValidationLocation rootMftCrlValidationLocation = new ValidationLocation(ROOT_MANIFEST_CRL_LOCATION);
@@ -172,7 +168,7 @@ public void shouldWarnWhenManifestIsStale() {
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationOptions options = ValidationOptions.withStaleConfigurations(Duration.ZERO, Duration.standardDays(100 * 365));
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
@@ -199,7 +195,7 @@ public void shouldRejectWhenManifestIsTooStaleDueToNegativeGracePeriod() {
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationOptions options = ValidationOptions.withStaleConfigurations(Duration.ZERO, Duration.standardDays(-2));
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
@@ -228,7 +224,7 @@ public void shouldRejectWhenThisUpdateTimeIsNotBeforeNextUpdateTime() {
IpResourceSet resources = rootCertificate.getResources();
CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(
- ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
subject.validateWithCrl(ROOT_SIA_MANIFEST_RSYNC_LOCATION.toASCIIString(), context, ValidationOptions.strictValidation(), result, crl);
@@ -251,7 +247,7 @@ public void shouldRejectWhenManifestIsTooStale() {
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationOptions options = ValidationOptions.withStaleConfigurations(Duration.ZERO,Duration.ZERO);
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
@@ -279,7 +275,7 @@ public void shouldRejectWhenCertificateIsExpired() {
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationOptions options = ValidationOptions.withStaleConfigurations(Duration.ZERO, Duration.standardDays(100));
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
@@ -312,7 +308,7 @@ public void shouldRejectWhenThisUpdateInFuture() {
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationOptions options = ValidationOptions.backCompatibleRipeNccValidator();
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
@@ -351,7 +347,7 @@ public void shouldRejectFileNamesThatEscapeRepository() {
subject = builder.build(MANIFEST_KEY_PAIR.getPrivate());
IpResourceSet resources = rootCertificate.getResources();
- CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, Lists.newArrayList(rootCertificate.getSubject().getName()));
+ CertificateRepositoryObjectValidationContext context = new CertificateRepositoryObjectValidationContext(ROOT_CERTIFICATE_LOCATION, rootCertificate, resources, List.of(rootCertificate.getSubject().getName()));
ValidationOptions options = ValidationOptions.strictValidation();
ValidationResult result = ValidationResult.withLocation(ROOT_SIA_MANIFEST_RSYNC_LOCATION);
diff --git a/src/test/java/net/ripe/rpki/commons/crypto/cms/roa/RoaPrefixTest.java b/src/test/java/net/ripe/rpki/commons/crypto/cms/roa/RoaPrefixTest.java
index b90ce7c2e..21670c78c 100644
--- a/src/test/java/net/ripe/rpki/commons/crypto/cms/roa/RoaPrefixTest.java
+++ b/src/test/java/net/ripe/rpki/commons/crypto/cms/roa/RoaPrefixTest.java
@@ -7,25 +7,28 @@
import java.util.*;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
+import static org.assertj.core.api.Assertions.*;
public class RoaPrefixTest {
+
+ public static final IpRange IP_RANGE_10_0_0_0_8 = IpRange.parse("10.0.0.0/8");
+ public static final IpRange IP_RANGE_FFE0_16 = IpRange.parse("ffe0::/16");
+
@Test
public void shouldEqualWhenSemanticallyEqual() {
// recall: EqualsTester includes a test against an artibtrary object of another class
new EqualsTester()
.addEqualityGroup(
- new RoaPrefix(IpRange.parse("10.0.0.0/8")),
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), null),
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), 8)
+ new RoaPrefix(IP_RANGE_10_0_0_0_8),
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, null),
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, 8)
).addEqualityGroup(
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), 32)
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, 32)
).addEqualityGroup(
new RoaPrefix(IpRange.parse("11.0.0.0/8")),
new RoaPrefix(IpRange.parse("11.0.0.0/8"), 8)
- );
+ ).testEquals();
}
@Test
@@ -44,7 +47,7 @@ public void testCalculateEffectiveLength() {
@Test
public void shouldSortRoaPrefixByPrefixThenMaximumLength() {
- var p1 = new RoaPrefix(IpRange.parse("10.0.0.0/8"));
+ var p1 = new RoaPrefix(IP_RANGE_10_0_0_0_8);
var p2 = new RoaPrefix(IpRange.parse("11.0.0.0/8"));
// An equal copy of p2
var p2_8 = new RoaPrefix(IpRange.parse("11.0.0.0/8"), 8);
@@ -53,16 +56,16 @@ public void shouldSortRoaPrefixByPrefixThenMaximumLength() {
var prefixList = List.of(p2_24, p1, p2_8, p2);
// Static case of re-sorting a list in wrong order
- var toSort = Lists.newArrayList(prefixList);
- Collections.sort(toSort);
- assertThat(toSort).containsExactly(p1, p2, p2_8, p2_24);
+ var toSortStatic = new ArrayList<>(prefixList);
+ Collections.sort(toSortStatic);
+ assertThat(toSortStatic).containsExactly(p1, p2, p2_8, p2_24);
// **We can not use sets here, because that would deduplicate, i.e p2_8 is gone:
assertThat(new TreeSet<>(prefixList)).hasSize(prefixList.size()-1);
// But test a number of random shuffles as well
for (int i=0; i < 16; i++) {
- toSort = Lists.newArrayList(prefixList);
+ var toSort = new ArrayList<>(prefixList);
Collections.shuffle(toSort);
Collections.sort(toSort);
assertThat(toSort).containsExactly(p1, p2, p2_8, p2_24);
@@ -72,36 +75,37 @@ public void shouldSortRoaPrefixByPrefixThenMaximumLength() {
@Test
public void shouldEnsureIpAddressIsValidPrefix() {
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), null);
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, null);
+ final var ipRange = IpRange.parse("10.0.0.0-10.0.2.1");
- assertThatThrownBy(() -> new RoaPrefix(IpRange.parse("10.0.0.0-10.0.2.1"), null))
+ assertThatThrownBy(() -> new RoaPrefix(ipRange, null))
.isInstanceOf(IllegalArgumentException.class)
.withFailMessage("ROA prefix requires legal prefix");
}
@Test
public void shouldEnsureMaximumLengthValidity() {
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), null);
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, null);
- assertThatThrownBy(() -> new RoaPrefix(IpRange.parse("10.0.0.0/8"), -1))
+ assertThatThrownBy(() -> new RoaPrefix(IP_RANGE_10_0_0_0_8, -1))
.isInstanceOf(IllegalArgumentException.class)
.withFailMessage("maximum length invalid");
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), 8);
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), 17);
- new RoaPrefix(IpRange.parse("10.0.0.0/8"), 32);
- new RoaPrefix(IpRange.parse("ffe0::/16"), 128);
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, 8);
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, 17);
+ new RoaPrefix(IP_RANGE_10_0_0_0_8, 32);
+ new RoaPrefix(IP_RANGE_FFE0_16, 128);
- assertThatThrownBy(() -> new RoaPrefix(IpRange.parse("10.0.0.0/8"), 0))
+ assertThatThrownBy(() -> new RoaPrefix(IP_RANGE_10_0_0_0_8, 0))
.isInstanceOf(IllegalArgumentException.class)
.withFailMessage("maximum length invalid");
- assertThatThrownBy(() -> new RoaPrefix(IpRange.parse("10.0.0.0/8"), 7))
+ assertThatThrownBy(() -> new RoaPrefix(IP_RANGE_10_0_0_0_8, 7))
.isInstanceOf(IllegalArgumentException.class)
.withFailMessage("maximum length invalid");
- assertThatThrownBy(() -> new RoaPrefix(IpRange.parse("10.0.0.0/8"), 33))
+ assertThatThrownBy(() -> new RoaPrefix(IP_RANGE_10_0_0_0_8, 33))
.isInstanceOf(IllegalArgumentException.class)
.withFailMessage("maximum length invalid");
- assertThatThrownBy(() -> new RoaPrefix(IpRange.parse("ffe0::/16"), 129))
+ assertThatThrownBy(() -> new RoaPrefix(IP_RANGE_FFE0_16, 129))
.isInstanceOf(IllegalArgumentException.class)
.withFailMessage("maximum length invalid");
}