mirror of
https://github.com/corda/corda.git
synced 2024-12-19 04:57:58 +00:00
Change keypair to "keyPair"/"key pair"
Change "keypair" to "keyPair"/"key pair" to correctly indicate it is two words, not a single word.
This commit is contained in:
parent
89ead30e82
commit
80ccf4df34
@ -177,7 +177,7 @@ fun PublicKey.toStringShort(): String {
|
||||
|
||||
fun Iterable<PublicKey>.toStringsShort(): String = map { it.toStringShort() }.toString()
|
||||
|
||||
// Allow Kotlin destructuring: val (private, public) = keypair
|
||||
// Allow Kotlin destructuring: val (private, public) = keyPair
|
||||
operator fun KeyPair.component1() = this.private
|
||||
operator fun KeyPair.component2() = this.public
|
||||
|
||||
@ -185,7 +185,7 @@ operator fun KeyPair.component2() = this.public
|
||||
fun generateKeyPair(): KeyPair = KeyPairGenerator().generateKeyPair()
|
||||
|
||||
/**
|
||||
* Returns a keypair derived from the given private key entropy. This is useful for unit tests and other cases where
|
||||
* Returns a key pair derived from the given private key entropy. This is useful for unit tests and other cases where
|
||||
* you want hard-coded private keys.
|
||||
*/
|
||||
fun entropyToKeyPair(entropy: BigInteger): KeyPair {
|
||||
|
@ -252,17 +252,16 @@ object X509Utilities {
|
||||
return JcaPKCS10CertificationRequestBuilder(subject, keyPair.public).build(signer)
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Helper data class to pass around public certificate and KeyPair entities when using CA certs
|
||||
* Helper data class to pass around public certificate and [KeyPair] entities when using CA certs.
|
||||
*/
|
||||
data class CACertAndKey(val certificate: X509Certificate, val keypair: KeyPair)
|
||||
data class CACertAndKey(val certificate: X509Certificate, val keyPair: KeyPair)
|
||||
|
||||
|
||||
/**
|
||||
* Create a de novo root self-signed X509 v3 CA cert and KeyPair.
|
||||
* Create a de novo root self-signed X509 v3 CA cert and [KeyPair].
|
||||
* @param domain The Common (CN) field of the cert Subject will be populated with the domain string
|
||||
* @return A data class is returned containing the new root CA Cert and its KeyPair for signing downstream certificates.
|
||||
* @return A data class is returned containing the new root CA Cert and its [KeyPair] for signing downstream certificates.
|
||||
* Note the generated certificate tree is capped at max depth of 2 to be in line with commercially available certificates
|
||||
*/
|
||||
fun createSelfSignedCACert(myLegalName: String): CACertAndKey {
|
||||
@ -341,10 +340,10 @@ object X509Utilities {
|
||||
builder.addExtension(Extension.extendedKeyUsage, false,
|
||||
DERSequence(purposes))
|
||||
|
||||
val cert = signCertificate(builder, certificateAuthority.keypair.private)
|
||||
val cert = signCertificate(builder, certificateAuthority.keyPair.private)
|
||||
|
||||
cert.checkValidity(Date())
|
||||
cert.verify(certificateAuthority.keypair.public)
|
||||
cert.verify(certificateAuthority.keyPair.public)
|
||||
|
||||
return CACertAndKey(cert, keyPair)
|
||||
}
|
||||
@ -404,10 +403,10 @@ object X509Utilities {
|
||||
val subjectAlternativeNamesExtension = DERSequence(subjectAlternativeNames.toTypedArray())
|
||||
builder.addExtension(Extension.subjectAlternativeName, false, subjectAlternativeNamesExtension)
|
||||
|
||||
val cert = signCertificate(builder, certificateAuthority.keypair.private)
|
||||
val cert = signCertificate(builder, certificateAuthority.keyPair.private)
|
||||
|
||||
cert.checkValidity(Date())
|
||||
cert.verify(certificateAuthority.keypair.public)
|
||||
cert.verify(certificateAuthority.keyPair.public)
|
||||
|
||||
return cert
|
||||
}
|
||||
@ -482,7 +481,7 @@ object X509Utilities {
|
||||
if (!keyStore.containsAlias(alias)) {
|
||||
val selfSignCert = keyGenerator()
|
||||
// Save to the key store.
|
||||
keyStore.addOrReplaceKey(alias, selfSignCert.keypair.private, keyPassword.toCharArray(), arrayOf(selfSignCert.certificate))
|
||||
keyStore.addOrReplaceKey(alias, selfSignCert.keyPair.private, keyPassword.toCharArray(), arrayOf(selfSignCert.certificate))
|
||||
X509Utilities.saveKeyStore(keyStore, keyStoreFilePath, storePassword)
|
||||
}
|
||||
|
||||
@ -527,14 +526,14 @@ object X509Utilities {
|
||||
val rootCA = X509Utilities.createSelfSignedCACert("Corda Node Root CA")
|
||||
val intermediateCA = X509Utilities.createIntermediateCert("Corda Node Intermediate CA", rootCA)
|
||||
|
||||
val keypass = keyPassword.toCharArray()
|
||||
val keyPass = keyPassword.toCharArray()
|
||||
val keyStore = loadOrCreateKeyStore(keyStoreFilePath, storePassword)
|
||||
|
||||
keyStore.addOrReplaceKey(CORDA_ROOT_CA_PRIVATE_KEY, rootCA.keypair.private, keypass, arrayOf(rootCA.certificate))
|
||||
keyStore.addOrReplaceKey(CORDA_ROOT_CA_PRIVATE_KEY, rootCA.keyPair.private, keyPass, arrayOf(rootCA.certificate))
|
||||
|
||||
keyStore.addOrReplaceKey(CORDA_INTERMEDIATE_CA_PRIVATE_KEY,
|
||||
intermediateCA.keypair.private,
|
||||
keypass,
|
||||
intermediateCA.keyPair.private,
|
||||
keyPass,
|
||||
arrayOf(intermediateCA.certificate, rootCA.certificate))
|
||||
|
||||
saveKeyStore(keyStore, keyStoreFilePath, storePassword)
|
||||
@ -560,8 +559,8 @@ object X509Utilities {
|
||||
fun loadCertificateAndKey(keyStore: KeyStore,
|
||||
keyPassword: String,
|
||||
alias: String): CACertAndKey {
|
||||
val keypass = keyPassword.toCharArray()
|
||||
val key = keyStore.getKey(alias, keypass) as PrivateKey
|
||||
val keyPass = keyPassword.toCharArray()
|
||||
val key = keyStore.getKey(alias, keyPass) as PrivateKey
|
||||
val cert = keyStore.getCertificate(alias) as X509Certificate
|
||||
return CACertAndKey(cert, KeyPair(cert.publicKey, key))
|
||||
}
|
||||
@ -597,12 +596,12 @@ object X509Utilities {
|
||||
if (host.canonicalHostName == host.hostName) listOf() else listOf(host.hostName),
|
||||
listOf(host.hostAddress))
|
||||
|
||||
val keypass = keyPassword.toCharArray()
|
||||
val keyPass = keyPassword.toCharArray()
|
||||
val keyStore = loadOrCreateKeyStore(keyStoreFilePath, storePassword)
|
||||
|
||||
keyStore.addOrReplaceKey(CORDA_CLIENT_CA_PRIVATE_KEY,
|
||||
serverKey.private,
|
||||
keypass,
|
||||
keyPass,
|
||||
arrayOf(serverCert, intermediateCA.certificate, rootCA.certificate))
|
||||
|
||||
keyStore.addOrReplaceCertificate(CORDA_CLIENT_CA, serverCert)
|
||||
@ -611,4 +610,4 @@ object X509Utilities {
|
||||
|
||||
return keyStore
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -33,7 +33,7 @@ class X509UtilitiesTest {
|
||||
assertTrue { caCertAndKey.certificate.subjectDN.name.contains("CN=Test Cert") } // using our subject common name
|
||||
assertEquals(caCertAndKey.certificate.issuerDN, caCertAndKey.certificate.subjectDN) //self-signed
|
||||
caCertAndKey.certificate.checkValidity(Date()) // throws on verification problems
|
||||
caCertAndKey.certificate.verify(caCertAndKey.keypair.public) // throws on verification problems
|
||||
caCertAndKey.certificate.verify(caCertAndKey.keyPair.public) // throws on verification problems
|
||||
assertTrue { caCertAndKey.certificate.keyUsage[5] } // Bit 5 == keyCertSign according to ASN.1 spec (see full comment on KeyUsage property)
|
||||
assertTrue { caCertAndKey.certificate.basicConstraints > 0 } // This returns the signing path length Would be -1 for non-CA certificate
|
||||
}
|
||||
@ -54,12 +54,12 @@ class X509UtilitiesTest {
|
||||
fun `create valid server certificate chain`() {
|
||||
val caCertAndKey = X509Utilities.createSelfSignedCACert("Test CA Cert")
|
||||
val subjectDN = X509Utilities.getDevX509Name("Server Cert")
|
||||
val keypair = X509Utilities.generateECDSAKeyPairForSSL()
|
||||
val serverCert = X509Utilities.createServerCert(subjectDN, keypair.public, caCertAndKey, listOf("alias name"), listOf("10.0.0.54"))
|
||||
val keyPair = X509Utilities.generateECDSAKeyPairForSSL()
|
||||
val serverCert = X509Utilities.createServerCert(subjectDN, keyPair.public, caCertAndKey, listOf("alias name"), listOf("10.0.0.54"))
|
||||
assertTrue { serverCert.subjectDN.name.contains("CN=Server Cert") } // using our subject common name
|
||||
assertEquals(caCertAndKey.certificate.issuerDN, serverCert.issuerDN) // Issued by our CA cert
|
||||
serverCert.checkValidity(Date()) // throws on verification problems
|
||||
serverCert.verify(caCertAndKey.keypair.public) // throws on verification problems
|
||||
serverCert.verify(caCertAndKey.keyPair.public) // throws on verification problems
|
||||
assertFalse { serverCert.keyUsage[5] } // Bit 5 == keyCertSign according to ASN.1 spec (see full comment on KeyUsage property)
|
||||
assertTrue { serverCert.basicConstraints === -1 } // This returns the signing path length should be -1 for non-CA certificate
|
||||
assertEquals(3, serverCert.subjectAlternativeNames.size)
|
||||
@ -166,7 +166,7 @@ class X509UtilitiesTest {
|
||||
// Now sign something with private key and verify against certificate public key
|
||||
val testData = "123456".toByteArray()
|
||||
val signer = Signature.getInstance(X509Utilities.SIGNATURE_ALGORITHM)
|
||||
signer.initSign(serverCertAndKey.keypair.private)
|
||||
signer.initSign(serverCertAndKey.keyPair.private)
|
||||
signer.update(testData)
|
||||
val signature = signer.sign()
|
||||
val verifier = Signature.getInstance(X509Utilities.SIGNATURE_ALGORITHM)
|
||||
|
@ -59,7 +59,7 @@ class KryoTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
fun `deserialised keypair functions the same as serialised one`() {
|
||||
fun `deserialised key pair functions the same as serialised one`() {
|
||||
val keyPair = generateKeyPair()
|
||||
val bitsToSign: ByteArray = Ints.toByteArray(0x01234567)
|
||||
val wrongBits: ByteArray = Ints.toByteArray(0x76543210)
|
||||
|
@ -399,15 +399,15 @@ abstract class AbstractNode(val dir: Path, val configuration: NodeConfiguration,
|
||||
val checkpointStorage = PerFileCheckpointStorage(dir.resolve("checkpoints"))
|
||||
val transactionStorage = PerFileTransactionStorage(dir.resolve("transactions"))
|
||||
_servicesThatAcceptUploads += attachments
|
||||
val (identity, keypair) = obtainKeyPair(dir)
|
||||
return Pair(constructStorageService(attachments, transactionStorage, keypair, identity),checkpointStorage)
|
||||
val (identity, keyPair) = obtainKeyPair(dir)
|
||||
return Pair(constructStorageService(attachments, transactionStorage, keyPair, identity),checkpointStorage)
|
||||
}
|
||||
|
||||
protected open fun constructStorageService(attachments: NodeAttachmentService,
|
||||
transactionStorage: TransactionStorage,
|
||||
keypair: KeyPair,
|
||||
keyPair: KeyPair,
|
||||
identity: Party) =
|
||||
StorageServiceImpl(attachments, transactionStorage, keypair, identity)
|
||||
StorageServiceImpl(attachments, transactionStorage, keyPair, identity)
|
||||
|
||||
private fun obtainKeyPair(dir: Path): Pair<Party, KeyPair> {
|
||||
// Load the private identity key, creating it if necessary. The identity key is a long term well known key that
|
||||
@ -420,13 +420,13 @@ abstract class AbstractNode(val dir: Path, val configuration: NodeConfiguration,
|
||||
|
||||
return if (!Files.exists(privKeyFile)) {
|
||||
log.info("Identity key not found, generating fresh key!")
|
||||
val keypair: KeyPair = generateKeyPair()
|
||||
keypair.serialize().writeToFile(privKeyFile)
|
||||
val myIdentity = Party(configuration.myLegalName, keypair.public)
|
||||
val keyPair: KeyPair = generateKeyPair()
|
||||
keyPair.serialize().writeToFile(privKeyFile)
|
||||
val myIdentity = Party(configuration.myLegalName, keyPair.public)
|
||||
// We include the Party class with the file here to help catch mixups when admins provide files of the
|
||||
// wrong type by mistake.
|
||||
myIdentity.serialize().writeToFile(pubIdentityFile)
|
||||
Pair(myIdentity, keypair)
|
||||
Pair(myIdentity, keyPair)
|
||||
} else {
|
||||
// Check that the identity in the config file matches the identity file we have stored to disk.
|
||||
// This is just a sanity check. It shouldn't fail unless the admin has fiddled with the files and messed
|
||||
@ -436,8 +436,8 @@ abstract class AbstractNode(val dir: Path, val configuration: NodeConfiguration,
|
||||
throw ConfigurationException("The legal name in the config file doesn't match the stored identity file:" +
|
||||
"${configuration.myLegalName} vs ${myIdentity.name}")
|
||||
// Load the private key.
|
||||
val keypair = Files.readAllBytes(privKeyFile).deserialize<KeyPair>()
|
||||
Pair(myIdentity, keypair)
|
||||
val keyPair = Files.readAllBytes(privKeyFile).deserialize<KeyPair>()
|
||||
Pair(myIdentity, keyPair)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -41,10 +41,10 @@ class E2ETestKeyManagementService(initialKeys: Set<KeyPair>) : SingletonSerializ
|
||||
override val keys: Map<PublicKey, PrivateKey> get() = mutex.locked { HashMap(keys) }
|
||||
|
||||
override fun freshKey(): KeyPair {
|
||||
val keypair = generateKeyPair()
|
||||
val keyPair = generateKeyPair()
|
||||
mutex.locked {
|
||||
keys[keypair.public] = keypair.private
|
||||
keys[keyPair.public] = keyPair.private
|
||||
}
|
||||
return keypair
|
||||
return keyPair
|
||||
}
|
||||
}
|
||||
|
@ -33,10 +33,10 @@ class PersistentKeyManagementService(initialKeys: Set<KeyPair>) : SingletonSeria
|
||||
override val keys: Map<PublicKey, PrivateKey> get() = mutex.locked { HashMap(keys) }
|
||||
|
||||
override fun freshKey(): KeyPair {
|
||||
val keypair = generateKeyPair()
|
||||
val keyPair = generateKeyPair()
|
||||
mutex.locked {
|
||||
keys[keypair.public] = keypair.private
|
||||
keys[keyPair.public] = keyPair.private
|
||||
}
|
||||
return keypair
|
||||
return keyPair
|
||||
}
|
||||
}
|
||||
|
@ -190,9 +190,9 @@ class TwoPartyTradeProtocolTests {
|
||||
// That constructs the storage service object in a customised way ...
|
||||
override fun constructStorageService(attachments: NodeAttachmentService,
|
||||
transactionStorage: TransactionStorage,
|
||||
keypair: KeyPair,
|
||||
keyPair: KeyPair,
|
||||
identity: Party): StorageServiceImpl {
|
||||
return StorageServiceImpl(attachments, RecordingTransactionStorage(transactionStorage), keypair, identity)
|
||||
return StorageServiceImpl(attachments, RecordingTransactionStorage(transactionStorage), keyPair, identity)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user