Use generic signing time parsing

build.gradle

@@ -10,8 +10,6 @@ plugins {
 apply plugin: 'java'
 apply plugin: 'io.spring.dependency-management'
 
-apply from: "dependencies.gradle"
-
 group = 'net.ripe.rpki'
 version = '0.0.1-SNAPSHOT'
 
@@ -33,7 +31,7 @@ dependencies {
     implementation 'com.google.guava:guava:31.1-jre'
     implementation 'org.apache.commons:commons-lang3:3.0'
 
-    implementation "net.ripe.rpki:rpki-commons:$rpki_commons_version"
+    implementation "net.ripe.rpki:rpki-commons:1.35"
 
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
 }

src/main/java/net/ripe/rpki/rsyncit/rrdp/RrdpFetcher.java

@@ -3,20 +3,18 @@
 import com.google.common.annotations.VisibleForTesting;
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
+import net.ripe.rpki.commons.crypto.cms.GenericRpkiSignedObjectParser;
 import net.ripe.rpki.commons.crypto.cms.RpkiSignedObject;
 import net.ripe.rpki.commons.crypto.cms.RpkiSignedObjectParser;
-import net.ripe.rpki.commons.crypto.cms.aspa.AspaCmsParser;
-import net.ripe.rpki.commons.crypto.cms.ghostbuster.GhostbustersCmsParser;
-import net.ripe.rpki.commons.crypto.cms.manifest.ManifestCmsParser;
-import net.ripe.rpki.commons.crypto.cms.roa.RoaCmsParser;
 import net.ripe.rpki.commons.crypto.crl.X509Crl;
 import net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateParser;
 import net.ripe.rpki.commons.util.RepositoryObjectType;
+import net.ripe.rpki.commons.util.XML;
 import net.ripe.rpki.commons.validation.ValidationResult;
 import net.ripe.rpki.rsyncit.config.Config;
 import net.ripe.rpki.rsyncit.util.Sha256;
 import net.ripe.rpki.rsyncit.util.Time;
-import net.ripe.rpki.rsyncit.util.XML;
+import org.joda.time.DateTime;
 import org.springframework.http.HttpRequest;
 import org.springframework.web.reactive.function.client.WebClient;
 import org.springframework.web.reactive.function.client.WebClientRequestException;
@@ -120,7 +118,7 @@ public FetchResult fetchObjectsEx() {
             return new FailedFetch(e);
         } catch (WebClientRequestException e) {
             // TODO: Exception handling could be a lot nicer. However we are mixing reactive and synchronous code,
-            //  and a nice solution probably requires major changes.
+            // and a nice solution probably requires major changes.
             log.error("Web client request exception, only known cause is a timeout.", e);
             return new Timeout();
         }
@@ -131,7 +129,7 @@ FetchResult processNotificationXml(byte[] notificationBytes, Function<String, Do
         if (notificationBytes == null || notificationBytes.length == 0) {
             throw new NotificationStructureException("Empty notification file.");
         }
-        final DocumentBuilder documentBuilder = XML.newDocumentBuilder();
+        final DocumentBuilder documentBuilder = XML.newNonNamespaceAwareDocumentBuilder();
         final Document notificationXmlDoc = documentBuilder.parse(new ByteArrayInputStream(notificationBytes));
 
         var notification = validateNotificationStructure(notificationXmlDoc);
@@ -280,36 +278,29 @@ private ProcessPublishElementResult processPublishElements(Element doc, Optional
         return new ProcessPublishElementResult(objects, collisionCount.get());
     }
 
-    private static Instant extractSigningTime(RpkiSignedObject o) {
-        return Instant.ofEpochMilli(o.getSigningTime().getMillis());
-    }
-
     private Instant getTimestampForObject(final String objectUri, final byte[] decoded, Instant lastModified) {
         final RepositoryObjectType objectType = RepositoryObjectType.parse(objectUri);
         try {
             return switch (objectType) {
-                case Certificate -> {
+                case Manifest:
+                case Aspa:
+                case Roa:
+                case Gbr:
+                    var signedObjectParser = new GenericRpkiSignedObjectParser();
+
+                    signedObjectParser.parse(ValidationResult.withLocation(objectUri), decoded);
+                    yield Instant.ofEpochMilli(signedObjectParser.getSigningTime().getMillis());
+                case Certificate:
                     X509ResourceCertificateParser x509CertificateParser = new X509ResourceCertificateParser();
                     x509CertificateParser.parse(ValidationResult.withLocation(objectUri), decoded);
                     final var cert = x509CertificateParser.getCertificate().getCertificate();
                     yield Instant.ofEpochMilli(cert.getNotBefore().getTime());
-                }
-                case Crl -> {
-                    final ValidationResult result = ValidationResult.withLocation(objectUri);
-                    final X509Crl x509Crl = X509Crl.parseDerEncoded(decoded, result);
-                    checkResult(objectUri, result);
-                    yield Instant.ofEpochMilli(x509Crl.getCrl().getThisUpdate().getTime());
-                }
-                case Manifest ->
-                    extractSigningTime(tryParse(new ManifestCmsParser(), objectUri, decoded).getManifestCms());
-                case Aspa ->
-                    extractSigningTime(tryParse(new AspaCmsParser(), objectUri, decoded).getAspa());
-                case Roa ->
-                    extractSigningTime(tryParse(new RoaCmsParser(), objectUri, decoded).getRoaCms());
-                case Gbr ->
-                    extractSigningTime(tryParse(new GhostbustersCmsParser(), objectUri, decoded).getGhostbustersCms());
-                case Unknown ->
-                    lastModified;
+                case Crl:
+                    final X509Crl x509Crl = X509Crl.parseDerEncoded(decoded, ValidationResult.withLocation(objectUri));
+                    final var crl = x509Crl.getCrl();
+                    yield Instant.ofEpochMilli(crl.getThisUpdate().getTime());
+                case Unknown:
+                    yield lastModified;
             };
         } catch (Exception e) {
             metrics.badObject();