Change party to hold an X.500 name

Change the legal name of parties to be an X500 name. This ensures that we aren't converting between common names and X500 names in various places, eliminating substantial scope for error in the conversion process. As a result, all node names must now be full X500 names, which has impact on most configurations.
2025-06-13 12:48:18 +00:00 · 2017-05-05 15:16:44 +01:00
parent b64e7f51f6
commit 25dbac0f07
80 changed files with 352 additions and 311 deletions
--- a/node-api/src/main/kotlin/net/corda/nodeapi/ArtemisTcpTransport.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/ArtemisTcpTransport.kt
@ -5,20 +5,21 @@ import net.corda.nodeapi.config.SSLConfiguration
 import org.apache.activemq.artemis.api.core.TransportConfiguration
 import org.apache.activemq.artemis.core.remoting.impl.netty.NettyConnectorFactory
 import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants
+import org.bouncycastle.asn1.x500.X500Name
 import java.nio.file.FileSystems
 import java.nio.file.Path

 sealed class ConnectionDirection {
    data class Inbound(val acceptorFactoryClassName: String) : ConnectionDirection()
    data class Outbound(
-            val expectedCommonName: String? = null,
+            val expectedCommonName: X500Name? = null,
            val connectorFactoryClassName: String = NettyConnectorFactory::class.java.name
    ) : ConnectionDirection()
 }

 class ArtemisTcpTransport {
    companion object {
-        const val VERIFY_PEER_COMMON_NAME = "corda.verifyPeerCommonName"
+        const val VERIFY_PEER_LEGAL_NAME = "corda.verifyPeerCommonName"

        // Restrict enabled Cipher Suites to AES and GCM as minimum for the bulk cipher.
        // Our self-generated certificates all use ECDSA for handshakes, but we allow classical RSA certificates to work
@ -67,7 +68,7 @@ class ArtemisTcpTransport {
                        TransportConstants.ENABLED_CIPHER_SUITES_PROP_NAME to CIPHER_SUITES.joinToString(","),
                        TransportConstants.ENABLED_PROTOCOLS_PROP_NAME to "TLSv1.2",
                        TransportConstants.NEED_CLIENT_AUTH_PROP_NAME to true,
-                        VERIFY_PEER_COMMON_NAME to (direction as? ConnectionDirection.Outbound)?.expectedCommonName
+                        VERIFY_PEER_LEGAL_NAME to (direction as? ConnectionDirection.Outbound)?.expectedCommonName
                )
                options.putAll(tlsOptions)
            }
--- a/node-api/src/main/kotlin/net/corda/nodeapi/config/ConfigUtilities.kt
+++ b/node-api/src/main/kotlin/net/corda/nodeapi/config/ConfigUtilities.kt
@ -98,6 +98,7 @@ private fun Config.getCollectionValue(path: String, type: KType): Collection<Any
        HostAndPort::class -> getStringList(path).map(HostAndPort::fromString)
        Path::class -> getStringList(path).map { Paths.get(it) }
        URL::class -> getStringList(path).map(::URL)
+        X500Name::class -> getStringList(path).map(::X500Name)
        Properties::class -> getConfigList(path).map(Config::toProperties)
        else -> if (elementClass.java.isEnum) {
            getStringList(path).map { parseEnum(elementClass.java, it) }
--- a/node-api/src/test/kotlin/net/corda/nodeapi/config/ConfigParsingTest.kt
+++ b/node-api/src/test/kotlin/net/corda/nodeapi/config/ConfigParsingTest.kt
@ -6,7 +6,9 @@ import com.typesafe.config.ConfigFactory.empty
 import com.typesafe.config.ConfigRenderOptions.defaults
 import com.typesafe.config.ConfigValueFactory
 import net.corda.core.div
+import net.corda.testing.getTestX509Name
 import org.assertj.core.api.Assertions.assertThat
+import org.bouncycastle.asn1.x500.X500Name
 import org.junit.Test
 import java.net.URL
 import java.nio.file.Path
@ -15,6 +17,7 @@ import java.time.Instant
 import java.time.LocalDate
 import java.util.*
 import kotlin.reflect.full.primaryConstructor
+import kotlin.test.assertEquals

 class ConfigParsingTest {
    @Test
@ -109,6 +112,11 @@ class ConfigParsingTest {
        assertThat(empty().parseAs<StringSetData>().values).isEmpty()
    }

+    @Test
+    fun x500Name() {
+        testPropertyType<X500NameData, X500NameListData, X500Name>(getTestX509Name("Mock Node"), getTestX509Name("Mock Node 2"), valuesToString = true)
+    }
+
    @Test
    fun `multi property data class`() {
        val data = config(
@ -223,6 +231,8 @@ class ConfigParsingTest {
    data class PathListData(override val values: List<Path>) : ListData<Path>
    data class URLData(override val value: URL) : SingleData<URL>
    data class URLListData(override val values: List<URL>) : ListData<URL>
+    data class X500NameData(override val value: X500Name) : SingleData<X500Name>
+    data class X500NameListData(override val values: List<X500Name>) : ListData<X500Name>
    data class PropertiesData(override val value: Properties) : SingleData<Properties>
    data class PropertiesListData(override val values: List<Properties>) : ListData<Properties>
    data class MultiPropertyData(val i: Int, val b: Boolean, val l: List<String>)