elsloo closed pull request #1931: Removed jdnssec dependency from Traffic Router URL: https://github.com/apache/incubator-trafficcontrol/pull/1931
This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/traffic_router/README.DNSSEC b/traffic_router/README.DNSSEC deleted file mode 100644 index 93e9fc59e0..0000000000 --- a/traffic_router/README.DNSSEC +++ /dev/null @@ -1,5 +0,0 @@ -This release includes initial support for DNSSEC using David Blacka's jdnssec-tools package, currently version 0.12. Download the binary distribution and install the jar into your local Maven repository. - - http://www.verisignlabs.com/jdnssec-tools/ - - mvn install:install-file -Dfile=jdnssec-tools.jar -DgroupId=jdnssec -DartifactId=jdnssec-tools -Dversion=0.12 -Dpackaging=jar diff --git a/traffic_router/core/pom.xml b/traffic_router/core/pom.xml index bf98ff672f..06e552ed70 100644 --- a/traffic_router/core/pom.xml +++ b/traffic_router/core/pom.xml @@ -211,6 +211,13 @@ </execution> </executions> </plugin> + <plugin> + <artifactId>maven-war-plugin</artifactId> + <version>2.1.1</version> + <configuration> + <attachClasses>true</attachClasses> + </configuration> + </plugin> </plugins> </build> @@ -265,11 +272,6 @@ <artifactId>dnsjava</artifactId> <version>2.1.7</version> </dependency> - <dependency> - <groupId>jdnssec</groupId> - <artifactId>jdnssec-tools</artifactId> - <version>0.12</version> - </dependency> <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> diff --git a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/SignatureManager.java b/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/SignatureManager.java index 976cf8a5c8..e6a0c19474 100644 --- a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/SignatureManager.java +++ b/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/SignatureManager.java @@ -56,7 +56,6 @@ private Map<String, List<DnsSecKeyPair>> keyMap; private ProtectedFetcher fetcher = null; private ZoneManager zoneManager; - private boolean useJDnsSec = true; private final TrafficRouterManager trafficRouterManager; public SignatureManager(final ZoneManager zoneManager, final CacheRegister cacheRegister, final TrafficOpsUtils trafficOpsUtils, final TrafficRouterManager trafficRouterManager) { @@ -80,7 +79,6 @@ private void initKeyMap() { final boolean dnssecEnabled = JsonUtils.optBoolean(config, "dnssec.enabled"); if (dnssecEnabled) { setDnssecEnabled(true); - this.useJDnsSec = JsonUtils.optBoolean(config, "usejdnssec", true); setExpiredKeyAllowed(JsonUtils.optBoolean(config, "dnssec.allow.expired.keys", true)); // allowing this by default is the safest option setExpirationMultiplier(JsonUtils.optInt(config, "signaturemanager.expiration.multiplier", 5)); // signature validity is maxTTL * this final ScheduledExecutorService me = Executors.newScheduledThreadPool(1); @@ -133,12 +131,7 @@ public void run() { if (keyPairs.isArray()) { for (final JsonNode keyPair : keyPairs) { try { - final DnsSecKeyPair dkpw; - if (useJDnsSec) { - dkpw = new DNSKeyPairWrapper(keyPair, defaultTTL); - } else { - dkpw = new DnsSecKeyPairImpl(keyPair, defaultTTL); - } + final DnsSecKeyPair dkpw = new DnsSecKeyPairImpl(keyPair, defaultTTL); if (!newKeyMap.containsKey(dkpw.getName())) { newKeyMap.put(dkpw.getName(), new ArrayList<>()); @@ -451,11 +444,7 @@ private String getRefreshMessage(final ZoneCacheType type, final SignedZoneKey z final List<Record> signedRecords; - ZoneSigner zoneSigner = new JDnsSecSigner(); - - if (!useJDnsSec) { - zoneSigner = new ZoneSignerImpl(); - } + final ZoneSigner zoneSigner = new ZoneSignerImpl(); signedRecords = zoneSigner.signZone(name, records, kskPairs, zskPairs, start.getTime(), signatureExpiration.getTime(), true, DSRecord.SHA256_DIGEST_ID); @@ -487,11 +476,7 @@ private String getRefreshMessage(final ZoneCacheType type, final SignedZoneKey z final Long dsTtl = ZoneUtils.getLong(config.get("ttls"), "DS", 60); for (final DnsSecKeyPair kp : kskPairs) { - ZoneSigner zoneSigner = new JDnsSecSigner(); - - if (!useJDnsSec) { - zoneSigner = new ZoneSignerImpl(); - } + final ZoneSigner zoneSigner = new ZoneSignerImpl(); final DSRecord dsRecord = zoneSigner.calculateDSRecord(kp.getDNSKEYRecord(), DSRecord.SHA256_DIGEST_ID, dsTtl); LOGGER.debug(name + ": adding DS record " + dsRecord); diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/RRSetsBuilderTest.java b/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/RRSetsBuilderTest.java index 6c9133fce1..9d0a355eca 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/RRSetsBuilderTest.java +++ b/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/RRSetsBuilderTest.java @@ -16,6 +16,7 @@ package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; import com.comcast.cdn.traffic_control.traffic_router.core.dns.RRSetsBuilder; +import com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords; import org.junit.Before; import org.junit.Test; import org.xbill.DNS.RRset; diff --git a/traffic_router/jdnssec/README.DNSSEC b/traffic_router/jdnssec/README.DNSSEC new file mode 100644 index 0000000000..d24fb39eaf --- /dev/null +++ b/traffic_router/jdnssec/README.DNSSEC @@ -0,0 +1,7 @@ +This release includes test tools for DNSSEC using David Blacka's jdnssec-tools package. Download the binary distribution and install the jar into your local Maven repository. + + http://www.verisignlabs.com/jdnssec-tools/ + + mvn install:install-file -Dfile=jdnssec-tools.jar -DgroupId=jdnssec -DartifactId=jdnssec-tools -Dversion={VERSION} -Dpackaging=jar + +To build the optional jdnssec module, use: mvn <goals> -DuseJdnssec=true diff --git a/traffic_router/jdnssec/pom.xml b/traffic_router/jdnssec/pom.xml new file mode 100644 index 0000000000..f1e8b4b111 --- /dev/null +++ b/traffic_router/jdnssec/pom.xml @@ -0,0 +1,53 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<project xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <parent> + <artifactId>traffic_router</artifactId> + <groupId>com.comcast.cdn.traffic_control.traffic_router</groupId> + <version>2.2.0</version> + </parent> + <modelVersion>4.0.0</modelVersion> + + <artifactId>traffic_router_jdnssec</artifactId> + <dependencies> + <dependency> + <groupId>com.comcast.cdn.traffic_control.traffic_router</groupId> + <artifactId>traffic_router_core</artifactId> + <version>${project.parent.version}</version> + <classifier>classes</classifier> + </dependency> + <dependency> + <groupId>com.comcast.cdn.traffic_control.traffic_router</groupId> + <artifactId>traffic_router_shared</artifactId> + <version>${project.parent.version}</version> + </dependency> + <dependency> + <groupId>jdnssec</groupId> + <artifactId>jdnssec-tools</artifactId> + <version>0.12</version> + </dependency> + </dependencies> + + +</project> \ No newline at end of file diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/BindPrivateKeyFormatter.java b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/BindPrivateKeyFormatter.java similarity index 94% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/BindPrivateKeyFormatter.java rename to traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/BindPrivateKeyFormatter.java index e59b74a7e7..82c23565e6 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/BindPrivateKeyFormatter.java +++ b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/BindPrivateKeyFormatter.java @@ -13,12 +13,11 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; +package com.comcast.cdn.traffic_control.traffic_router.jdnssec.dns.keys; import sun.security.rsa.RSAPrivateCrtKeyImpl; import java.math.BigInteger; -import java.security.interfaces.RSAMultiPrimePrivateCrtKey; import java.security.spec.RSAMultiPrimePrivateCrtKeySpec; import static java.util.Base64.getEncoder; diff --git a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/DNSKeyPairWrapper.java b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/DNSKeyPairWrapper.java similarity index 97% rename from traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/DNSKeyPairWrapper.java rename to traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/DNSKeyPairWrapper.java index c393b882e8..5a86fe57db 100644 --- a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/DNSKeyPairWrapper.java +++ b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/DNSKeyPairWrapper.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns; +package com.comcast.cdn.traffic_control.traffic_router.jdnssec.dns.keys; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -23,6 +23,7 @@ import javax.xml.bind.DatatypeConverter; +import com.comcast.cdn.traffic_control.traffic_router.core.dns.DnsSecKeyPair; import com.comcast.cdn.traffic_control.traffic_router.core.util.JsonUtils; import com.comcast.cdn.traffic_control.traffic_router.core.util.JsonUtilsException; import com.fasterxml.jackson.databind.JsonNode; diff --git a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/JDnsSecSigner.java b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/JDnsSecSigner.java similarity index 91% rename from traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/JDnsSecSigner.java rename to traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/JDnsSecSigner.java index cef5433733..0f1d414cef 100644 --- a/traffic_router/core/src/main/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/JDnsSecSigner.java +++ b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/JDnsSecSigner.java @@ -13,8 +13,10 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns; +package com.comcast.cdn.traffic_control.traffic_router.jdnssec.dns.keys; +import com.comcast.cdn.traffic_control.traffic_router.core.dns.DnsSecKeyPair; +import com.comcast.cdn.traffic_control.traffic_router.core.dns.ZoneSigner; import com.verisignlabs.dnssec.security.DnsKeyPair; import com.verisignlabs.dnssec.security.JCEDnsSecSigner; import com.verisignlabs.dnssec.security.SignUtils; diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/Pkcs1Formatter.java b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/Pkcs1Formatter.java similarity index 96% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/Pkcs1Formatter.java rename to traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/Pkcs1Formatter.java index 305b2c174e..a9045dead3 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/Pkcs1Formatter.java +++ b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/Pkcs1Formatter.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; +package com.comcast.cdn.traffic_control.traffic_router.jdnssec.dns.keys; import sun.security.rsa.RSAPrivateCrtKeyImpl; import sun.security.util.DerOutputStream; diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/SigningTestDataGenerator.java b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/SigningTestDataGenerator.java similarity index 88% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/SigningTestDataGenerator.java rename to traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/SigningTestDataGenerator.java index cace09c398..5d515d2d38 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/SigningTestDataGenerator.java +++ b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/SigningTestDataGenerator.java @@ -13,8 +13,9 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; +package com.comcast.cdn.traffic_control.traffic_router.jdnssec.dns.keys; +import com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords; import com.verisignlabs.dnssec.security.DnsKeyPair; import com.verisignlabs.dnssec.security.JCEDnsSecSigner; import org.junit.Before; @@ -36,13 +37,13 @@ import java.util.Base64; import java.util.List; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.generateZoneRecords; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.keySigningKeyRecord; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.ksk1; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.ksk2; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.zoneSigningKeyRecord; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.zsk1; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.zsk2; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.generateZoneRecords; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.keySigningKeyRecord; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.ksk1; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.ksk2; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.zoneSigningKeyRecord; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.zsk1; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.zsk2; import static java.util.Base64.getEncoder; import static java.util.Base64.getMimeEncoder; import static java.util.stream.Collectors.toList; diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/ZoneSignerTest.java b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/ZoneSignerTest.java similarity index 89% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/ZoneSignerTest.java rename to traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/ZoneSignerTest.java index c1c31497c7..fe9db53d16 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/ZoneSignerTest.java +++ b/traffic_router/jdnssec/src/test/java/com/comcast/cdn/traffic_control/traffic_router/jdnssec/dns/keys/ZoneSignerTest.java @@ -13,14 +13,14 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; +package com.comcast.cdn.traffic_control.traffic_router.jdnssec.dns.keys; -import com.comcast.cdn.traffic_control.traffic_router.core.IsEqualCollection; -import com.comcast.cdn.traffic_control.traffic_router.core.dns.DNSKeyPairWrapper; +import com.comcast.cdn.traffic_control.traffic_router.shared.IsEqualCollection; import com.comcast.cdn.traffic_control.traffic_router.core.dns.DnsSecKeyPair; import com.comcast.cdn.traffic_control.traffic_router.core.dns.DnsSecKeyPairImpl; -import com.comcast.cdn.traffic_control.traffic_router.core.dns.JDnsSecSigner; import com.comcast.cdn.traffic_control.traffic_router.core.dns.ZoneSignerImpl; +import com.comcast.cdn.traffic_control.traffic_router.shared.SigningData; +import com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.verisignlabs.dnssec.security.DnsKeyPair; @@ -35,12 +35,12 @@ import java.util.List; import java.util.stream.Stream; -import static com.comcast.cdn.traffic_control.traffic_router.core.IsEqualCollection.equalTo; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.keySigningKeyRecord; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.origin; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.sep_1_2016; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.sep_1_2026; -import static com.comcast.cdn.traffic_control.traffic_router.core.dns.keys.ZoneTestRecords.zoneSigningKeyRecord; +import static com.comcast.cdn.traffic_control.traffic_router.shared.IsEqualCollection.equalTo; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.keySigningKeyRecord; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.origin; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.sep_1_2016; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.sep_1_2026; +import static com.comcast.cdn.traffic_control.traffic_router.shared.ZoneTestRecords.zoneSigningKeyRecord; import static java.util.Arrays.asList; import static java.util.Base64.getMimeDecoder; import static java.util.stream.Collectors.toList; diff --git a/traffic_router/pom.xml b/traffic_router/pom.xml index 7c3ab101f3..d74afea192 100644 --- a/traffic_router/pom.xml +++ b/traffic_router/pom.xml @@ -124,5 +124,17 @@ <module>neustar</module> </modules> </profile> + <profile> + <id>jdnssec</id> + <modules> + <module>jdnssec</module> + </modules> + <activation> + <property> + <name>useJdnssec</name> + <value>true</value> + </property> + </activation> + </profile> </profiles> </project> diff --git a/traffic_router/shared/pom.xml b/traffic_router/shared/pom.xml index 035b544dfc..46a60d39bf 100644 --- a/traffic_router/shared/pom.xml +++ b/traffic_router/shared/pom.xml @@ -76,6 +76,7 @@ under the License. <dependency> <groupId>org.hamcrest</groupId> <artifactId>hamcrest-all</artifactId> + <scope>compile</scope> </dependency> <dependency> <groupId>org.powermock</groupId> @@ -93,6 +94,11 @@ under the License. <groupId>junit</groupId> <artifactId>junit</artifactId> </dependency> + <dependency> + <groupId>dnsjava</groupId> + <artifactId>dnsjava</artifactId> + <version>2.1.7</version> + </dependency> </dependencies> diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/IsEqualCollection.java b/traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/IsEqualCollection.java similarity index 95% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/IsEqualCollection.java rename to traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/IsEqualCollection.java index 380180cb33..ef4deff7c9 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/IsEqualCollection.java +++ b/traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/IsEqualCollection.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core; +package com.comcast.cdn.traffic_control.traffic_router.shared; import org.hamcrest.Description; import org.hamcrest.Factory; @@ -22,6 +22,7 @@ import java.util.Collection; +@SuppressWarnings("PMD") public class IsEqualCollection<T> extends IsEqual<T> { private final Object expectedValue; diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/SigningData.java b/traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/SigningData.java similarity index 98% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/SigningData.java rename to traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/SigningData.java index a3642aa1ce..811452d87f 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/SigningData.java +++ b/traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/SigningData.java @@ -13,9 +13,8 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; +package com.comcast.cdn.traffic_control.traffic_router.shared; -import org.xbill.DNS.DSRecord; import org.xbill.DNS.Record; import org.xbill.DNS.Section; @@ -26,17 +25,18 @@ import static java.util.stream.Collectors.toList; +@SuppressWarnings("PMD") public class SigningData { // If you want to update this data, change the contents of SigningTestDataGenerator.java, // run its only test and then replace everything between here and the declaration of signedList // All data below is based on PKCS#1 format, see https://tools.ietf.org/html/rfc3447#appendix-A.1.1 - static String ksk1Public = + public static String ksk1Public = "MIIBCgKCAQEAly/1SbKJpzYwOJF2Xie7W6eLyQ/W1Ar8hKss7ZbIkcg23bt8QQOFVLPlYG9luYzAULZgTWa4gFlrBkEzO410oy8V" + "FZgB5x11/LioWGJmy9h+H6R1Fy0QFP3eFGKb9tLuAJGMaSRTcbRADJQYiDJ6uuWobTg2fNxlb7B1lz7wOVk/yTV795k+vb+lJx8x" + "Zu9vNyIkUy2/LF4J0oXKCPUEee0hpBglEeFcnMSHjO+LtY5Y6E8+fp3d38+Tikmy/2Xu0R35MmCWXuwqYMO+1p7spNzsuUFkhTWt" + "0yJKc8pC91V6e3gsD6iwMy3Q0EEEQ7q1z+M9vLIYtmC27mHmdDh1DQIDAQAB"; - static String ksk1Private = + public static String ksk1Private = "UHJpdmF0ZS1rZXktZm9ybWF0OiB2MS4yCkFsZ29yaXRobTogNSAoUlNBU0hBMSkKTW9kdWx1czog\nQUpjdjlVbXlpYWMyTURpUm" + "RsNG51MXVuaThrUDF0UUsvSVNyTE8yV3lKSElOdDI3ZkVFRGhWU3o1\nV0J2WmJtTXdGQzJZRTFtdUlCWmF3WkJNenVOZEtNdkZS" + "V1lBZWNkZGZ5NHFGaGlac3ZZZmgra2RS\nY3RFQlQ5M2hSaW0vYlM3Z0NSakdra1UzRzBRQXlVR0lneWVycmxxRzA0Tm56Y1pXK3" + @@ -63,13 +63,13 @@ "RzQ1VNL1FFQk82QWZyS0NQZHkK"; - static String ksk2Public = + public static String ksk2Public = "MIIBCgKCAQEAqZz9euL/dovYWIF87eUDWObp9YodiCp88k/PhDCyIbpn7a/QZZYZgYJTjQH0wrMweHj6M74fn8zAFz4fCUq6XSdF" + "UR0X/7MXzBYfuKYdYbYrF68C57ryEl3sW9rSMgxWtajvKFzyB67sYT2GcL3vjZPaYb2ZT2jgjEqeKAk7fzcibfR4UrTj3LI19U8W" + "reZ29JZAmV2sknYA3ImM33CLYseRCw79r0Jws9RLmJixzDeavWYBls1KUqeXYqV++Hb+mQcR/C0/ch63msPWwgcOEfGFmagcYFvC" + "6gOLYXH5WgC2UJlpAMQBZC+3UKwmHaomXeHh92zkQ/nV4bcEOzjZlQIDAQAB"; - static String ksk2Private = + public static String ksk2Private = "UHJpdmF0ZS1rZXktZm9ybWF0OiB2MS4yCkFsZ29yaXRobTogNSAoUlNBU0hBMSkKTW9kdWx1czog\nQUttYy9YcmkvM2FMMkZpQm" + "ZPM2xBMWptNmZXS0hZZ3FmUEpQejRRd3NpRzZaKzJ2MEdXV0dZR0NV\nNDBCOU1Lek1IaDQrak8rSDUvTXdCYytId2xLdWwwblJW" + "RWRGLyt6Rjh3V0g3aW1IV0cyS3hldkF1\nZTY4aEpkN0Z2YTBqSU1WcldvN3loYzhnZXU3R0U5aG5DOTc0MlQybUc5bVU5bzRJeE" + @@ -96,13 +96,13 @@ "BSd0J0U1ZvSW9pTXpJbVZIMD0K"; - static String zsk1Public = + public static String zsk1Public = "MIIBCgKCAQEAymLTAjeDfcIYUKyGqKhUrl/khgBJA9TNqrzZOfMmNFarbONxDnsd6WoHnqi5xGrNBV6ZGIGwc4tebG/XWBOVvI7P" + "b10ZHjm4muKnzA9Qt+TOwpukN/phOzDwFZx+QHHu18jePgmFstoSUJzb4baPSoLorCYbRKdIAHhSEALfL5LE8ByP/MwWCO6jD0wE" + "ZlzGsnow5wxnuVWhBt8FMpRN9FgrJ3YkfTxKz8IZpSx2yjf9IIa/lGvKxcUoAyrdWam14l3fBTI6tfx2nWv56L846wXjqtcZvQeO" + "0ewFdwNw2kWTT01kWeG6lXa1yo6CARkvVaF9zcrVNxWUm7CIvKibwQIDAQAB"; - static String zsk1Private = + public static String zsk1Private = "UHJpdmF0ZS1rZXktZm9ybWF0OiB2MS4yCkFsZ29yaXRobTogNSAoUlNBU0hBMSkKTW9kdWx1czog\nQU1waTB3STNnMzNDR0ZDc2" + "hxaW9WSzVmNUlZQVNRUFV6YXE4MlRuekpqUldxMnpqY1E1N0hlbHFC\nNTZvdWNScXpRVmVtUmlCc0hPTFhteHYxMWdUbGJ5T3oy" + "OWRHUjQ1dUpyaXA4d1BVTGZrenNLYnBE\nZjZZVHN3OEJXY2ZrQng3dGZJM2o0SmhiTGFFbENjMitHMmowcUM2S3dtRzBTblNBQj" + @@ -129,13 +129,13 @@ "ZTRzFFZFBwWmd0dTQ5YnVpUT0K"; - static String zsk2Public = + public static String zsk2Public = "MIIBCgKCAQEAuCnKCdaJnVwi3Iu0zUYrciw05zZ3jXkZAKE+TOCT5/DlpGRNwzU8x0qc2niyt9Q+awSBpizFWAeAfgpoZXEjbIvw" + "hhDYC/Ze12jvDh/c/xyzaScnt6C6rlM2y1q7j7q9uI/64l7lQITOno4pvPZP3txXqll5VNfUjMbE3HNXL4O+qGLAij1/2clnS8wG" + "vokEITcYwOL6I0vBADqgu4pmu5sstMN+72Tz8FQ+ZAMQ8B7G2IlnPdTBypL0r0LjoFJ2SWZGnj/IRM7Am4iMiwlCSbbDzPibsMwl" + "MAquEBA1UVoN4PC1Ah+Hb6tP2h92Nl1JVSu0478uItF90dGl0gDQuwIDAQAB"; - static String zsk2Private = + public static String zsk2Private = "UHJpdmF0ZS1rZXktZm9ybWF0OiB2MS4yCkFsZ29yaXRobTogNSAoUlNBU0hBMSkKTW9kdWx1czog\nQUxncHlnbldpWjFjSXR5TH" + "RNMUdLM0lzTk9jMmQ0MTVHUUNoUGt6Z2srZnc1YVJrVGNNMVBNZEtu\nTnA0c3JmVVBtc0VnYVlzeFZnSGdINEthR1Z4STJ5TDhJ" + "WVEyQXYyWHRkbzd3NGYzUDhjczJrbko3\nZWd1cTVUTnN0YXU0KzZ2YmlQK3VKZTVVQ0V6cDZPS2J6MlQ5N2NWNnBaZVZUWDFJek" + @@ -550,7 +550,7 @@ // example.com. 31556952 IN DNSKEY 256 3 5 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymLTAjeDfcIYUKyGqKhUrl/khgBJA9TNqrzZOfMmNFarbONxDnsd6WoHnqi5xGrNBV6ZGIGwc4tebG/XWBOVvI7Pb10ZHjm4muKnzA9Qt+TOwpukN/phOzDwFZx+QHHu18jePgmFstoSUJzb4baPSoLorCYbRKdIAHhSEALfL5LE8ByP/MwWCO6jD0wEZlzGsnow5wxnuVWhBt8FMpRN9FgrJ3YkfTxKz8IZpSx2yjf9IIa/lGvKxcUoAyrdWam14l3fBTI6tfx2nWv56L846wXjqtcZvQeO0ewFdwNw2kWTT01kWeG6lXa1yo6CARkvVaF9zcrVNxWUm7CIvKibwQIDAQAB // keytag 62715 - static String zoneDnsKeyRecord = + public static String zoneDnsKeyRecord = "ZXhhbXBsZS5jb20uCQkzMTU1Njk1MglJTglETlNLRVkJMjU2IDMgNSBNSUlCSWpBTkJna3Foa2lH\nOXcwQkFRRUZBQU9DQVE4QU" + "1JSUJDZ0tDQVFFQXltTFRBamVEZmNJWVVLeUdxS2hVcmwva2hnQkpB\nOVROcXJ6Wk9mTW1ORmFyYk9OeERuc2Q2V29IbnFpNXhH" + "ck5CVjZaR0lHd2M0dGViRy9YV0JPVnZJ\nN1BiMTBaSGptNG11S256QTlRdCtUT3dwdWtOL3BoT3pEd0ZaeCtRSEh1MThqZVBnbU" + @@ -560,7 +560,7 @@ // example.com. 315569520 IN DNSKEY 257 3 5 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly/1SbKJpzYwOJF2Xie7W6eLyQ/W1Ar8hKss7ZbIkcg23bt8QQOFVLPlYG9luYzAULZgTWa4gFlrBkEzO410oy8VFZgB5x11/LioWGJmy9h+H6R1Fy0QFP3eFGKb9tLuAJGMaSRTcbRADJQYiDJ6uuWobTg2fNxlb7B1lz7wOVk/yTV795k+vb+lJx8xZu9vNyIkUy2/LF4J0oXKCPUEee0hpBglEeFcnMSHjO+LtY5Y6E8+fp3d38+Tikmy/2Xu0R35MmCWXuwqYMO+1p7spNzsuUFkhTWt0yJKc8pC91V6e3gsD6iwMy3Q0EEEQ7q1z+M9vLIYtmC27mHmdDh1DQIDAQAB // keytag 62715 - static String keyDnsKeyRecord = + public static String keyDnsKeyRecord = "ZXhhbXBsZS5jb20uCQkzMTU1Njk1MjAJSU4JRE5TS0VZCTI1NyAzIDUgTUlJQklqQU5CZ2txaGtp\nRzl3MEJBUUVGQUFPQ0FROE" + "FNSUlCQ2dLQ0FRRUFseS8xU2JLSnB6WXdPSkYyWGllN1c2ZUx5US9X\nMUFyOGhLc3M3WmJJa2NnMjNidDhRUU9GVkxQbFlHOWx1" + "WXpBVUxaZ1RXYTRnRmxyQmtFek80MTBv\neThWRlpnQjV4MTEvTGlvV0dKbXk5aCtINlIxRnkwUUZQM2VGR0tiOXRMdUFKR01hU1" + @@ -568,9 +568,9 @@ "hLQ1BVRWVlMGhwQmdsRWVGY25NU0hqTytMdFk1WTZFOCtmcDNkMzgrVGlrbXkvMlh1\nMFIzNU1tQ1dYdXdxWU1PKzFwN3NwTnpz" + "dVVGa2hUV3QweUpLYzhwQzkxVjZlM2dzRDZpd015M1Ew\nRUVFUTdxMXorTTl2TElZdG1DMjdtSG1kRGgxRFFJREFRQUI="; - static List<Record> signedList; - static List<Record> postZoneList; - static List<Record> dsRecordList = new ArrayList<>(); + public static List<Record> signedList; + public static List<Record> postZoneList; + public static List<Record> dsRecordList = new ArrayList<>(); public static List<String> getStringsNamedLike(String name, Class clazz) { return Arrays.asList(clazz.getDeclaredFields()).stream() diff --git a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/ZoneTestRecords.java b/traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/ZoneTestRecords.java similarity index 90% rename from traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/ZoneTestRecords.java rename to traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/ZoneTestRecords.java index a164ec0e47..0b8f7d3f36 100644 --- a/traffic_router/core/src/test/java/com/comcast/cdn/traffic_control/traffic_router/core/dns/keys/ZoneTestRecords.java +++ b/traffic_router/shared/src/main/java/com/comcast/cdn/traffic_control/traffic_router/shared/ZoneTestRecords.java @@ -13,7 +13,7 @@ * limitations under the License. */ -package com.comcast.cdn.traffic_control.traffic_router.core.dns.keys; +package com.comcast.cdn.traffic_control.traffic_router.shared; import com.comcast.cdn.traffic_control.traffic_router.secure.BindPrivateKey; import com.comcast.cdn.traffic_control.traffic_router.secure.Pkcs1KeySpecDecoder; @@ -48,21 +48,22 @@ import static org.xbill.DNS.DNSKEYRecord.Protocol.DNSSEC; import static org.xbill.DNS.DNSSEC.Algorithm.RSASHA1; +@SuppressWarnings("PMD") public class ZoneTestRecords { - static List<Record> records; + public static List<Record> records; - static Date start; - static Date expiration; - static Name origin; - static Date sep_1_2016 = new Date(1472688000000L); - static Date sep_1_2026 = new Date(1788220800000L); - static DNSKEYRecord zoneSigningKeyRecord; - static DNSKEYRecord keySigningKeyRecord; + public static Date start; + public static Date expiration; + public static Name origin; + public static Date sep_1_2016 = new Date(1472688000000L); + public static Date sep_1_2026 = new Date(1788220800000L); + public static DNSKEYRecord zoneSigningKeyRecord; + public static DNSKEYRecord keySigningKeyRecord; - static KeyPair ksk1; - static KeyPair zsk1; - static KeyPair ksk2; - static KeyPair zsk2; + public static KeyPair ksk1; + public static KeyPair zsk1; + public static KeyPair ksk2; + public static KeyPair zsk2; static List<KeyPair> generateKeyPairs() throws Exception { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); @@ -81,7 +82,7 @@ private static KeyPair recreateKeyPair(String publicKey, String privateKey) thro return new KeyPair(publicKeyCopy, privateKeyCopy); } - static List<Record> generateZoneRecords(boolean makeNewKeyPairs) throws Exception { + public static List<Record> generateZoneRecords(boolean makeNewKeyPairs) throws Exception { start = new Date(System.currentTimeMillis() - (24 * 3600 * 1000)); expiration = new Date(System.currentTimeMillis() + (7 * 24 * 3600 * 1000)); ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
