ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-15 01:10:33 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Mkit cp ent 1458 fixing hardcoded sign interval (#437)

Browse Source 
* Fixing hardcoded sign interval config

* Addressing review comments
This commit is contained in:
Michal Kit 2018-02-01 07:37:26 +00:00 committed by GitHub
parent 2edf632f7f
commit 641cecaf70
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 20 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/source/running-signing-service.rst
View File

@ -77,7 +77,7 @@ Allowed parameters are:
:authKeyFilePassword: Authentication key file password. It is used when the 'authMode' is set to "KEY_FILE" :authKeyFilePassword: Authentication key file password. It is used when the 'authMode' is set to "KEY_FILE"
or for the automated signing process - e.g. network map, certificate revocation list. Default value: null or for the automated signing process - e.g. network map, certificate revocation list. Default value: null
:signInterval: Interval (in seconds) in which all automated signing happens. Default value: 600 seconds :signInterval: Interval (in milliseconds) in which all automated signing happens. Default value: 60000 milliseconds
Expected behaviour and output upon the service start-up Expected behaviour and output upon the service start-up
------------------------------------------------------- -------------------------------------------------------

2
network-management/hsm.conf
View File

@ -15,7 +15,7 @@ keyGenAuthThreshold = 2
authKeyFilePath = "./Administrator.key" authKeyFilePath = "./Administrator.key"
authKeyFilePassword = "Password" authKeyFilePassword = "Password"
autoUsername = "AUTO_USER" autoUsername = "AUTO_USER"
signInterval = 600 signInterval = 10000
h2port = 0 h2port = 0
dataSourceProperties { dataSourceProperties {
"dataSourceClassName" = org.h2.jdbcx.JdbcDataSource "dataSourceClassName" = org.h2.jdbcx.JdbcDataSource

14
network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt
View File

@ -40,6 +40,13 @@ abstract class HsmBaseTest {
@JvmField @JvmField
val hsmSimulator: HsmSimulator = HsmSimulator() val hsmSimulator: HsmSimulator = HsmSimulator()
private lateinit var dbName: String
@Before
fun generateRandomDbName() {
dbName = random63BitValue().toString()
}
private fun createGeneratorParameters(certConfig: CertificateConfiguration): GeneratorParameters { private fun createGeneratorParameters(certConfig: CertificateConfiguration): GeneratorParameters {
return GeneratorParameters( return GeneratorParameters(
hsmHost = hsmSimulator.host, hsmHost = hsmSimulator.host,
@ -51,13 +58,6 @@ abstract class HsmBaseTest {
) )
} }
protected lateinit var dbName: String
@Before
fun generateDbName() {
dbName = random63BitValue().toString()
}
protected fun createGeneratorParameters(keyGroup: String, protected fun createGeneratorParameters(keyGroup: String,
rootKeyGroup: String?, rootKeyGroup: String?,
certificateType: CertificateType, certificateType: CertificateType,

2
network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/NodeRegistrationTest.kt
View File

@ -63,9 +63,9 @@ class NodeRegistrationTest : IntegrationTest() {
private lateinit var rootCaCert: X509Certificate private lateinit var rootCaCert: X509Certificate
private lateinit var csrCa: CertificateAndKeyPair private lateinit var csrCa: CertificateAndKeyPair
private lateinit var networkMapCa: CertificateAndKeyPair private lateinit var networkMapCa: CertificateAndKeyPair
private lateinit var dbName: String
private var server: NetworkManagementServer? = null private var server: NetworkManagementServer? = null
private lateinit var dbName: String
@Before @Before
fun init() { fun init() {

6
network-management/src/main/kotlin/com/r3/corda/networkmanage/common/signer/NetworkMapSigner.kt
View File

@ -25,13 +25,17 @@ class NetworkMapSigner(private val networkMapStorage: NetworkMapStorage, private
return return
} }
val currentNetworkParameters = networkMapStorage.getNetworkParametersOfNetworkMap() val currentNetworkParameters = networkMapStorage.getNetworkParametersOfNetworkMap()
logger.debug("Retrieved network map parameters: $currentNetworkParameters")
if (currentNetworkParameters?.verified() != latestNetworkParameters) { if (currentNetworkParameters?.verified() != latestNetworkParameters) {
persistSignedNetworkParameters(latestNetworkParameters) persistSignedNetworkParameters(latestNetworkParameters)
} }
val currentSignedNetworkMap = networkMapStorage.getCurrentNetworkMap() val currentSignedNetworkMap = networkMapStorage.getCurrentNetworkMap()
val nodeInfoHashes = networkMapStorage.getNodeInfoHashes(CertificateStatus.VALID) val nodeInfoHashes = networkMapStorage.getNodeInfoHashes(CertificateStatus.VALID)
val serialisedNetworkMap = NetworkMap(nodeInfoHashes, latestNetworkParameters.serialize().hash).serialize() logger.debug("Retrieved node info hashes: $nodeInfoHashes")
val newNetworkMap = NetworkMap(nodeInfoHashes, latestNetworkParameters.serialize().hash)
val serialisedNetworkMap = newNetworkMap.serialize()
if (serialisedNetworkMap != currentSignedNetworkMap?.raw) { if (serialisedNetworkMap != currentSignedNetworkMap?.raw) {
logger.info("Signing a new network map: $newNetworkMap")
val newSignedNetworkMap = SignedDataWithCert(serialisedNetworkMap, signer.signBytes(serialisedNetworkMap.bytes)) val newSignedNetworkMap = SignedDataWithCert(serialisedNetworkMap, signer.signBytes(serialisedNetworkMap.bytes))
networkMapStorage.saveNetworkMap(newSignedNetworkMap) networkMapStorage.saveNetworkMap(newSignedNetworkMap)
} }

5
network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt
View File

@ -69,7 +69,7 @@ fun run(parameters: Parameters) {
val networkMapStorage = PersistentNetworkMapStorage(database) val networkMapStorage = PersistentNetworkMapStorage(database)
val scheduler = Executors.newSingleThreadScheduledExecutor() val scheduler = Executors.newSingleThreadScheduledExecutor()
startNetworkingMapSigningPolling(networkMapStorage, hsmSigner, scheduler, 10.minutes) startNetworkingMapSigningPolling(networkMapStorage, hsmSigner, scheduler, Duration.ofMillis(signInterval))
val sign: (List<ApprovedCertificateRequestData>) -> Unit = { val sign: (List<ApprovedCertificateRequestData>) -> Unit = {
val signer = HsmCsrSigner( val signer = HsmCsrSigner(
@ -129,11 +129,12 @@ private fun startNetworkingMapSigningPolling(networkMapStorage: NetworkMapStorag
executor: ScheduledExecutorService, executor: ScheduledExecutorService,
signingPeriod: Duration) { signingPeriod: Duration) {
val networkMapSigner = NetworkMapSigner(networkMapStorage, signer) val networkMapSigner = NetworkMapSigner(networkMapStorage, signer)
log.info("Starting the network map signing thread: sign interval ${signingPeriod.toMillis()} ms")
executor.scheduleAtFixedRate({ executor.scheduleAtFixedRate({
try { try {
networkMapSigner.signNetworkMap() networkMapSigner.signNetworkMap()
} catch (e: Exception) { } catch (e: Exception) {
log.warn("Exception thrown while signing network map", e) log.error("Exception thrown while signing network map", e)
} }
}, signingPeriod.toMillis(), signingPeriod.toMillis(), MILLISECONDS) }, signingPeriod.toMillis(), signingPeriod.toMillis(), MILLISECONDS)
} }

3
network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt
View File

@ -6,6 +6,7 @@ import com.typesafe.config.ConfigFactory
import com.typesafe.config.ConfigParseOptions import com.typesafe.config.ConfigParseOptions
import net.corda.core.internal.div import net.corda.core.internal.div
import net.corda.core.internal.isRegularFile import net.corda.core.internal.isRegularFile
import net.corda.core.utilities.minutes
import net.corda.nodeapi.internal.config.parseAs import net.corda.nodeapi.internal.config.parseAs
import net.corda.nodeapi.internal.crypto.X509Utilities import net.corda.nodeapi.internal.crypto.X509Utilities
import net.corda.nodeapi.internal.persistence.DatabaseConfig import net.corda.nodeapi.internal.persistence.DatabaseConfig
@ -49,7 +50,7 @@ data class Parameters(val dataSourceProperties: Properties,
val DEFAULT_KEY_FILE_PATH: Path? = null //Paths.get("/Users/michalkit/WinDev1706Eval/Shared/TEST4.key") val DEFAULT_KEY_FILE_PATH: Path? = null //Paths.get("/Users/michalkit/WinDev1706Eval/Shared/TEST4.key")
val DEFAULT_KEY_FILE_PASSWORD: String? = null val DEFAULT_KEY_FILE_PASSWORD: String? = null
val DEFAULT_AUTO_USERNAME: String? = null val DEFAULT_AUTO_USERNAME: String? = null
val DEFAULT_SIGN_INTERVAL = 600L // in seconds (10 minutes) val DEFAULT_SIGN_INTERVAL = 1.minutes.toMillis()
val DEFAULT_CSR_CERT_CRL_ISSUER: String? = null val DEFAULT_CSR_CERT_CRL_ISSUER: String? = null
} }
} }