Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add withValidityPeriod to MFT and CRL builders #141

Merged
merged 6 commits into from
Jan 10, 2024

Conversation

lolepezy
Copy link
Contributor

@lolepezy lolepezy commented Dec 14, 2023

  • I have updated the changelog in README.md

This is to avoid mistakes with setting validity dates and getting them backwards (learned the hard way)

@lolepezy lolepezy requested review from ties and bjpbakker December 14, 2023 14:10
public DateTime getThisUpdateTime() {
return thisUpdateTime;
}

public X509CrlBuilder withNextUpdateTime(DateTime instant) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can even deprecate the old ones with annotations since they are a footcannon? Not sure if we ever need to set just one.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's also curious to think about where we can check that a validityperiod is sane, but that would be hard for any valid object. Maybe in the validation checks in the generic signed object parser?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point,
search says that they are not used separately anywhere
https://github.com/search?q=org%3ARIPE-NCC%20withNextUpdateTime&type=code
So I'll mark them as deprecated

Copy link
Contributor Author

@lolepezy lolepezy Dec 18, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ValidityPeriod does the check that the second date is >= the first one, so it's relatively sane. Can't come up with a good idea what is the use case of notValidBefore.isEqual(notValidAfter) though.

@lolepezy lolepezy requested a review from ties December 18, 2023 11:56
public void shouldBeEquivalentToSetDateInDifferentWays() {
var builder1 = new ManifestCmsBuilder();
builder1.withManifestNumber(BigInteger.valueOf(68));
builder1.withThisUpdateTime(THIS_UPDATE_TIME);

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
ManifestCmsBuilder.withThisUpdateTime
should be avoided because it has been deprecated.
var builder1 = new ManifestCmsBuilder();
builder1.withManifestNumber(BigInteger.valueOf(68));
builder1.withThisUpdateTime(THIS_UPDATE_TIME);
builder1.withNextUpdateTime(NEXT_UPDATE_TIME);

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
ManifestCmsBuilder.withNextUpdateTime
should be avoided because it has been deprecated.
var builder2 = new ManifestCmsBuilder();
builder2.withManifestNumber(BigInteger.valueOf(68));
builder2.withValidityPeriod(new ValidityPeriod(THIS_UPDATE_TIME, NEXT_UPDATE_TIME));
builder2.withNextUpdateTime(NEXT_UPDATE_TIME);

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
ManifestCmsBuilder.withNextUpdateTime
should be avoided because it has been deprecated.
public void shouldBeEquivalentToSetDateInDifferentWays() {
var builder1 = new X509CrlBuilder();
builder1.withIssuerDN(new X500Principal("CN=ROOT"));
builder1.withThisUpdateTime(THIS_UPDATE_TIME);

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
X509CrlBuilder.withThisUpdateTime
should be avoided because it has been deprecated.
var builder1 = new X509CrlBuilder();
builder1.withIssuerDN(new X500Principal("CN=ROOT"));
builder1.withThisUpdateTime(THIS_UPDATE_TIME);
builder1.withNextUpdateTime(NEXT_UPDATE_TIME);

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
X509CrlBuilder.withNextUpdateTime
should be avoided because it has been deprecated.
Copy link
Member

@bjpbakker bjpbakker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to update the tests to no longer use the deprecated methods (except when explicitly testing these methods) and use withValidityPeriod.

@lolepezy
Copy link
Contributor Author

lolepezy commented Jan 5, 2024

It would be good to update the tests to no longer use the deprecated methods (except when explicitly testing these methods) and use withValidityPeriod.

Yeah, makes sense.
Replaced their usage (mostly)

@lolepezy lolepezy requested a review from bjpbakker January 5, 2024 15:53
@lolepezy lolepezy requested a review from ties January 10, 2024 15:27
@lolepezy lolepezy force-pushed the add-validity-period-to-mft-crl-builders branch from 753822b to 61db747 Compare January 10, 2024 15:43
@lolepezy lolepezy requested review from bjpbakker and removed request for bjpbakker January 10, 2024 16:20
@lolepezy lolepezy dismissed bjpbakker’s stale review January 10, 2024 16:21

Because it's already done and I don't get how GH UI works

@lolepezy lolepezy merged commit d1be8ff into main Jan 10, 2024
6 checks passed
@lolepezy lolepezy deleted the add-validity-period-to-mft-crl-builders branch January 10, 2024 16:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants