Clean up of network-management to make more use of the existing X509 utilities (#419)

2025-06-16 06:08:13 +00:00 · 2018-01-29 12:49:58 +00:00
parent 3d32760dcc
commit 2432b1380e
18 changed files with 126 additions and 164 deletions
--- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentCertificateRequestStorageTest.kt
+++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentCertificateRequestStorageTest.kt
@ -3,14 +3,13 @@ package com.r3.corda.networkmanage.common.persistence
 import com.r3.corda.networkmanage.TestBase
 import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE
 import com.r3.corda.networkmanage.common.persistence.entity.CertificateSigningRequestEntity
-import com.r3.corda.networkmanage.common.utils.buildCertPath
 import net.corda.core.crypto.Crypto
 import net.corda.core.crypto.SecureHash
 import net.corda.core.identity.CordaX500Name
 import net.corda.nodeapi.internal.crypto.X509Utilities
 import net.corda.nodeapi.internal.persistence.CordaPersistence
-import net.corda.testing.internal.createDevNodeCaCertPath
 import net.corda.nodeapi.internal.persistence.DatabaseConfig
+import net.corda.testing.internal.createDevNodeCaCertPath
 import org.assertj.core.api.Assertions.assertThat
 import org.bouncycastle.pkcs.PKCS10CertificationRequest
 import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest
@ -228,9 +227,8 @@ class PersistentCertificateRequestStorageTest : TestBase() {

    private fun generateSignedCertPath(csr: PKCS10CertificationRequest, keyPair: KeyPair): CertPath {
        return JcaPKCS10CertificationRequest(csr).run {
-            // TODO We need a utility in InternalUtils for converting X500Name -> CordaX500Name
            val (rootCa, intermediateCa, nodeCa) = createDevNodeCaCertPath(CordaX500Name.build(X500Principal(subject.encoded)), keyPair)
-            buildCertPath(nodeCa.certificate, intermediateCa.certificate, rootCa.certificate)
+            X509Utilities.buildCertPath(nodeCa.certificate, intermediateCa.certificate, rootCa.certificate)
        }
    }

--- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorageTest.kt
+++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorageTest.kt
@ -1,7 +1,6 @@
 package com.r3.corda.networkmanage.common.persistence

 import com.r3.corda.networkmanage.TestBase
-import com.r3.corda.networkmanage.common.utils.buildCertPath
 import com.r3.corda.networkmanage.common.utils.hashString
 import net.corda.core.crypto.Crypto
 import net.corda.core.crypto.SecureHash
@ -71,7 +70,7 @@ class PersistentNodeInfoStorageTest : TestBase() {

        requestStorage.putCertificatePath(
                requestId,
-                buildCertPath(nodeCaCert, intermediateCa.certificate, rootCaCert),
+                X509Utilities.buildCertPath(nodeCaCert, intermediateCa.certificate, rootCaCert),
                listOf(CertificationRequestStorage.DOORMAN_SIGNATURE))

        val storedCertPath = nodeInfoStorage.getCertificatePath(SecureHash.parse(keyPair.public.hashString()))
--- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/JiraClientTest.kt
+++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/JiraClientTest.kt
@ -1,7 +1,6 @@
 package com.r3.corda.networkmanage.doorman

 import com.atlassian.jira.rest.client.internal.async.AsynchronousJiraRestClientFactory
-import com.r3.corda.networkmanage.common.utils.buildCertPath
 import net.corda.core.crypto.Crypto
 import net.corda.core.crypto.SecureHash
 import net.corda.core.identity.CordaX500Name
@ -10,6 +9,7 @@ import org.junit.Before
 import org.junit.Ignore
 import org.junit.Test
 import java.net.URI
+import javax.security.auth.x500.X500Principal

@Ignore
 // This is manual test for testing Jira API.
@ -41,8 +41,10 @@ class JiraClientTest {
    @Test
    fun updateSignedRequests() {
        val requests = jiraClient.getApprovedRequests()
-        val selfSignedCA = X509Utilities.createSelfSignedCACertificate(CordaX500Name("test", "london", "GB").x500Principal, Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME))
-        jiraClient.updateSignedRequests(requests.map { it.requestId to buildCertPath(selfSignedCA) }.toMap())
+        val selfSignedCaCertPath = X509Utilities.buildCertPath(X509Utilities.createSelfSignedCACertificate(
+                X500Principal("O=test,L=london,C=GB"),
+                Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME)))
+        jiraClient.updateSignedRequests(requests.associateBy({ it.requestId }, { selfSignedCaCertPath }))
    }

    @Test
--- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/signer/DefaultCsrHandlerTest.kt
+++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/signer/DefaultCsrHandlerTest.kt
@ -29,14 +29,17 @@ class DefaultCsrHandlerTest : TestBase() {

        val requestStorage: CertificationRequestStorage = mock {
            on { getRequest("New") }.thenReturn(certificateSigningRequest())
-            on { getRequest("Signed") }.thenReturn(certificateSigningRequest(status = RequestStatus.SIGNED, certData = certificateData(CertificateStatus.VALID, buildCertPath(cert))))
+            on { getRequest("Signed") }.thenReturn(certificateSigningRequest(
+                    status = RequestStatus.SIGNED,
+                    certData = certificateData(CertificateStatus.VALID, X509Utilities.buildCertPath(cert))
+            ))
            on { getRequest("Rejected") }.thenReturn(certificateSigningRequest(status = RequestStatus.REJECTED, remark = "Random reason"))
        }
        val requestProcessor = DefaultCsrHandler(requestStorage, null)

        assertEquals(CertificateResponse.NotReady, requestProcessor.getResponse("random"))
        assertEquals(CertificateResponse.NotReady, requestProcessor.getResponse("New"))
-        assertEquals(CertificateResponse.Ready(buildCertPath(cert)), requestProcessor.getResponse("Signed"))
+        assertEquals(CertificateResponse.Ready(X509Utilities.buildCertPath(cert)), requestProcessor.getResponse("Signed"))
        assertEquals(CertificateResponse.Unauthorised("Random reason"), requestProcessor.getResponse("Rejected"))
    }

--- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/webservice/RegistrationWebServiceTest.kt
+++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/webservice/RegistrationWebServiceTest.kt
@ -3,7 +3,6 @@ package com.r3.corda.networkmanage.doorman.webservice
 import com.nhaarman.mockito_kotlin.*
 import com.r3.corda.networkmanage.TestBase
 import com.r3.corda.networkmanage.common.persistence.CertificateResponse
-import com.r3.corda.networkmanage.common.utils.buildCertPath
 import com.r3.corda.networkmanage.doorman.NetworkManagementWebServer
 import com.r3.corda.networkmanage.doorman.signer.CsrHandler
 import net.corda.core.crypto.Crypto
@ -109,7 +108,7 @@ class RegistrationWebServiceTest : TestBase() {
                            intermediateCa.keyPair,
                            X500Principal(subject.encoded),
                            publicKey)
-                    buildCertPath(tlsCert, intermediateCa.certificate, rootCaCert)
+                    X509Utilities.buildCertPath(tlsCert, intermediateCa.certificate, rootCaCert)
                }
                null
            }
@ -157,7 +156,7 @@ class RegistrationWebServiceTest : TestBase() {
                            X500Principal(subject.encoded),
                            publicKey,
                            nameConstraints = nameConstraints)
-                    buildCertPath(clientCert, intermediateCa.certificate, rootCaCert)
+                    X509Utilities.buildCertPath(clientCert, intermediateCa.certificate, rootCaCert)
                }
                true
            }