Skip to content
Permalink
Browse files

Use java.time instead of Date

Closes #65
  • Loading branch information...
ibauersachs committed Sep 3, 2019
1 parent 9de972d commit 0b215533206efc47d903a24f9879d3f942996df1
@@ -24,7 +24,7 @@
import java.security.spec.ECPublicKeySpec;
import java.security.spec.EllipticCurve;
import java.security.spec.RSAPublicKeySpec;
import java.util.Date;
import java.time.Instant;

/**
* Constants and methods relating to DNSSEC.
@@ -129,8 +129,8 @@ private static void digestSIG(DNSOutput out, SIGBase sig) {
out.writeU8(sig.getAlgorithm());
out.writeU8(sig.getLabels());
out.writeU32(sig.getOrigTTL());
out.writeU32(sig.getExpire().getTime() / 1000);
out.writeU32(sig.getTimeSigned().getTime() / 1000);
out.writeU32(sig.getExpire().getEpochSecond());
out.writeU32(sig.getTimeSigned().getEpochSecond());
out.writeU16(sig.getFootprint());
sig.getSigner().toWireCanonical(out);
}
@@ -247,42 +247,42 @@ private static void digestSIG(DNSOutput out, SIGBase sig) {

/** A DNSSEC verification failed because the signature has expired. */
public static class SignatureExpiredException extends DNSSECException {
private Date when, now;
private Instant when, now;

SignatureExpiredException(Date when, Date now) {
SignatureExpiredException(Instant when, Instant now) {
super("signature expired");
this.when = when;
this.now = now;
}

/** @return When the signature expired */
public Date getExpiration() {
public Instant getExpiration() {
return when;
}

/** @return When the verification was attempted */
public Date getVerifyTime() {
public Instant getVerifyTime() {
return now;
}
}

/** A DNSSEC verification failed because the signature has not yet become valid. */
public static class SignatureNotYetValidException extends DNSSECException {
private Date when, now;
private Instant when, now;

SignatureNotYetValidException(Date when, Date now) {
SignatureNotYetValidException(Instant when, Instant now) {
super("signature is not yet valid");
this.when = when;
this.now = now;
}

/** @return When the signature will become valid */
public Date getExpiration() {
public Instant getExpiration() {
return when;
}

/** @return When the verification was attempted */
public Date getVerifyTime() {
public Instant getVerifyTime() {
return now;
}
}
@@ -955,7 +955,7 @@ private static boolean matches(SIGBase sig, KEYBase key) {
*/
public static void verify(RRset rrset, RRSIGRecord rrsig, DNSKEYRecord key)
throws DNSSECException {
verify(rrset, rrsig, key, new Date());
verify(rrset, rrsig, key, Instant.now());
}

/**
@@ -973,7 +973,7 @@ public static void verify(RRset rrset, RRSIGRecord rrsig, DNSKEYRecord key)
* @throws SignatureVerificationException The signature does not verify.
* @throws DNSSECException Some other error occurred.
*/
public static void verify(RRset<?> rrset, RRSIGRecord rrsig, DNSKEYRecord key, Date date)
public static void verify(RRset<?> rrset, RRSIGRecord rrsig, DNSKEYRecord key, Instant date)
throws DNSSECException {
if (!matches(rrsig, key)) {
throw new KeyMismatchException(key, rrsig);
@@ -1084,7 +1084,7 @@ static void checkAlgorithm(PrivateKey key, int alg) throws UnsupportedAlgorithmE
* @return The generated signature
*/
public static RRSIGRecord sign(
RRset rrset, DNSKEYRecord key, PrivateKey privkey, Date inception, Date expiration)
RRset rrset, DNSKEYRecord key, PrivateKey privkey, Instant inception, Instant expiration)
throws DNSSECException {
return sign(rrset, key, privkey, inception, expiration, null);
}
@@ -1109,8 +1109,8 @@ public static RRSIGRecord sign(
RRset<?> rrset,
DNSKEYRecord key,
PrivateKey privkey,
Date inception,
Date expiration,
Instant inception,
Instant expiration,
String provider)
throws DNSSECException {
int alg = key.getAlgorithm();
@@ -1139,8 +1139,8 @@ static SIGRecord signMessage(
SIGRecord previous,
KEYRecord key,
PrivateKey privkey,
Date inception,
Date expiration)
Instant inception,
Instant expiration)
throws DNSSECException {
int alg = key.getAlgorithm();
checkAlgorithm(privkey, alg);
@@ -1180,7 +1180,7 @@ static void verifyMessage(
throw new KeyMismatchException(key, sig);
}

Date now = new Date();
Instant now = Instant.now();

if (now.compareTo(sig.getExpire()) > 0) {
throw new SignatureExpiredException(sig.getExpire(), now);
@@ -2,78 +2,40 @@

package org.xbill.DNS;

import java.text.DecimalFormat;
import java.text.NumberFormat;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;
import java.time.Instant;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.time.format.DateTimeParseException;

/**
* Routines for converting time values to and from YYYYMMDDHHMMSS format.
*
* @author Brian Wellington
*/
final class FormattedTime {

private static NumberFormat w2, w4;

static {
w2 = new DecimalFormat();
w2.setMinimumIntegerDigits(2);

w4 = new DecimalFormat();
w4.setMinimumIntegerDigits(4);
w4.setGroupingUsed(false);
}
private static final DateTimeFormatter DEFAULT_FORMAT =
DateTimeFormatter.ofPattern("yyyyMMddHHmmss").withZone(ZoneOffset.UTC);

private FormattedTime() {}

/**
* Converts a Date into a formatted string.
*
* @param date The Date to convert.
* @param date The Instant to convert.
* @return The formatted string.
*/
public static String format(Date date) {
Calendar c = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
StringBuilder sb = new StringBuilder();

c.setTime(date);
sb.append(w4.format(c.get(Calendar.YEAR)));
sb.append(w2.format(c.get(Calendar.MONTH) + 1));
sb.append(w2.format(c.get(Calendar.DAY_OF_MONTH)));
sb.append(w2.format(c.get(Calendar.HOUR_OF_DAY)));
sb.append(w2.format(c.get(Calendar.MINUTE)));
sb.append(w2.format(c.get(Calendar.SECOND)));
return sb.toString();
public static String format(Instant date) {
return DEFAULT_FORMAT.format(date);
}

/**
* Parses a formatted time string into a Date.
* Parses a formatted time string into an Instant.
*
* @param s The string, in the form YYYYMMDDHHMMSS.
* @return The Date object.
* @throws TextParseException The string was invalid.
* @return The Instant object.
* @throws DateTimeParseException The string was invalid.
*/
public static Date parse(String s) throws TextParseException {
if (s.length() != 14) {
throw new TextParseException("Invalid time encoding: " + s);
}

Calendar c = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
c.clear();
try {
int year = Integer.parseInt(s.substring(0, 4));
int month = Integer.parseInt(s.substring(4, 6)) - 1;
int date = Integer.parseInt(s.substring(6, 8));
int hour = Integer.parseInt(s.substring(8, 10));
int minute = Integer.parseInt(s.substring(10, 12));
int second = Integer.parseInt(s.substring(12, 14));
c.set(year, month, date, hour, minute, second);
} catch (NumberFormatException e) {
throw new TextParseException("Invalid time encoding: " + s);
}
return c.getTime();
public static Instant parse(String s) throws DateTimeParseException {
return DEFAULT_FORMAT.parse(s, Instant::from);
}
}
@@ -2,7 +2,7 @@

package org.xbill.DNS;

import java.util.Date;
import java.time.Instant;

/**
* Resource Record Signature - An RRSIG provides the digital signature of an RRset, so that the data
@@ -46,8 +46,8 @@ public RRSIGRecord(
int covered,
int alg,
long origttl,
Date expire,
Date timeSigned,
Instant expire,
Instant timeSigned,
int footprint,
Name signer,
byte[] signature) {
@@ -3,7 +3,8 @@
package org.xbill.DNS;

import java.security.PrivateKey;
import java.util.Date;
import java.time.Duration;
import java.time.Instant;

/**
* Creates SIG(0) transaction signatures.
@@ -17,7 +18,7 @@
* The default validity period for outgoing SIG(0) signed messages. Can be overriden by the
* sig0validity option.
*/
private static final short VALIDITY = 300;
private static final Duration VALIDITY = Duration.ofSeconds(300);

private SIG0() {}

@@ -34,14 +35,16 @@ public static void signMessage(
Message message, KEYRecord key, PrivateKey privkey, SIGRecord previous)
throws DNSSEC.DNSSECException {

int validity = Options.intValue("sig0validity");
if (validity < 0) {
int validityOption = Options.intValue("sig0validity");
Duration validity;
if (validityOption < 0) {
validity = VALIDITY;
} else {
validity = Duration.ofSeconds(validityOption);
}

long now = System.currentTimeMillis();
Date timeSigned = new Date(now);
Date timeExpires = new Date(now + validity * 1000);
Instant timeSigned = Instant.now();
Instant timeExpires = timeSigned.plus(validity);

SIGRecord sig = DNSSEC.signMessage(message, previous, key, privkey, timeSigned, timeExpires);

@@ -3,7 +3,7 @@
package org.xbill.DNS;

import java.io.IOException;
import java.util.Date;
import java.time.Instant;
import org.xbill.DNS.utils.base64;

/**
@@ -18,7 +18,7 @@
protected int covered;
protected int alg, labels;
protected long origttl;
protected Date expire, timeSigned;
protected Instant expire, timeSigned;
protected int footprint;
protected Name signer;
protected byte[] signature;
@@ -33,8 +33,8 @@ public SIGBase(
int covered,
int alg,
long origttl,
Date expire,
Date timeSigned,
Instant expire,
Instant timeSigned,
int footprint,
Name signer,
byte[] signature) {
@@ -61,8 +61,8 @@ void rrFromWire(DNSInput in) throws IOException {
alg = in.readU8();
labels = in.readU8();
origttl = in.readU32();
expire = new Date(1000 * in.readU32());
timeSigned = new Date(1000 * in.readU32());
expire = Instant.ofEpochSecond(in.readU32());
timeSigned = Instant.ofEpochSecond(in.readU32());
footprint = in.readU16();
signer = new Name(in);
signature = in.readByteArray();
@@ -159,12 +159,12 @@ public long getOrigTTL() {
}

/** Returns the time at which the signature expires */
public Date getExpire() {
public Instant getExpire() {
return expire;
}

/** Returns the time at which this signature was generated */
public Date getTimeSigned() {
public Instant getTimeSigned() {
return timeSigned;
}

@@ -193,8 +193,8 @@ void rrToWire(DNSOutput out, Compression c, boolean canonical) {
out.writeU8(alg);
out.writeU8(labels);
out.writeU32(origttl);
out.writeU32(expire.getTime() / 1000);
out.writeU32(timeSigned.getTime() / 1000);
out.writeU32(expire.getEpochSecond());
out.writeU32(timeSigned.getEpochSecond());
out.writeU16(footprint);
signer.toWire(out, null, canonical);
out.writeByteArray(signature);
@@ -2,7 +2,7 @@

package org.xbill.DNS;

import java.util.Date;
import java.time.Instant;

/**
* Signature - A SIG provides the digital signature of an RRset, so that the data can be
@@ -45,8 +45,8 @@ public SIGRecord(
int covered,
int alg,
long origttl,
Date expire,
Date timeSigned,
Instant expire,
Instant timeSigned,
int footprint,
Name signer,
byte[] signature) {

0 comments on commit 0b21553

Please sign in to comment.
You can’t perform that action at this time.