ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2024-12-28 00:38:55 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

ENT-1732 Preventing non-notaries composite keys being submitted in node info (#676)

Browse Source 
* Preventing non-notaries composite keys being submitted in node info

* Addressing review comments
This commit is contained in:
Michal Kit 2018-04-04 14:33:40 +01:00 committed by GitHub
parent 4334d38bf5
commit 6c2cfc3880
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NetworkMapWebService.kt
View File

@ -16,6 +16,7 @@ import com.r3.corda.networkmanage.common.persistence.NetworkMapStorage
import com.r3.corda.networkmanage.common.persistence.NodeInfoStorage
import com.r3.corda.networkmanage.doorman.NetworkMapConfig
import com.r3.corda.networkmanage.doorman.webservice.NetworkMapWebService.Companion.NETWORK_MAP_PATH
import net.corda.core.crypto.CompositeKey
import net.corda.core.crypto.SecureHash
import net.corda.core.crypto.SignedData
import net.corda.core.crypto.sha256
@ -92,7 +93,7 @@ class NetworkMapWebService(private val nodeInfoStorage: NodeInfoStorage,
is NetworkMapNotInitialisedException -> status(Response.Status.SERVICE_UNAVAILABLE).entity(e.message)
is InvalidPlatformVersionException -> status(Response.Status.BAD_REQUEST).entity(e.message)
is InvalidKeyException, is SignatureException -> status(Response.Status.UNAUTHORIZED).entity(e.message)
// Rethrow e if its not one of the expected exception, the server will return http 500 internal error.
// Rethrow e if its not one of the expected exception, the server will return http 500 internal error.
else -> throw e
}
}.build()
@ -153,6 +154,7 @@ class NetworkMapWebService(private val nodeInfoStorage: NodeInfoStorage,
}
private fun verifyNodeInfo(nodeInfo: NodeInfo) {
checkCompositeKeys(nodeInfo)
val minimumPlatformVersion = currentNetworkParameters?.minimumPlatformVersion
?: throw NetworkMapNotInitialisedException("Network parameters have not been initialised")
if (nodeInfo.platformVersion < minimumPlatformVersion) {
@ -160,6 +162,16 @@ class NetworkMapWebService(private val nodeInfoStorage: NodeInfoStorage,
}
}
private fun checkCompositeKeys(nodeInfo: NodeInfo) {
val compositeKeyIdentities = nodeInfo.legalIdentities.filter { it.owningKey is CompositeKey }
if (compositeKeyIdentities.isEmpty()) {
return
}
val parameters = checkNotNull(currentNetworkParameters) { "Network parameters not available." }
val notaryIdentities = parameters.notaries.map { it.identity }
require(notaryIdentities.containsAll(compositeKeyIdentities)) { "A composite key needs to belong to a notary." }
}
private fun createResponse(payload: Any?, addCacheTimeout: Boolean = false): Response {
return if (payload != null) {
val ok = Response.ok(payload.serialize().bytes)