ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-14 00:39:57 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Renaming DAO for the CSR (#500)

Browse Source
This commit is contained in:
Michal Kit 2018-03-02 12:15:46 +00:00 committed by GitHub
parent 965035a92e
commit 021b677b7d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 34 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/CertificationRequestStorage.kt → network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/CertificateSigningRequestStorage.kt
View File

@ -18,7 +18,7 @@ data class CertificateSigningRequest(val requestId: String,
/**
* Provide certificate signing request storage for the certificate signing server.
*/
interface CertificationRequestStorage {
interface CertificateSigningRequestStorage {
companion object {
val DOORMAN_SIGNATURE = "Doorman"
}

8
network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentCertificateRequestStorage.kt → network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentCertificateSigningRequestStorage.kt
View File

@ -17,9 +17,9 @@ import java.time.Instant
import javax.security.auth.x500.X500Principal
/**
* Database implementation of the [CertificationRequestStorage] interface.
* Database implementation of the [CertificateSigningRequestStorage] interface.
*/
class PersistentCertificateRequestStorage(private val database: CordaPersistence) : CertificationRequestStorage {
class PersistentCertificateSigningRequestStorage(private val database: CordaPersistence) : CertificateSigningRequestStorage {
companion object {
// TODO: make this configurable?
private val allowedCertRoles = setOf(CertRole.NODE_CA, CertRole.SERVICE_IDENTITY)
@ -56,7 +56,7 @@ class PersistentCertificateRequestStorage(private val database: CordaPersistence
legalName = legalName,
publicKeyHash = toSupportedPublicKey(request.subjectPublicKeyInfo).hashString(),
requestBytes = request.encoded,
modifiedBy = CertificationRequestStorage.DOORMAN_SIGNATURE,
modifiedBy = CertificateSigningRequestStorage.DOORMAN_SIGNATURE,
status = RequestStatus.NEW
)
} catch (e: RequestValidationException) {
@ -66,7 +66,7 @@ class PersistentCertificateRequestStorage(private val database: CordaPersistence
publicKeyHash = toSupportedPublicKey(request.subjectPublicKeyInfo).hashString(),
requestBytes = request.encoded,
remark = e.rejectMessage,
modifiedBy = CertificationRequestStorage.DOORMAN_SIGNATURE,
modifiedBy = CertificateSigningRequestStorage.DOORMAN_SIGNATURE,
status = RequestStatus.REJECTED
)
}

6
network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt
View File

@ -1,7 +1,7 @@
package com.r3.corda.networkmanage.doorman
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.configureDatabase
import com.r3.corda.networkmanage.common.utils.*
import com.r3.corda.networkmanage.doorman.signer.LocalSigner
@ -33,7 +33,7 @@ private fun processKeyStore(parameters: NetworkManagementServerParameters): Pair
/**
* This storage automatically approves all created requests.
*/
class ApproveAllCertificateRequestStorage(private val delegate: CertificationRequestStorage) : CertificationRequestStorage by delegate {
class ApproveAllCertificateRequestStorage(private val delegate: CertificateSigningRequestStorage) : CertificateSigningRequestStorage by delegate {
override fun saveRequest(request: PKCS10CertificationRequest): String {
val requestId = delegate.saveRequest(request)
delegate.markRequestTicketCreated(requestId)

6
network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/NetworkManagementServer.kt
View File

@ -1,7 +1,7 @@
package com.r3.corda.networkmanage.doorman
import com.atlassian.jira.rest.client.internal.async.AsynchronousJiraRestClientFactory
import com.r3.corda.networkmanage.common.persistence.PersistentCertificateRequestStorage
import com.r3.corda.networkmanage.common.persistence.PersistentCertificateSigningRequestStorage
import com.r3.corda.networkmanage.common.persistence.PersistentNetworkMapStorage
import com.r3.corda.networkmanage.common.persistence.PersistentNodeInfoStorage
import com.r3.corda.networkmanage.common.signer.NetworkMapSigner
@ -85,9 +85,9 @@ class NetworkManagementServer : Closeable {
val requestService = if (config.approveAll) {
require(config.jira == null) { "Jira configuration cannot be specified when the approveAll parameter is set to true." }
logger.warn("Doorman server is in 'Approve All' mode, this will approve all incoming certificate signing requests.")
ApproveAllCertificateRequestStorage(PersistentCertificateRequestStorage(database))
ApproveAllCertificateRequestStorage(PersistentCertificateSigningRequestStorage(database))
} else {
PersistentCertificateRequestStorage(database)
PersistentCertificateSigningRequestStorage(database)
}
val jiraConfig = config.jira

8
network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/CsrHandler.kt
View File

@ -1,13 +1,11 @@
package com.r3.corda.networkmanage.doorman.signer
import com.r3.corda.networkmanage.common.persistence.CertificateResponse
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.RequestStatus
import com.r3.corda.networkmanage.common.utils.CertPathAndKey
import com.r3.corda.networkmanage.common.utils.getCertRole
import net.corda.core.internal.CertRole
import net.corda.nodeapi.internal.crypto.CertificateType
import net.corda.nodeapi.internal.crypto.X509CertificateFactory
import net.corda.nodeapi.internal.crypto.X509Utilities
import net.corda.nodeapi.internal.crypto.certificateType
@ -25,7 +23,7 @@ interface CsrHandler {
fun getResponse(requestId: String): CertificateResponse
}
class DefaultCsrHandler(private val storage: CertificationRequestStorage,
class DefaultCsrHandler(private val storage: CertificateSigningRequestStorage,
private val csrCertPathAndKey: CertPathAndKey?) : CsrHandler {
override fun processRequests() {

4
network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/JiraCsrHandler.kt
View File

@ -2,7 +2,7 @@ package com.r3.corda.networkmanage.doorman.signer
import com.r3.corda.networkmanage.common.persistence.CertificateResponse
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequest
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage
import com.r3.corda.networkmanage.common.persistence.RequestStatus
import com.r3.corda.networkmanage.doorman.ApprovedRequest
import com.r3.corda.networkmanage.doorman.JiraClient
@ -10,7 +10,7 @@ import com.r3.corda.networkmanage.doorman.RejectedRequest
import net.corda.core.utilities.contextLogger
import org.bouncycastle.pkcs.PKCS10CertificationRequest
class JiraCsrHandler(private val jiraClient: JiraClient, private val storage: CertificationRequestStorage, private val delegate: CsrHandler) : CsrHandler by delegate {
class JiraCsrHandler(private val jiraClient: JiraClient, private val storage: CertificateSigningRequestStorage, private val delegate: CsrHandler) : CsrHandler by delegate {
private companion object {
val log = contextLogger()
}

4
network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/DBSignedCertificateRequestStorage.kt
View File

@ -1,7 +1,7 @@
package com.r3.corda.networkmanage.hsm.persistence
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequest
import com.r3.corda.networkmanage.common.persistence.PersistentCertificateRequestStorage
import com.r3.corda.networkmanage.common.persistence.PersistentCertificateSigningRequestStorage
import com.r3.corda.networkmanage.common.persistence.RequestStatus
import net.corda.nodeapi.internal.persistence.CordaPersistence
import org.bouncycastle.pkcs.PKCS10CertificationRequest
@ -11,7 +11,7 @@ data class ApprovedCertificateRequestData(val requestId: String, val request: PK
class DBSignedCertificateRequestStorage(database: CordaPersistence) : SignedCertificateRequestStorage {
private val storage = PersistentCertificateRequestStorage(database)
private val storage = PersistentCertificateSigningRequestStorage(database)
override fun store(requests: List<ApprovedCertificateRequestData>, signer: String) {
for ((requestId, _, certPath) in requests) {

6
network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentCertificateRequestStorageTest.kt
View File

@ -1,7 +1,7 @@
package com.r3.corda.networkmanage.common.persistence
import com.r3.corda.networkmanage.TestBase
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.entity.CertificateSigningRequestEntity
import net.corda.core.crypto.Crypto
import net.corda.core.crypto.SecureHash
@ -25,13 +25,13 @@ import javax.security.auth.x500.X500Principal
import kotlin.test.*
class PersistentCertificateRequestStorageTest : TestBase() {
private lateinit var storage: PersistentCertificateRequestStorage
private lateinit var storage: PersistentCertificateSigningRequestStorage
private lateinit var persistence: CordaPersistence
@Before
fun startDb() {
persistence = configureDatabase(makeTestDataSourceProperties(), DatabaseConfig(runMigration = true))
storage = PersistentCertificateRequestStorage(persistence)
storage = PersistentCertificateSigningRequestStorage(persistence)
}
@After

4
network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNetworkMapStorageTest.kt
View File

@ -22,7 +22,7 @@ class PersistentNetworkMapStorageTest : TestBase() {
private lateinit var persistence: CordaPersistence
private lateinit var networkMapStorage: PersistentNetworkMapStorage
private lateinit var nodeInfoStorage: PersistentNodeInfoStorage
private lateinit var requestStorage: PersistentCertificateRequestStorage
private lateinit var requestStorage: PersistentCertificateSigningRequestStorage
private lateinit var rootCaCert: X509Certificate
private lateinit var networkMapCa: CertificateAndKeyPair
@ -35,7 +35,7 @@ class PersistentNetworkMapStorageTest : TestBase() {
persistence = configureDatabase(makeTestDataSourceProperties(), DatabaseConfig(runMigration = true))
networkMapStorage = PersistentNetworkMapStorage(persistence)
nodeInfoStorage = PersistentNodeInfoStorage(persistence)
requestStorage = PersistentCertificateRequestStorage(persistence)
requestStorage = PersistentCertificateSigningRequestStorage(persistence)
}
@After

10
network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorageTest.kt
View File

@ -28,7 +28,7 @@ import kotlin.test.assertNotNull
import kotlin.test.assertNull
class PersistentNodeInfoStorageTest : TestBase() {
private lateinit var requestStorage: CertificationRequestStorage
private lateinit var requestStorage: CertificateSigningRequestStorage
private lateinit var nodeInfoStorage: PersistentNodeInfoStorage
private lateinit var persistence: CordaPersistence
private lateinit var rootCaCert: X509Certificate
@ -41,7 +41,7 @@ class PersistentNodeInfoStorageTest : TestBase() {
this.intermediateCa = intermediateCa
persistence = configureDatabase(MockServices.makeTestDataSourceProperties(), DatabaseConfig(runMigration = true))
nodeInfoStorage = PersistentNodeInfoStorage(persistence)
requestStorage = PersistentCertificateRequestStorage(persistence)
requestStorage = PersistentCertificateSigningRequestStorage(persistence)
}
@After
@ -65,14 +65,14 @@ class PersistentNodeInfoStorageTest : TestBase() {
val requestId = requestStorage.saveRequest(request)
requestStorage.markRequestTicketCreated(requestId)
requestStorage.approveRequest(requestId, CertificationRequestStorage.DOORMAN_SIGNATURE)
requestStorage.approveRequest(requestId, CertificateSigningRequestStorage.DOORMAN_SIGNATURE)
assertNull(nodeInfoStorage.getCertificatePath(SecureHash.parse(keyPair.public.hashString())))
requestStorage.putCertificatePath(
requestId,
X509Utilities.buildCertPath(nodeCaCert, intermediateCa.certificate, rootCaCert),
CertificationRequestStorage.DOORMAN_SIGNATURE)
CertificateSigningRequestStorage.DOORMAN_SIGNATURE)
val storedCertPath = nodeInfoStorage.getCertificatePath(SecureHash.parse(keyPair.public.hashString()))
assertNotNull(storedCertPath)
@ -132,7 +132,7 @@ class PersistentNodeInfoStorageTest : TestBase() {
}
internal fun createValidSignedNodeInfo(organisation: String,
storage: CertificationRequestStorage): Pair<NodeInfoWithSigned, PrivateKey> {
storage: CertificateSigningRequestStorage): Pair<NodeInfoWithSigned, PrivateKey> {
val (csr, nodeKeyPair) = createRequest(organisation, certRole = CertRole.NODE_CA)
val requestId = storage.saveRequest(csr)
storage.markRequestTicketCreated(requestId)

10
network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/signer/DefaultCsrHandlerTest.kt
View File

@ -4,8 +4,8 @@ import com.nhaarman.mockito_kotlin.*
import com.r3.corda.networkmanage.TestBase
import com.r3.corda.networkmanage.common.persistence.CertificateResponse
import com.r3.corda.networkmanage.common.persistence.CertificateStatus
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage
import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequestStorage.Companion.DOORMAN_SIGNATURE
import com.r3.corda.networkmanage.common.persistence.RequestStatus
import com.r3.corda.networkmanage.common.utils.CertPathAndKey
import net.corda.core.crypto.Crypto
@ -26,7 +26,7 @@ class DefaultCsrHandlerTest : TestBase() {
val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME)
val cert = X509Utilities.createSelfSignedCACertificate(X500Principal("O=Test,L=London,C=GB"), keyPair)
val requestStorage: CertificationRequestStorage = mock {
val requestStorage: CertificateSigningRequestStorage = mock {
on { getRequest("New") }.thenReturn(certificateSigningRequest())
on { getRequest("Signed") }.thenReturn(certificateSigningRequest(
status = RequestStatus.DONE,
@ -51,7 +51,7 @@ class DefaultCsrHandlerTest : TestBase() {
Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME))
}
val requestStorage: CertificationRequestStorage = mock {
val requestStorage: CertificateSigningRequestStorage = mock {
on { getRequests(RequestStatus.APPROVED) }.thenReturn(listOf(
certificateSigningRequest(requestId = "1", request = requests[0], status = RequestStatus.APPROVED),
certificateSigningRequest(requestId = "2", request = requests[1], status = RequestStatus.APPROVED)
@ -97,7 +97,7 @@ class DefaultCsrHandlerTest : TestBase() {
Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME), certRole = CertRole.SERVICE_IDENTITY)
}
val requestStorage: CertificationRequestStorage = mock {
val requestStorage: CertificateSigningRequestStorage = mock {
on { getRequests(RequestStatus.APPROVED) }.thenReturn(listOf(
certificateSigningRequest(requestId = "1", request = requests[0], status = RequestStatus.APPROVED)
))

2
network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/signer/JiraCsrHandlerTest.kt
View File

@ -28,7 +28,7 @@ class JiraCsrHandlerTest : TestBase() {
private lateinit var jiraClient: JiraClient
@Mock
private lateinit var certificationRequestStorage: CertificationRequestStorage
private lateinit var certificationRequestStorage: CertificateSigningRequestStorage
@Mock
private lateinit var defaultCsrHandler: DefaultCsrHandler