mirror of
https://github.com/corda/corda.git
synced 2025-01-15 01:10:33 +00:00
Mkit cp ent 1458 fixing hardcoded sign interval (#437)
* Fixing hardcoded sign interval config * Addressing review comments
This commit is contained in:
parent
2edf632f7f
commit
641cecaf70
@ -77,7 +77,7 @@ Allowed parameters are:
|
||||
:authKeyFilePassword: Authentication key file password. It is used when the 'authMode' is set to "KEY_FILE"
|
||||
or for the automated signing process - e.g. network map, certificate revocation list. Default value: null
|
||||
|
||||
:signInterval: Interval (in seconds) in which all automated signing happens. Default value: 600 seconds
|
||||
:signInterval: Interval (in milliseconds) in which all automated signing happens. Default value: 60000 milliseconds
|
||||
|
||||
Expected behaviour and output upon the service start-up
|
||||
-------------------------------------------------------
|
||||
|
@ -15,7 +15,7 @@ keyGenAuthThreshold = 2
|
||||
authKeyFilePath = "./Administrator.key"
|
||||
authKeyFilePassword = "Password"
|
||||
autoUsername = "AUTO_USER"
|
||||
signInterval = 600
|
||||
signInterval = 10000
|
||||
h2port = 0
|
||||
dataSourceProperties {
|
||||
"dataSourceClassName" = org.h2.jdbcx.JdbcDataSource
|
||||
|
@ -40,6 +40,13 @@ abstract class HsmBaseTest {
|
||||
@JvmField
|
||||
val hsmSimulator: HsmSimulator = HsmSimulator()
|
||||
|
||||
private lateinit var dbName: String
|
||||
|
||||
@Before
|
||||
fun generateRandomDbName() {
|
||||
dbName = random63BitValue().toString()
|
||||
}
|
||||
|
||||
private fun createGeneratorParameters(certConfig: CertificateConfiguration): GeneratorParameters {
|
||||
return GeneratorParameters(
|
||||
hsmHost = hsmSimulator.host,
|
||||
@ -51,13 +58,6 @@ abstract class HsmBaseTest {
|
||||
)
|
||||
}
|
||||
|
||||
protected lateinit var dbName: String
|
||||
|
||||
@Before
|
||||
fun generateDbName() {
|
||||
dbName = random63BitValue().toString()
|
||||
}
|
||||
|
||||
protected fun createGeneratorParameters(keyGroup: String,
|
||||
rootKeyGroup: String?,
|
||||
certificateType: CertificateType,
|
||||
|
@ -63,9 +63,9 @@ class NodeRegistrationTest : IntegrationTest() {
|
||||
private lateinit var rootCaCert: X509Certificate
|
||||
private lateinit var csrCa: CertificateAndKeyPair
|
||||
private lateinit var networkMapCa: CertificateAndKeyPair
|
||||
private lateinit var dbName: String
|
||||
|
||||
private var server: NetworkManagementServer? = null
|
||||
private lateinit var dbName: String
|
||||
|
||||
@Before
|
||||
fun init() {
|
||||
|
@ -25,13 +25,17 @@ class NetworkMapSigner(private val networkMapStorage: NetworkMapStorage, private
|
||||
return
|
||||
}
|
||||
val currentNetworkParameters = networkMapStorage.getNetworkParametersOfNetworkMap()
|
||||
logger.debug("Retrieved network map parameters: $currentNetworkParameters")
|
||||
if (currentNetworkParameters?.verified() != latestNetworkParameters) {
|
||||
persistSignedNetworkParameters(latestNetworkParameters)
|
||||
}
|
||||
val currentSignedNetworkMap = networkMapStorage.getCurrentNetworkMap()
|
||||
val nodeInfoHashes = networkMapStorage.getNodeInfoHashes(CertificateStatus.VALID)
|
||||
val serialisedNetworkMap = NetworkMap(nodeInfoHashes, latestNetworkParameters.serialize().hash).serialize()
|
||||
logger.debug("Retrieved node info hashes: $nodeInfoHashes")
|
||||
val newNetworkMap = NetworkMap(nodeInfoHashes, latestNetworkParameters.serialize().hash)
|
||||
val serialisedNetworkMap = newNetworkMap.serialize()
|
||||
if (serialisedNetworkMap != currentSignedNetworkMap?.raw) {
|
||||
logger.info("Signing a new network map: $newNetworkMap")
|
||||
val newSignedNetworkMap = SignedDataWithCert(serialisedNetworkMap, signer.signBytes(serialisedNetworkMap.bytes))
|
||||
networkMapStorage.saveNetworkMap(newSignedNetworkMap)
|
||||
}
|
||||
|
@ -69,7 +69,7 @@ fun run(parameters: Parameters) {
|
||||
|
||||
val networkMapStorage = PersistentNetworkMapStorage(database)
|
||||
val scheduler = Executors.newSingleThreadScheduledExecutor()
|
||||
startNetworkingMapSigningPolling(networkMapStorage, hsmSigner, scheduler, 10.minutes)
|
||||
startNetworkingMapSigningPolling(networkMapStorage, hsmSigner, scheduler, Duration.ofMillis(signInterval))
|
||||
|
||||
val sign: (List<ApprovedCertificateRequestData>) -> Unit = {
|
||||
val signer = HsmCsrSigner(
|
||||
@ -129,11 +129,12 @@ private fun startNetworkingMapSigningPolling(networkMapStorage: NetworkMapStorag
|
||||
executor: ScheduledExecutorService,
|
||||
signingPeriod: Duration) {
|
||||
val networkMapSigner = NetworkMapSigner(networkMapStorage, signer)
|
||||
log.info("Starting the network map signing thread: sign interval ${signingPeriod.toMillis()} ms")
|
||||
executor.scheduleAtFixedRate({
|
||||
try {
|
||||
networkMapSigner.signNetworkMap()
|
||||
} catch (e: Exception) {
|
||||
log.warn("Exception thrown while signing network map", e)
|
||||
log.error("Exception thrown while signing network map", e)
|
||||
}
|
||||
}, signingPeriod.toMillis(), signingPeriod.toMillis(), MILLISECONDS)
|
||||
}
|
||||
|
@ -6,6 +6,7 @@ import com.typesafe.config.ConfigFactory
|
||||
import com.typesafe.config.ConfigParseOptions
|
||||
import net.corda.core.internal.div
|
||||
import net.corda.core.internal.isRegularFile
|
||||
import net.corda.core.utilities.minutes
|
||||
import net.corda.nodeapi.internal.config.parseAs
|
||||
import net.corda.nodeapi.internal.crypto.X509Utilities
|
||||
import net.corda.nodeapi.internal.persistence.DatabaseConfig
|
||||
@ -49,7 +50,7 @@ data class Parameters(val dataSourceProperties: Properties,
|
||||
val DEFAULT_KEY_FILE_PATH: Path? = null //Paths.get("/Users/michalkit/WinDev1706Eval/Shared/TEST4.key")
|
||||
val DEFAULT_KEY_FILE_PASSWORD: String? = null
|
||||
val DEFAULT_AUTO_USERNAME: String? = null
|
||||
val DEFAULT_SIGN_INTERVAL = 600L // in seconds (10 minutes)
|
||||
val DEFAULT_SIGN_INTERVAL = 1.minutes.toMillis()
|
||||
val DEFAULT_CSR_CERT_CRL_ISSUER: String? = null
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user