From 3c64e9feecd854e5c02cb304205c0a06de5d11c4 Mon Sep 17 00:00:00 2001 From: Shams Asari Date: Tue, 19 Dec 2017 22:39:34 +0000 Subject: [PATCH] Merge fixes, which includes fixing the doorman tests and updating the doorman to not set a CN in the CSR responses --- .../corda/core/node/services/NotaryService.kt | 1 - .../doorman/DoormanIntegrationTest.kt | 19 +-- .../persistence/PersistentNodeInfoStorage.kt | 75 +++++----- .../doorman/signer/LocalSigner.kt | 11 +- .../networkmanage/hsm/utils/X509Utils.kt | 3 +- .../persistence/DBNetworkMapStorageTest.kt | 68 ++++----- .../PersitenceNodeInfoStorageTest.kt | 129 +++++++----------- .../doorman/NodeInfoWebServiceTest.kt | 46 +++---- .../node/services/BFTNotaryServiceTests.kt | 2 - .../node/services/MySQLNotaryServiceTests.kt | 8 +- .../node/services/RaftNotaryServiceTests.kt | 5 +- .../transactions/MySQLNotaryService.kt | 6 - 12 files changed, 146 insertions(+), 227 deletions(-) diff --git a/core/src/main/kotlin/net/corda/core/node/services/NotaryService.kt b/core/src/main/kotlin/net/corda/core/node/services/NotaryService.kt index 417916e752..8c6a160618 100644 --- a/core/src/main/kotlin/net/corda/core/node/services/NotaryService.kt +++ b/core/src/main/kotlin/net/corda/core/node/services/NotaryService.kt @@ -25,7 +25,6 @@ abstract class NotaryService : SingletonSerializeAsToken() { if (raft) append(".raft") if (bft) append(".bft") if (custom) append(".custom") - if (mysql) append(".mysql") }.toString() } } diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt index fe919f6114..5993cef210 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt @@ -3,7 +3,6 @@ package com.r3.corda.networkmanage.doorman import com.nhaarman.mockito_kotlin.doReturn import com.nhaarman.mockito_kotlin.whenever import com.r3.corda.networkmanage.common.persistence.configureDatabase -import com.r3.corda.networkmanage.common.utils.buildCertPath import com.r3.corda.networkmanage.common.utils.toX509Certificate import com.r3.corda.networkmanage.doorman.signer.LocalSigner import net.corda.core.crypto.Crypto @@ -30,7 +29,6 @@ import net.corda.testing.SerializationEnvironmentRule import net.corda.testing.common.internal.testNetworkParameters import net.corda.testing.internal.rigorousMock import org.bouncycastle.cert.X509CertificateHolder -import org.junit.Ignore import org.junit.Rule import org.junit.Test import org.junit.rules.TemporaryFolder @@ -78,7 +76,7 @@ class DoormanIntegrationTest { loadKeyStore(config.nodeKeystore, config.keyStorePassword).apply { assert(containsAlias(X509Utilities.CORDA_CLIENT_CA)) - assertEquals(ALICE_NAME.copy(commonName = X509Utilities.CORDA_CLIENT_CA_CN).x500Principal, getX509Certificate(X509Utilities.CORDA_CLIENT_CA).subjectX500Principal) + assertEquals(ALICE_NAME.x500Principal, getX509Certificate(X509Utilities.CORDA_CLIENT_CA).subjectX500Principal) assertEquals(listOf(intermediateCACert.cert, rootCACert.cert), getCertificateChain(X509Utilities.CORDA_CLIENT_CA).drop(1).toList()) } @@ -120,13 +118,18 @@ class DoormanIntegrationTest { // Publish NodeInfo val networkMapClient = NetworkMapClient(config.compatibilityZoneURL!!, rootCertAndKey.certificate.cert) - val certs = loadKeyStore(config.nodeKeystore, config.keyStorePassword).getCertificateChain(X509Utilities.CORDA_CLIENT_CA) - val keyPair = loadKeyStore(config.nodeKeystore, config.keyStorePassword).getKeyPair(X509Utilities.CORDA_CLIENT_CA, config.keyStorePassword) - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(buildCertPath(*certs))), 1, serial = 1L) + + val keyStore = loadKeyStore(config.nodeKeystore, config.keyStorePassword) + val clientCertPath = keyStore.getCertificateChain(X509Utilities.CORDA_CLIENT_CA) + val clientCA = keyStore.getCertificateAndKeyPair(X509Utilities.CORDA_CLIENT_CA, config.keyStorePassword) + val identityKeyPair = Crypto.generateKeyPair() + val identityCert = X509Utilities.createCertificate(CertificateType.LEGAL_IDENTITY, clientCA.certificate, clientCA.keyPair, ALICE_NAME, identityKeyPair.public) + val certPath = X509CertificateFactory().generateCertPath(identityCert.cert, *clientCertPath) + val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) val nodeInfoBytes = nodeInfo.serialize() // When - val signedNodeInfo = SignedNodeInfo(nodeInfoBytes, listOf(keyPair.sign(nodeInfoBytes))) + val signedNodeInfo = SignedNodeInfo(nodeInfoBytes, listOf(identityKeyPair.private.sign(nodeInfoBytes.bytes))) networkMapClient.publish(signedNodeInfo) // Then @@ -137,7 +140,7 @@ class DoormanIntegrationTest { doorman.close() } - fun createConfig(): NodeConfiguration { + private fun createConfig(): NodeConfiguration { return rigorousMock().also { doReturn(tempFolder.root.toPath()).whenever(it).baseDirectory doReturn(ALICE_NAME).whenever(it).myLegalName diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorage.kt index 7f1d331877..1d4af91246 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorage.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistentNodeInfoStorage.kt @@ -1,65 +1,60 @@ package com.r3.corda.networkmanage.common.persistence -import com.r3.corda.networkmanage.common.persistence.entity.* +import com.r3.corda.networkmanage.common.persistence.entity.CertificateDataEntity +import com.r3.corda.networkmanage.common.persistence.entity.CertificateSigningRequestEntity +import com.r3.corda.networkmanage.common.persistence.entity.NodeInfoEntity import com.r3.corda.networkmanage.common.utils.buildCertPath import net.corda.core.crypto.SecureHash import net.corda.core.crypto.sha256 -import net.corda.core.identity.CordaX500Name -import net.corda.core.serialization.SerializedBytes +import net.corda.core.internal.CertRole import net.corda.core.serialization.serialize import net.corda.nodeapi.internal.SignedNodeInfo import net.corda.nodeapi.internal.persistence.CordaPersistence import net.corda.nodeapi.internal.persistence.TransactionIsolationLevel import java.security.cert.CertPath -import java.security.cert.X509Certificate /** * Database implementation of the [NetworkMapStorage] interface */ class PersistentNodeInfoStorage(private val database: CordaPersistence) : NodeInfoStorage { - override fun putNodeInfo(signedNodeInfo: SignedNodeInfo): SecureHash = database.transaction(TransactionIsolationLevel.SERIALIZABLE) { - val nodeInfo = signedNodeInfo.verified() - val orgName = nodeInfo.legalIdentities.first().name.organisation - // TODO: use cert extension to identify NodeCA cert when Ross's work is in. - val nodeCACert = nodeInfo.legalIdentitiesAndCerts.first().certPath.certificates.map { it as X509Certificate } - .find { CordaX500Name.build(it.issuerX500Principal).organisation != orgName && CordaX500Name.build(it.subjectX500Principal).organisation == orgName } + override fun putNodeInfo(signedNodeInfo: SignedNodeInfo): SecureHash { + return database.transaction(TransactionIsolationLevel.SERIALIZABLE) { + val nodeInfo = signedNodeInfo.verified() + val nodeCaCert = nodeInfo.legalIdentitiesAndCerts[0].certPath.certificates.find { CertRole.extract(it) == CertRole.NODE_CA } - val request = nodeCACert?.let { - singleRequestWhere(CertificateDataEntity::class.java) { builder, path -> - val certPublicKeyHashEq = builder.equal(path.get(CertificateDataEntity::publicKeyHash.name), it.publicKey.encoded.sha256().toString()) - val certStatusValid = builder.equal(path.get(CertificateDataEntity::certificateStatus.name), CertificateStatus.VALID) - builder.and(certPublicKeyHashEq, certStatusValid) + val request = nodeCaCert?.let { + singleRequestWhere(CertificateDataEntity::class.java) { builder, path -> + val certPublicKeyHashEq = builder.equal(path.get(CertificateDataEntity::publicKeyHash.name), it.publicKey.encoded.sha256().toString()) + val certStatusValid = builder.equal(path.get(CertificateDataEntity::certificateStatus.name), CertificateStatus.VALID) + builder.and(certPublicKeyHashEq, certStatusValid) + } } - } - request ?: throw IllegalArgumentException("Unknown node info, this public key is not registered with the network management service.") - /* - * Delete any previous [NodeInfoEntity] instance for this CSR - * Possibly it should be moved at the network signing process at the network signing process - * as for a while the network map will have invalid entries (i.e. hashes for node info which have been - * removed). Either way, there will be a period of time when the network map data will be invalid - * but it has been confirmed that this fact has been acknowledged at the design time and we are fine with it. - */ - deleteRequest(NodeInfoEntity::class.java) { builder, path -> - builder.equal(path.get(NodeInfoEntity::certificateSigningRequest.name), request.certificateSigningRequest) - } - val hash = signedNodeInfo.raw.hash + request ?: throw IllegalArgumentException("Unknown node info, this public key is not registered with the network management service.") - val hashedNodeInfo = NodeInfoEntity( - nodeInfoHash = hash.toString(), - certificateSigningRequest = request.certificateSigningRequest, - signedNodeInfoBytes = signedNodeInfo.serialize().bytes) - session.save(hashedNodeInfo) - hash + /* + * Delete any previous [NodeInfoEntity] instance for this CSR + * Possibly it should be moved at the network signing process at the network signing process + * as for a while the network map will have invalid entries (i.e. hashes for node info which have been + * removed). Either way, there will be a period of time when the network map data will be invalid + * but it has been confirmed that this fact has been acknowledged at the design time and we are fine with it. + */ + deleteRequest(NodeInfoEntity::class.java) { builder, path -> + builder.equal(path.get(NodeInfoEntity::certificateSigningRequest.name), request.certificateSigningRequest) + } + val hash = signedNodeInfo.raw.hash + + val hashedNodeInfo = NodeInfoEntity( + nodeInfoHash = hash.toString(), + certificateSigningRequest = request.certificateSigningRequest, + signedNodeInfoBytes = signedNodeInfo.serialize().bytes) + session.save(hashedNodeInfo) + hash + } } override fun getNodeInfo(nodeInfoHash: SecureHash): SignedNodeInfo? { return database.transaction { - val nodeInfoEntity = session.find(NodeInfoEntity::class.java, nodeInfoHash.toString()) - if (nodeInfoEntity == null) { - null - } else { - nodeInfoEntity.signedNodeInfo() - } + session.find(NodeInfoEntity::class.java, nodeInfoHash.toString())?.signedNodeInfo() } } diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/LocalSigner.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/LocalSigner.kt index cb6e253536..50a7b7f971 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/LocalSigner.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/LocalSigner.kt @@ -2,10 +2,10 @@ package com.r3.corda.networkmanage.doorman.signer import com.r3.corda.networkmanage.common.signer.Signer import com.r3.corda.networkmanage.common.utils.buildCertPath -import com.r3.corda.networkmanage.common.utils.toX509Certificate import com.r3.corda.networkmanage.common.utils.withCert import net.corda.core.crypto.sign import net.corda.core.identity.CordaX500Name +import net.corda.core.internal.cert import net.corda.core.internal.toX509CertHolder import net.corda.nodeapi.internal.crypto.CertificateType import net.corda.nodeapi.internal.crypto.X509Utilities @@ -33,13 +33,14 @@ class LocalSigner(private val caKeyPair: KeyPair, private val caCertPath: Array< val nameConstraints = NameConstraints( arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, request.subject))), arrayOf()) - val clientCertificate = X509Utilities.createCertificate(CertificateType.NODE_CA, + val nodeCaCert = X509Utilities.createCertificate( + CertificateType.NODE_CA, caCertPath.first().toX509CertHolder(), caKeyPair, - CordaX500Name.parse(request.subject.toString()).copy(commonName = X509Utilities.CORDA_CLIENT_CA_CN), + CordaX500Name.parse(request.subject.toString()), request.publicKey, - nameConstraints = nameConstraints).toX509Certificate() - return buildCertPath(clientCertificate, *caCertPath) + nameConstraints = nameConstraints) + return buildCertPath(nodeCaCert.cert, *caCertPath) } override fun sign(data: ByteArray): DigitalSignatureWithCert { diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt index 671841746d..22e94ec1b5 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt @@ -7,7 +7,6 @@ import net.corda.core.internal.toX509CertHolder import net.corda.core.internal.x500Name import net.corda.nodeapi.internal.crypto.CertificateAndKeyPair import net.corda.nodeapi.internal.crypto.CertificateType -import net.corda.nodeapi.internal.crypto.X509Utilities import net.corda.nodeapi.internal.crypto.getX509Certificate import org.bouncycastle.asn1.ASN1EncodableVector import org.bouncycastle.asn1.ASN1Sequence @@ -184,7 +183,7 @@ object X509Utilities { val certificateType = CertificateType.NODE_CA val validityWindow = getCertificateValidityWindow(0, validDays, issuerCertificate.notBefore, issuerCertificate.notAfter) val serial = BigInteger.valueOf(random63BitValue(provider)) - val subject = CordaX500Name.parse(jcaRequest.subject.toString()).copy(commonName = X509Utilities.CORDA_CLIENT_CA_CN).x500Name + val subject = CordaX500Name.parse(jcaRequest.subject.toString()).x500Name val subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(jcaRequest.publicKey.encoded)) val keyPurposes = DERSequence(ASN1EncodableVector().apply { certificateType.purposes.forEach { add(it) } }) val builder = JcaX509v3CertificateBuilder(issuerCertificate.subject, serial, validityWindow.first, validityWindow.second, subject, jcaRequest.publicKey) diff --git a/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBNetworkMapStorageTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBNetworkMapStorageTest.kt index 062d4c5c5a..b7d332a5fe 100644 --- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBNetworkMapStorageTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBNetworkMapStorageTest.kt @@ -1,24 +1,21 @@ package com.r3.corda.networkmanage.common.persistence import com.r3.corda.networkmanage.TestBase -import com.r3.corda.networkmanage.common.utils.buildCertPath -import com.r3.corda.networkmanage.common.utils.toX509Certificate import com.r3.corda.networkmanage.common.utils.withCert import net.corda.core.crypto.Crypto import net.corda.core.crypto.sign import net.corda.core.identity.CordaX500Name -import net.corda.core.identity.PartyAndCertificate import net.corda.core.internal.cert -import net.corda.core.node.NodeInfo import net.corda.core.serialization.serialize -import net.corda.core.utilities.NetworkHostAndPort import net.corda.nodeapi.internal.SignedNodeInfo import net.corda.nodeapi.internal.crypto.CertificateType +import net.corda.nodeapi.internal.crypto.X509CertificateFactory import net.corda.nodeapi.internal.crypto.X509Utilities import net.corda.nodeapi.internal.network.NetworkMap import net.corda.nodeapi.internal.network.SignedNetworkMap import net.corda.nodeapi.internal.persistence.CordaPersistence import net.corda.testing.common.internal.testNetworkParameters +import net.corda.testing.internal.TestNodeInfoBuilder import net.corda.testing.node.MockServices.Companion.makeTestDataSourceProperties import org.assertj.core.api.Assertions.assertThat import org.junit.After @@ -31,6 +28,7 @@ class DBNetworkMapStorageTest : TestBase() { private lateinit var requestStorage: CertificationRequestStorage private lateinit var nodeInfoStorage: NodeInfoStorage private lateinit var persistence: CordaPersistence + private val rootCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) private val rootCACert = X509Utilities.createSelfSignedCACertificate(CordaX500Name(commonName = "Corda Node Root CA", locality = "London", organisation = "R3 LTD", country = "GB"), rootCAKey) private val intermediateCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) @@ -53,18 +51,8 @@ class DBNetworkMapStorageTest : TestBase() { fun `signNetworkMap creates current network map`() { // given // Create node info. - val organisation = "Test" - val requestId = requestStorage.saveRequest(createRequest(organisation).first) - requestStorage.markRequestTicketCreated(requestId) - requestStorage.approveRequest(requestId, "TestUser") - val keyPair = Crypto.generateKeyPair() - val clientCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisation, locality = "London", country = "GB"), keyPair.public) - val certPath = buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestId, certPath, emptyList()) - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) - // Put signed node info data - val nodeInfoBytes = nodeInfo.serialize() - val nodeInfoHash = nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoBytes, listOf(keyPair.sign(nodeInfoBytes)))) + val signedNodeInfo = createValidSignedNodeInfo("Test") + val nodeInfoHash = nodeInfoStorage.putNodeInfo(signedNodeInfo) // Create network parameters val networkParametersHash = networkMapStorage.saveNetworkParameters(testNetworkParameters(emptyList())) @@ -103,13 +91,11 @@ class DBNetworkMapStorageTest : TestBase() { // Create network parameters val networkMapParametersHash = networkMapStorage.saveNetworkParameters(createNetworkParameters(1)) // Create empty network map - val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val intermediateCert = X509Utilities.createCertificate(CertificateType.INTERMEDIATE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = "Corda", locality = "London", country = "GB"), keyPair.public) // Sign network map making it current network map val networkMap = NetworkMap(emptyList(), networkMapParametersHash) val serializedNetworkMap = networkMap.serialize() - val signatureData = keyPair.sign(serializedNetworkMap).withCert(intermediateCert.cert) + val signatureData = intermediateCAKey.sign(serializedNetworkMap).withCert(intermediateCACert.cert) val signedNetworkMap = SignedNetworkMap(serializedNetworkMap, signatureData) networkMapStorage.saveNetworkMap(signedNetworkMap) @@ -126,36 +112,19 @@ class DBNetworkMapStorageTest : TestBase() { @Test fun `getValidNodeInfoHashes returns only valid and signed node info hashes`() { // given - // Create node info. - val organisationA = "TestA" - val requestIdA = requestStorage.saveRequest(createRequest(organisationA).first) - requestStorage.markRequestTicketCreated(requestIdA) - requestStorage.approveRequest(requestIdA, "TestUser") - val keyPairA = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCertA = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisationA, locality = "London", country = "GB"), keyPairA.public) - val certPathA = buildCertPath(clientCertA.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestIdA, certPathA, emptyList()) - val organisationB = "TestB" - val requestIdB = requestStorage.saveRequest(createRequest(organisationB).first) - requestStorage.markRequestTicketCreated(requestIdB) - requestStorage.approveRequest(requestIdB, "TestUser") - val keyPairB = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCertB = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisationB, locality = "London", country = "GB"), keyPairB.public) - val certPathB = buildCertPath(clientCertB.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestIdB, certPathB, emptyList()) - val nodeInfoA = NodeInfo(listOf(NetworkHostAndPort("my.companyA.com", 1234)), listOf(PartyAndCertificate(certPathA)), 1, serial = 1L) - val nodeInfoB = NodeInfo(listOf(NetworkHostAndPort("my.companyB.com", 1234)), listOf(PartyAndCertificate(certPathB)), 1, serial = 1L) + // Create node infos. + val signedNodeInfoA = createValidSignedNodeInfo("TestA") + val signedNodeInfoB = createValidSignedNodeInfo("TestB") + // Put signed node info data - val nodeInfoABytes = nodeInfoA.serialize() - val nodeInfoBBytes = nodeInfoB.serialize() - val nodeInfoHashA = nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoABytes, listOf(keyPairA.sign(nodeInfoABytes)))) - val nodeInfoHashB = nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoBBytes, listOf(keyPairB.sign(nodeInfoBBytes)))) + val nodeInfoHashA = nodeInfoStorage.putNodeInfo(signedNodeInfoA) + val nodeInfoHashB = nodeInfoStorage.putNodeInfo(signedNodeInfoB) // Create network parameters val networkParametersHash = networkMapStorage.saveNetworkParameters(createNetworkParameters()) val networkMap = NetworkMap(listOf(nodeInfoHashA), networkParametersHash) val serializedNetworkMap = networkMap.serialize() - val signatureData = keyPairA.sign(serializedNetworkMap).withCert(clientCertA.cert) + val signatureData = intermediateCAKey.sign(serializedNetworkMap).withCert(intermediateCACert.cert) val signedNetworkMap = SignedNetworkMap(serializedNetworkMap, signatureData) // Sign network map @@ -167,4 +136,15 @@ class DBNetworkMapStorageTest : TestBase() { // then assertThat(validNodeInfoHash).containsOnly(nodeInfoHashA, nodeInfoHashB) } + + private fun createValidSignedNodeInfo(organisation: String): SignedNodeInfo { + val nodeInfoBuilder = TestNodeInfoBuilder() + val requestId = requestStorage.saveRequest(createRequest(organisation).first) + requestStorage.markRequestTicketCreated(requestId) + requestStorage.approveRequest(requestId, "TestUser") + val (identity) = nodeInfoBuilder.addIdentity(CordaX500Name(organisation, "London", "GB")) + val nodeCaCertPath = X509CertificateFactory().generateCertPath(identity.certPath.certificates.drop(1)) + requestStorage.putCertificatePath(requestId, nodeCaCertPath, emptyList()) + return nodeInfoBuilder.buildWithSigned().second + } } \ No newline at end of file diff --git a/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersitenceNodeInfoStorageTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersitenceNodeInfoStorageTest.kt index 1014cde074..e5b2e37699 100644 --- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersitenceNodeInfoStorageTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersitenceNodeInfoStorageTest.kt @@ -3,31 +3,34 @@ package com.r3.corda.networkmanage.common.persistence import com.r3.corda.networkmanage.TestBase import com.r3.corda.networkmanage.common.utils.buildCertPath import com.r3.corda.networkmanage.common.utils.hashString -import com.r3.corda.networkmanage.common.utils.toX509Certificate import net.corda.core.crypto.Crypto import net.corda.core.crypto.SecureHash -import net.corda.core.crypto.sign import net.corda.core.identity.CordaX500Name -import net.corda.core.identity.PartyAndCertificate +import net.corda.core.internal.cert import net.corda.core.node.NodeInfo import net.corda.core.serialization.serialize -import net.corda.core.utilities.NetworkHostAndPort import net.corda.nodeapi.internal.SignedNodeInfo import net.corda.nodeapi.internal.crypto.CertificateType +import net.corda.nodeapi.internal.crypto.X509CertificateFactory import net.corda.nodeapi.internal.crypto.X509Utilities import net.corda.nodeapi.internal.persistence.CordaPersistence +import net.corda.testing.internal.TestNodeInfoBuilder +import net.corda.testing.internal.signWith import net.corda.testing.node.MockServices +import org.assertj.core.api.Assertions.assertThat import org.junit.After import org.junit.Before import org.junit.Test +import java.security.PrivateKey import kotlin.test.assertEquals import kotlin.test.assertNotNull import kotlin.test.assertNull class PersitenceNodeInfoStorageTest : TestBase() { private lateinit var requestStorage: CertificationRequestStorage - private lateinit var nodeInfoStorage: NodeInfoStorage + private lateinit var nodeInfoStorage: PersistentNodeInfoStorage private lateinit var persistence: CordaPersistence + private val rootCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) private val rootCACert = X509Utilities.createSelfSignedCACertificate(CordaX500Name(commonName = "Corda Node Root CA", locality = "London", organisation = "R3 LTD", country = "GB"), rootCAKey) private val intermediateCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) @@ -46,14 +49,13 @@ class PersitenceNodeInfoStorageTest : TestBase() { } @Test - fun `test get CertificatePath`() { + fun `test getCertificatePath`() { // Create node info. val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = "Test", locality = "London", country = "GB"), keyPair.public) - val certPath = buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) + val name = CordaX500Name(organisation = "Test", locality = "London", country = "GB") + val nodeCaCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, name, keyPair.public) - val request = X509Utilities.createCertificateSigningRequest(nodeInfo.legalIdentities.first().name, "my@mail.com", keyPair) + val request = X509Utilities.createCertificateSigningRequest(name, "my@mail.com", keyPair) val requestId = requestStorage.saveRequest(request) requestStorage.markRequestTicketCreated(requestId) @@ -61,104 +63,73 @@ class PersitenceNodeInfoStorageTest : TestBase() { assertNull(nodeInfoStorage.getCertificatePath(SecureHash.parse(keyPair.public.hashString()))) - requestStorage.putCertificatePath(requestId, buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()), listOf(CertificationRequestStorage.DOORMAN_SIGNATURE)) + requestStorage.putCertificatePath(requestId, buildCertPath(nodeCaCert.cert, intermediateCACert.cert, rootCACert.cert), listOf(CertificationRequestStorage.DOORMAN_SIGNATURE)) val storedCertPath = nodeInfoStorage.getCertificatePath(SecureHash.parse(keyPair.public.hashString())) assertNotNull(storedCertPath) - assertEquals(clientCert.toX509Certificate(), storedCertPath!!.certificates.first()) + assertEquals(nodeCaCert.cert, storedCertPath!!.certificates.first()) } @Test - fun `test getNodeInfoHash returns correct data`() { + fun `getNodeInfo returns persisted SignedNodeInfo using the hash of just the NodeInfo`() { // given - val organisationA = "TestA" - val requestIdA = requestStorage.saveRequest(createRequest(organisationA).first) - requestStorage.markRequestTicketCreated(requestIdA) - requestStorage.approveRequest(requestIdA, "TestUser") - val keyPairA = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCertA = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisationA, locality = "London", country = "GB"), keyPairA.public) - val certPathA = buildCertPath(clientCertA.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestIdA, certPathA, emptyList()) - val organisationB = "TestB" - val requestIdB = requestStorage.saveRequest(createRequest(organisationB).first) - requestStorage.markRequestTicketCreated(requestIdB) - requestStorage.approveRequest(requestIdB, "TestUser") - val keyPairB = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCertB = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisationB, locality = "London", country = "GB"), keyPairB.public) - val certPathB = buildCertPath(clientCertB.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestIdB, certPathB, emptyList()) - val nodeInfoA = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPathA)), 1, serial = 1L) - val nodeInfoB = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPathB)), 1, serial = 1L) + val (nodeInfoA, signedNodeInfoA) = createValidSignedNodeInfo("TestA") + val (nodeInfoB, signedNodeInfoB) = createValidSignedNodeInfo("TestB") // Put signed node info data - val nodeInfoABytes = nodeInfoA.serialize() - val nodeInfoBBytes = nodeInfoB.serialize() - nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoABytes, listOf(keyPairA.sign(nodeInfoABytes)))) - nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoBBytes, listOf(keyPairB.sign(nodeInfoBBytes)))) + nodeInfoStorage.putNodeInfo(signedNodeInfoA) + nodeInfoStorage.putNodeInfo(signedNodeInfoB) // when - val persistedNodeInfoA = nodeInfoStorage.getNodeInfo(nodeInfoABytes.hash) - val persistedNodeInfoB = nodeInfoStorage.getNodeInfo(nodeInfoBBytes.hash) + val persistedSignedNodeInfoA = nodeInfoStorage.getNodeInfo(nodeInfoA.serialize().hash) + val persistedSignedNodeInfoB = nodeInfoStorage.getNodeInfo(nodeInfoB.serialize().hash) // then - assertNotNull(persistedNodeInfoA) - assertNotNull(persistedNodeInfoB) - assertEquals(persistedNodeInfoA!!.verified(), nodeInfoA) - assertEquals(persistedNodeInfoB!!.verified(), nodeInfoB) + assertEquals(persistedSignedNodeInfoA?.verified(), nodeInfoA) + assertEquals(persistedSignedNodeInfoB?.verified(), nodeInfoB) } @Test - fun `same pub key with different node info`() { + fun `same public key with different node info`() { // Create node info. - val organisation = "Test" - val requestId = requestStorage.saveRequest(createRequest(organisation).first) - requestStorage.markRequestTicketCreated(requestId) - requestStorage.approveRequest(requestId, "TestUser") - val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisation, locality = "London", country = "GB"), keyPair.public) - val certPath = buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestId, certPath, emptyList()) + val (nodeInfo1, signedNodeInfo1, key) = createValidSignedNodeInfo("Test", serial = 1) + val nodeInfo2 = nodeInfo1.copy(serial = 2) + val signedNodeInfo2 = nodeInfo2.signWith(listOf(key)) - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) - val nodeInfoSamePubKey = NodeInfo(listOf(NetworkHostAndPort("my.company2.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) - val nodeInfoBytes = nodeInfo.serialize() - val nodeInfoHash = nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoBytes, listOf(keyPair.sign(nodeInfoBytes)))) - assertEquals(nodeInfo, nodeInfoStorage.getNodeInfo(nodeInfoHash)?.verified()) + val nodeInfo1Hash = nodeInfoStorage.putNodeInfo(signedNodeInfo1) + assertEquals(nodeInfo1, nodeInfoStorage.getNodeInfo(nodeInfo1Hash)?.verified()) - val nodeInfoSamePubKeyBytes = nodeInfoSamePubKey.serialize() // This should replace the node info. - nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoSamePubKeyBytes, listOf(keyPair.sign(nodeInfoSamePubKeyBytes)))) + nodeInfoStorage.putNodeInfo(signedNodeInfo2) // Old node info should be removed. - assertNull(nodeInfoStorage.getNodeInfo(nodeInfoHash)) - assertEquals(nodeInfoSamePubKey, nodeInfoStorage.getNodeInfo(nodeInfoSamePubKeyBytes.hash)?.verified()) + assertNull(nodeInfoStorage.getNodeInfo(nodeInfo1Hash)) + assertEquals(nodeInfo2, nodeInfoStorage.getNodeInfo(nodeInfo2.serialize().hash)?.verified()) } @Test - fun `putNodeInfo persists node info data with its signature`() { + fun `putNodeInfo persists SignedNodeInfo with its signature`() { // given - // Create node info. - val organisation = "Test" + val (_, signedNodeInfo) = createValidSignedNodeInfo("Test") + + // when + val nodeInfoHash = nodeInfoStorage.putNodeInfo(signedNodeInfo) + + // then + val persistedSignedNodeInfo = nodeInfoStorage.getNodeInfo(nodeInfoHash) + assertThat(persistedSignedNodeInfo?.signatures).isEqualTo(signedNodeInfo.signatures) + } + + private fun createValidSignedNodeInfo(organisation: String, serial: Long = 1): Triple { + val nodeInfoBuilder = TestNodeInfoBuilder() val requestId = requestStorage.saveRequest(createRequest(organisation).first) requestStorage.markRequestTicketCreated(requestId) requestStorage.approveRequest(requestId, "TestUser") - val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = organisation, locality = "London", country = "GB"), keyPair.public) - val certPath = buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - requestStorage.putCertificatePath(requestId, certPath, emptyList()) - - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) - val nodeInfoBytes = nodeInfo.serialize() - val signature = keyPair.sign(nodeInfoBytes) - - // when - val nodeInfoHash = nodeInfoStorage.putNodeInfo(SignedNodeInfo(nodeInfoBytes, listOf(signature))) - - // then - val persistedNodeInfo = nodeInfoStorage.getNodeInfo(nodeInfoHash) - assertNotNull(persistedNodeInfo) - assertEquals(nodeInfo, persistedNodeInfo!!.verified()) - assertEquals(signature, persistedNodeInfo.signatures.firstOrNull()) + val (identity, key) = nodeInfoBuilder.addIdentity(CordaX500Name(organisation, "London", "GB")) + val nodeCaCertPath = X509CertificateFactory().generateCertPath(identity.certPath.certificates.drop(1)) + requestStorage.putCertificatePath(requestId, nodeCaCertPath, emptyList()) + val (nodeInfo, signedNodeInfo) = nodeInfoBuilder.buildWithSigned(serial) + return Triple(nodeInfo, signedNodeInfo, key) } } \ No newline at end of file diff --git a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt index 096a05534f..26452d45a9 100644 --- a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt @@ -1,20 +1,18 @@ package com.r3.corda.networkmanage.doorman -import com.nhaarman.mockito_kotlin.any import com.nhaarman.mockito_kotlin.mock import com.nhaarman.mockito_kotlin.times import com.nhaarman.mockito_kotlin.verify import com.r3.corda.networkmanage.common.persistence.NetworkMapStorage import com.r3.corda.networkmanage.common.persistence.NodeInfoStorage -import com.r3.corda.networkmanage.common.utils.buildCertPath -import com.r3.corda.networkmanage.common.utils.toX509Certificate import com.r3.corda.networkmanage.common.utils.withCert import com.r3.corda.networkmanage.doorman.webservice.NodeInfoWebService -import net.corda.core.crypto.* +import net.corda.core.crypto.Crypto +import net.corda.core.crypto.SecureHash +import net.corda.core.crypto.sha256 +import net.corda.core.crypto.sign import net.corda.core.identity.CordaX500Name -import net.corda.core.identity.PartyAndCertificate import net.corda.core.internal.cert -import net.corda.core.node.NodeInfo import net.corda.core.serialization.deserialize import net.corda.core.serialization.serialize import net.corda.core.utilities.NetworkHostAndPort @@ -25,6 +23,7 @@ import net.corda.nodeapi.internal.crypto.X509Utilities import net.corda.nodeapi.internal.network.NetworkMap import net.corda.nodeapi.internal.network.SignedNetworkMap import net.corda.testing.SerializationEnvironmentRule +import net.corda.testing.internal.createNodeInfoAndSigned import org.bouncycastle.asn1.x500.X500Name import org.junit.Rule import org.junit.Test @@ -41,31 +40,17 @@ class NodeInfoWebServiceTest { @JvmField val testSerialization = SerializationEnvironmentRule(true) - private val rootCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - private val rootCACert = X509Utilities.createSelfSignedCACertificate(CordaX500Name(locality = "London", organisation = "R3 LTD", country = "GB", commonName = "Corda Node Root CA"), rootCAKey) - private val intermediateCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - private val intermediateCACert = X509Utilities.createCertificate(CertificateType.INTERMEDIATE_CA, rootCACert, rootCAKey, X500Name("CN=Corda Node Intermediate CA,L=London"), intermediateCAKey.public) - private val testNetwotkMapConfig = NetworkMapConfig(10.seconds.toMillis(), 10.seconds.toMillis()) + @Test fun `submit nodeInfo`() { // Create node info. - val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = "Test", locality = "London", country = "GB"), keyPair.public) - val certPath = buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) + val (_, signedNodeInfo) = createNodeInfoAndSigned(CordaX500Name("Test", "London", "GB")) - // Create digital signature. - val digitalSignature = DigitalSignature.WithKey(keyPair.public, Crypto.doSign(keyPair.private, nodeInfo.serialize().bytes)) - - val nodeInfoStorage: NodeInfoStorage = mock { - on { getCertificatePath(any()) }.thenReturn(certPath) - } - - NetworkManagementWebServer(NetworkHostAndPort("localhost", 0), NodeInfoWebService(nodeInfoStorage, mock(), testNetwotkMapConfig)).use { + NetworkManagementWebServer(NetworkHostAndPort("localhost", 0), NodeInfoWebService(mock(), mock(), testNetwotkMapConfig)).use { it.start() val registerURL = URL("http://${it.hostAndPort}/${NodeInfoWebService.NETWORK_MAP_PATH}/publish") - val nodeInfoAndSignature = SignedNodeInfo(nodeInfo.serialize(), listOf(digitalSignature)).serialize().bytes + val nodeInfoAndSignature = signedNodeInfo.serialize().bytes // Post node info and signature to doorman, this should pass without any exception. doPost(registerURL, nodeInfoAndSignature) } @@ -73,6 +58,11 @@ class NodeInfoWebServiceTest { @Test fun `get network map`() { + val rootCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) + val rootCACert = X509Utilities.createSelfSignedCACertificate(CordaX500Name(locality = "London", organisation = "R3 LTD", country = "GB", commonName = "Corda Node Root CA"), rootCAKey) + val intermediateCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) + val intermediateCACert = X509Utilities.createCertificate(CertificateType.INTERMEDIATE_CA, rootCACert, rootCAKey, X500Name("CN=Corda Node Intermediate CA,L=London"), intermediateCAKey.public) + val networkMap = NetworkMap(listOf(SecureHash.randomSHA256(), SecureHash.randomSHA256()), SecureHash.randomSHA256()) val serializedNetworkMap = networkMap.serialize() val networkMapStorage: NetworkMapStorage = mock { @@ -89,16 +79,12 @@ class NodeInfoWebServiceTest { @Test fun `get node info`() { - val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val clientCert = X509Utilities.createCertificate(CertificateType.NODE_CA, intermediateCACert, intermediateCAKey, CordaX500Name(organisation = "Test", locality = "London", country = "GB"), keyPair.public) - val certPath = buildCertPath(clientCert.toX509Certificate(), intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate()) - val nodeInfo = NodeInfo(listOf(NetworkHostAndPort("my.company.com", 1234)), listOf(PartyAndCertificate(certPath)), 1, serial = 1L) + val (nodeInfo, signedNodeInfo) = createNodeInfoAndSigned(CordaX500Name("Test", "London", "GB")) val nodeInfoHash = nodeInfo.serialize().sha256() val nodeInfoStorage: NodeInfoStorage = mock { - val serializedNodeInfo = nodeInfo.serialize() - on { getNodeInfo(nodeInfoHash) }.thenReturn(SignedNodeInfo(serializedNodeInfo, listOf(keyPair.sign(serializedNodeInfo)))) + on { getNodeInfo(nodeInfoHash) }.thenReturn(signedNodeInfo) } NetworkManagementWebServer(NetworkHostAndPort("localhost", 0), NodeInfoWebService(nodeInfoStorage, mock(), testNetwotkMapConfig)).use { diff --git a/node/src/integration-test/kotlin/net/corda/node/services/BFTNotaryServiceTests.kt b/node/src/integration-test/kotlin/net/corda/node/services/BFTNotaryServiceTests.kt index 7f45d28a15..28a04fcbd7 100644 --- a/node/src/integration-test/kotlin/net/corda/node/services/BFTNotaryServiceTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/services/BFTNotaryServiceTests.kt @@ -23,8 +23,6 @@ import net.corda.node.services.config.BFTSMaRtConfiguration import net.corda.node.services.config.NotaryConfig import net.corda.node.services.transactions.minClusterSize import net.corda.node.services.transactions.minCorrectReplicas -import net.corda.nodeapi.internal.ServiceIdentityGenerator -import net.corda.nodeapi.internal.network.NetworkParametersCopier import net.corda.nodeapi.internal.IdentityGenerator import net.corda.nodeapi.internal.network.NetworkParametersCopier import net.corda.nodeapi.internal.network.NotaryInfo diff --git a/node/src/integration-test/kotlin/net/corda/node/services/MySQLNotaryServiceTests.kt b/node/src/integration-test/kotlin/net/corda/node/services/MySQLNotaryServiceTests.kt index f1f467d24e..e36f7b35d0 100644 --- a/node/src/integration-test/kotlin/net/corda/node/services/MySQLNotaryServiceTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/services/MySQLNotaryServiceTests.kt @@ -14,7 +14,7 @@ import net.corda.core.transactions.TransactionBuilder import net.corda.core.utilities.getOrThrow import net.corda.node.internal.StartedNode import net.corda.node.services.config.NotaryConfig -import net.corda.nodeapi.internal.ServiceIdentityGenerator +import net.corda.nodeapi.internal.IdentityGenerator import net.corda.nodeapi.internal.network.NetworkParametersCopier import net.corda.nodeapi.internal.network.NotaryInfo import net.corda.testing.* @@ -49,11 +49,7 @@ class MySQLNotaryServiceTests : IntegrationTest() { @Before fun before() { mockNet = MockNetwork(cordappPackages = listOf("net.corda.testing.contracts")) - notaryParty = ServiceIdentityGenerator.generateToDisk( - listOf(mockNet.baseDirectory(mockNet.nextNodeId)), - notaryName, - "identity" - ) + notaryParty = IdentityGenerator.generateNodeIdentity(mockNet.baseDirectory(mockNet.nextNodeId), notaryName) val networkParameters = NetworkParametersCopier(testNetworkParameters(listOf(NotaryInfo(notaryParty, false)))) val notaryNodeUnstarted = createNotaryNode() val nodeUnstarted = mockNet.createUnstartedNode() diff --git a/node/src/integration-test/kotlin/net/corda/node/services/RaftNotaryServiceTests.kt b/node/src/integration-test/kotlin/net/corda/node/services/RaftNotaryServiceTests.kt index 7a32b8382a..8110118362 100644 --- a/node/src/integration-test/kotlin/net/corda/node/services/RaftNotaryServiceTests.kt +++ b/node/src/integration-test/kotlin/net/corda/node/services/RaftNotaryServiceTests.kt @@ -11,17 +11,14 @@ import net.corda.core.internal.concurrent.map import net.corda.core.transactions.TransactionBuilder import net.corda.core.utilities.getOrThrow import net.corda.node.internal.StartedNode -import net.corda.testing.DUMMY_BANK_A_NAME -import net.corda.testing.chooseIdentity +import net.corda.testing.* import net.corda.testing.contracts.DummyContract import net.corda.testing.driver.NodeHandle import net.corda.testing.driver.driver -import net.corda.testing.dummyCommand import net.corda.testing.node.ClusterSpec import net.corda.testing.node.NotarySpec import net.corda.testing.node.startFlow import org.junit.ClassRule -import net.corda.testing.node.startFlow import org.junit.Test import java.util.* import kotlin.test.assertEquals diff --git a/node/src/main/kotlin/net/corda/node/services/transactions/MySQLNotaryService.kt b/node/src/main/kotlin/net/corda/node/services/transactions/MySQLNotaryService.kt index 0bf810b2ab..adfe3e9744 100644 --- a/node/src/main/kotlin/net/corda/node/services/transactions/MySQLNotaryService.kt +++ b/node/src/main/kotlin/net/corda/node/services/transactions/MySQLNotaryService.kt @@ -35,9 +35,6 @@ class MySQLNonValidatingNotaryService(services: ServiceHubInternal, notaryIdentityKey: PublicKey, dataSourceProperties: Properties, devMode: Boolean = false) : MySQLNotaryService(services, notaryIdentityKey, dataSourceProperties, devMode) { - companion object { - val id = constructId(validating = false, mysql = true) - } override fun createServiceFlow(otherPartySession: FlowSession): FlowLogic = NonValidatingNotaryFlow(otherPartySession, this) } @@ -45,8 +42,5 @@ class MySQLValidatingNotaryService(services: ServiceHubInternal, notaryIdentityKey: PublicKey, dataSourceProperties: Properties, devMode: Boolean = false) : MySQLNotaryService(services, notaryIdentityKey, dataSourceProperties, devMode) { - companion object { - val id = constructId(validating = true, mysql = true) - } override fun createServiceFlow(otherPartySession: FlowSession): FlowLogic = ValidatingNotaryFlow(otherPartySession, this) } \ No newline at end of file