diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmCertificateTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt similarity index 57% rename from network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmCertificateTest.kt rename to network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt index 38aed44498..d7812e37a0 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmCertificateTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt @@ -1,21 +1,23 @@ -package com.r3.corda.networkmanage.hsm +package com.r3.corda.networkmanage.common import com.nhaarman.mockito_kotlin.any import com.nhaarman.mockito_kotlin.mock import com.nhaarman.mockito_kotlin.whenever import com.r3.corda.networkmanage.HsmSimulator -import com.r3.corda.networkmanage.hsm.authentication.CryptoServerProviderConfig import com.r3.corda.networkmanage.hsm.authentication.InputReader import com.r3.corda.networkmanage.hsm.configuration.Parameters import com.r3.corda.networkmanage.hsm.generator.AuthMode import com.r3.corda.networkmanage.hsm.generator.CertificateConfiguration import com.r3.corda.networkmanage.hsm.generator.GeneratorParameters import com.r3.corda.networkmanage.hsm.generator.UserAuthenticationParameters +import net.corda.core.crypto.random63BitValue import net.corda.nodeapi.internal.crypto.CertificateType +import org.junit.Before import org.junit.Rule import org.junit.rules.TemporaryFolder +import java.util.* -abstract class HsmCertificateTest { +abstract class HsmBaseTest { companion object { val ROOT_CERT_KEY_GROUP = "DEV.CORDACONNECT.ROOT" val NETWORK_MAP_CERT_KEY_GROUP = "DEV.CORDACONNECT.OPS.NETMAP" @@ -23,6 +25,11 @@ abstract class HsmCertificateTest { val ROOT_CERT_SUBJECT = "CN=Corda Root CA, O=R3 HoldCo LLC, OU=Corda, L=New York, C=US" val NETWORK_MAP_CERT_SUBJECT = "CN=Corda Network Map, O=R3 HoldCo LLC, OU=Corda, L=New York, C=US" val DOORMAN_CERT_SUBJECT = "CN=Corda Doorman CA, O=R3 HoldCo LLC, OU=Corda, L=New York, C=US" + val HSM_USER_CONFIGS = listOf(UserAuthenticationParameters( + username = "INTEGRATION_TEST", + authMode = AuthMode.PASSWORD, + authToken = "INTEGRATION_TEST", + keyFilePassword = null)) } @Rule @@ -33,42 +40,43 @@ abstract class HsmCertificateTest { @JvmField val hsmSimulator: HsmSimulator = HsmSimulator() - protected val rootCertParameters: GeneratorParameters by lazy { - GeneratorParameters( + private fun createGeneratorParameters(certConfig: CertificateConfiguration): GeneratorParameters { + return GeneratorParameters( hsmHost = hsmSimulator.host, hsmPort = hsmSimulator.port, trustStoreDirectory = tempFolder.root.toPath(), trustStorePassword = "", - userConfigs = listOf(UserAuthenticationParameters( - username = "INTEGRATION_TEST", - authMode = AuthMode.PASSWORD, - authToken = "INTEGRATION_TEST", - keyFilePassword = null - )), - certConfig = CertificateConfiguration( - keySpecifier = 1, - keyGroup = ROOT_CERT_KEY_GROUP, - storeKeysExternal = false, - rootKeyGroup = null, - subject = ROOT_CERT_SUBJECT, - validDays = 3650, - keyCurve = "NIST-P256", - certificateType = CertificateType.ROOT_CA, - keyExport = 0, - keyGenMechanism = 4, - keyOverride = 0, - crlIssuer = null, - crlDistributionUrl = null - ) + userConfigs = HSM_USER_CONFIGS, + certConfig = certConfig ) } - protected val providerConfig: CryptoServerProviderConfig by lazy { - CryptoServerProviderConfig( - Device = "${rootCertParameters.hsmPort}@${rootCertParameters.hsmHost}", - KeySpecifier = rootCertParameters.certConfig.keySpecifier, - KeyGroup = rootCertParameters.certConfig.keyGroup, - StoreKeysExternal = rootCertParameters.certConfig.storeKeysExternal) + protected lateinit var dbName: String + + @Before + fun generateDbName() { + dbName = random63BitValue().toString() + } + + protected fun createGeneratorParameters(keyGroup: String, + rootKeyGroup: String?, + certificateType: CertificateType, + subject: String): GeneratorParameters { + return createGeneratorParameters(CertificateConfiguration( + keySpecifier = 1, + keyGroup = keyGroup, + storeKeysExternal = false, + rootKeyGroup = rootKeyGroup, + subject = subject, + validDays = 3650, + keyCurve = "NIST-P256", + certificateType = certificateType, + keyExport = 0, + keyGenMechanism = 4, + keyOverride = 0, + crlIssuer = null, + crlDistributionUrl = null + )) } protected val hsmSigningServiceConfig = Parameters( @@ -88,4 +96,8 @@ abstract class HsmCertificateTest { whenever(inputReader.readPassword(any())).thenReturn(hsmSimulator.cryptoUserCredentials().password) return inputReader } + + protected fun makeTestDataSourceProperties(): Properties { + return makeTestDataSourceProperties(dbName) + } } \ No newline at end of file diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/TestUtils.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/TestUtils.kt new file mode 100644 index 0000000000..f429c0f55b --- /dev/null +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/TestUtils.kt @@ -0,0 +1,14 @@ +package com.r3.corda.networkmanage.common + +import java.util.* + +const val HOST = "localhost" + +fun makeTestDataSourceProperties(dbName: String): Properties { + val props = Properties() + props.setProperty("dataSourceClassName", "org.h2.jdbcx.JdbcDataSource") + props.setProperty("dataSource.url", "jdbc:h2:mem:$dbName;DB_CLOSE_DELAY=-1") + props.setProperty("dataSource.user", "sa") + props.setProperty("dataSource.password", "") + return props +} \ No newline at end of file diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/NodeRegistrationTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/NodeRegistrationTest.kt index 863b41bb3c..9ef0fda309 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/NodeRegistrationTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/NodeRegistrationTest.kt @@ -1,5 +1,6 @@ package com.r3.corda.networkmanage.doorman +import com.r3.corda.networkmanage.common.makeTestDataSourceProperties import com.r3.corda.networkmanage.common.persistence.configureDatabase import com.r3.corda.networkmanage.common.utils.CertPathAndKey import com.r3.corda.networkmanage.doorman.signer.LocalSigner @@ -35,7 +36,6 @@ import org.assertj.core.api.Assertions.assertThat import org.junit.* import java.net.URL import java.security.cert.X509Certificate -import java.util.* import kotlin.streams.toList // This is the same test as the one in net.corda.node.utilities.registration but using the real doorman and with some @@ -46,7 +46,8 @@ class NodeRegistrationTest : IntegrationTest() { private val aliceName = CordaX500Name("Alice", "London", "GB") private val genevieveName = CordaX500Name("Genevieve", "London", "GB") - @ClassRule @JvmField + @ClassRule + @JvmField val databaseSchemas = IntegrationTestSchemas(notaryName.organisation, aliceName.organisation, genevieveName.organisation) private val timeoutMillis = 5.seconds.toMillis() @@ -58,16 +59,17 @@ class NodeRegistrationTest : IntegrationTest() { private val portAllocation = PortAllocation.Incremental(10000) private val serverAddress = portAllocation.nextHostAndPort() - private val dbId = random63BitValue().toString() private lateinit var rootCaCert: X509Certificate private lateinit var csrCa: CertificateAndKeyPair private lateinit var networkMapCa: CertificateAndKeyPair private var server: NetworkManagementServer? = null + private lateinit var dbName: String @Before fun init() { + dbName = random63BitValue().toString() val (rootCa, doormanCa) = createDevIntermediateCaCertPath() rootCaCert = rootCa.certificate this.csrCa = doormanCa @@ -140,7 +142,7 @@ class NodeRegistrationTest : IntegrationTest() { return NetworkManagementServer().apply { start( serverAddress, - configureDatabase(makeTestDataSourceProperties(), DatabaseConfig(runMigration = true)), + configureDatabase(makeTestDataSourceProperties(dbName), DatabaseConfig(runMigration = true)), CertPathAndKey(listOf(csrCa.certificate, rootCaCert), csrCa.keyPair.private), DoormanConfig(approveAll = true, jiraConfig = null, approveInterval = timeoutMillis), networkParameters?.let { @@ -162,14 +164,4 @@ class NodeRegistrationTest : IntegrationTest() { } assertThat(rpc.networkMapSnapshot()).containsOnlyElementsOf(nodes.map { it.nodeInfo }) } - - // TODO Use the other dbs in the integration tests - private fun makeTestDataSourceProperties(): Properties { - val props = Properties() - props.setProperty("dataSourceClassName", "org.h2.jdbcx.JdbcDataSource") - props.setProperty("dataSource.url", "jdbc:h2:mem:${dbId}_persistence;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE") - props.setProperty("dataSource.user", "sa") - props.setProperty("dataSource.password", "") - return props - } } diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmAuthenticatorTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmAuthenticatorTest.kt index 122f93f611..13c97821fa 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmAuthenticatorTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmAuthenticatorTest.kt @@ -1,12 +1,13 @@ package com.r3.corda.networkmanage.hsm +import com.r3.corda.networkmanage.common.HsmBaseTest import com.r3.corda.networkmanage.hsm.authentication.Authenticator import com.r3.corda.networkmanage.hsm.authentication.createProvider import org.junit.Test import java.util.concurrent.atomic.AtomicBoolean import kotlin.test.assertTrue -class HsmAuthenticatorTest : HsmCertificateTest() { +class HsmAuthenticatorTest : HsmBaseTest() { @Test fun `Authenticator executes the block once user is successfully authenticated`() { diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmKeyGenerationTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmKeyGenerationTest.kt index 95fb091545..7f442bc281 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmKeyGenerationTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmKeyGenerationTest.kt @@ -3,7 +3,9 @@ package com.r3.corda.networkmanage.hsm import com.nhaarman.mockito_kotlin.any import com.nhaarman.mockito_kotlin.mock import com.nhaarman.mockito_kotlin.whenever +import com.r3.corda.networkmanage.common.HsmBaseTest import com.r3.corda.networkmanage.common.utils.CORDA_NETWORK_MAP +import com.r3.corda.networkmanage.hsm.authentication.CryptoServerProviderConfig import com.r3.corda.networkmanage.hsm.authentication.InputReader import com.r3.corda.networkmanage.hsm.generator.AutoAuthenticator import com.r3.corda.networkmanage.hsm.generator.run @@ -18,7 +20,7 @@ import java.security.cert.X509Certificate import kotlin.test.assertEquals import kotlin.test.assertNotNull -class HsmKeyGenerationTest : HsmCertificateTest() { +class HsmKeyGenerationTest : HsmBaseTest() { private lateinit var inputReader: InputReader @@ -32,28 +34,29 @@ class HsmKeyGenerationTest : HsmCertificateTest() { @Test fun `Root and network map certificates have different namespace`() { // when root cert is created - run(rootCertParameters) + run(createGeneratorParameters( + keyGroup = ROOT_CERT_KEY_GROUP, + rootKeyGroup = null, + certificateType = CertificateType.ROOT_CA, + subject = ROOT_CERT_SUBJECT + )) // when network map cert is created - run(rootCertParameters.copy( - certConfig = rootCertParameters.certConfig.copy( - keyGroup = NETWORK_MAP_CERT_KEY_GROUP, - rootKeyGroup = ROOT_CERT_KEY_GROUP, - certificateType = CertificateType.NETWORK_MAP, - subject = NETWORK_MAP_CERT_SUBJECT - ) + run(createGeneratorParameters( + keyGroup = NETWORK_MAP_CERT_KEY_GROUP, + rootKeyGroup = ROOT_CERT_KEY_GROUP, + certificateType = CertificateType.NETWORK_MAP, + subject = NETWORK_MAP_CERT_SUBJECT )) // when doorman cert is created - run(rootCertParameters.copy( - certConfig = rootCertParameters.certConfig.copy( - keyGroup = DOORMAN_CERT_KEY_GROUP, - rootKeyGroup = ROOT_CERT_KEY_GROUP, - certificateType = CertificateType.INTERMEDIATE_CA, - subject = DOORMAN_CERT_SUBJECT - ) + run(createGeneratorParameters( + keyGroup = DOORMAN_CERT_KEY_GROUP, + rootKeyGroup = ROOT_CERT_KEY_GROUP, + certificateType = CertificateType.INTERMEDIATE_CA, + subject = DOORMAN_CERT_SUBJECT )) // then root cert is persisted in the HSM - AutoAuthenticator(providerConfig, rootCertParameters.userConfigs).connectAndAuthenticate { provider -> + AutoAuthenticator(createProviderConfig(ROOT_CERT_KEY_GROUP), HSM_USER_CONFIGS).connectAndAuthenticate { provider -> val keyStore = HsmX509Utilities.getAndInitializeKeyStore(provider) val rootCert = keyStore.getCertificate(CORDA_ROOT_CA) as X509Certificate assertEquals(rootCert.issuerX500Principal, rootCert.subjectX500Principal) @@ -61,7 +64,7 @@ class HsmKeyGenerationTest : HsmCertificateTest() { // then network map cert is persisted in the HSM - AutoAuthenticator(providerConfig.copy(KeyGroup = NETWORK_MAP_CERT_KEY_GROUP), rootCertParameters.userConfigs) + AutoAuthenticator(createProviderConfig(NETWORK_MAP_CERT_KEY_GROUP), HSM_USER_CONFIGS) .connectAndAuthenticate { provider -> val keyStore = HsmX509Utilities.getAndInitializeKeyStore(provider) val networkMapCert = keyStore.getCertificate(CORDA_NETWORK_MAP) as X509Certificate @@ -71,7 +74,7 @@ class HsmKeyGenerationTest : HsmCertificateTest() { // then doorman cert is persisted in the HSM - AutoAuthenticator(providerConfig.copy(KeyGroup = DOORMAN_CERT_KEY_GROUP), rootCertParameters.userConfigs) + AutoAuthenticator(createProviderConfig(DOORMAN_CERT_KEY_GROUP), HSM_USER_CONFIGS) .connectAndAuthenticate { provider -> val keyStore = HsmX509Utilities.getAndInitializeKeyStore(provider) val networkMapCert = keyStore.getCertificate(CORDA_INTERMEDIATE_CA) as X509Certificate @@ -79,4 +82,12 @@ class HsmKeyGenerationTest : HsmCertificateTest() { assertEquals(CordaX500Name.parse(ROOT_CERT_SUBJECT).x500Principal, networkMapCert.issuerX500Principal) } } + + private fun createProviderConfig(keyGroup: String): CryptoServerProviderConfig { + return CryptoServerProviderConfig( + Device = "${hsmSimulator.port}@${hsmSimulator.host}", + KeySpecifier = 1, + KeyGroup = keyGroup, + StoreKeysExternal = false) + } } \ No newline at end of file diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmSigningServiceTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmSigningServiceTest.kt index 9ee8ec1e47..43c11aaf11 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmSigningServiceTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmSigningServiceTest.kt @@ -1,6 +1,11 @@ package com.r3.corda.networkmanage.hsm import com.nhaarman.mockito_kotlin.mock +import com.r3.corda.networkmanage.common.HsmBaseTest +import com.r3.corda.networkmanage.common.persistence.PersistentNetworkMapStorage +import com.r3.corda.networkmanage.common.persistence.configureDatabase +import com.r3.corda.networkmanage.common.signer.NetworkMapSigner +import com.r3.corda.networkmanage.common.utils.initialiseSerialization import com.r3.corda.networkmanage.hsm.authentication.Authenticator import com.r3.corda.networkmanage.hsm.authentication.createProvider import com.r3.corda.networkmanage.hsm.generator.run @@ -8,82 +13,45 @@ import com.r3.corda.networkmanage.hsm.persistence.ApprovedCertificateRequestData import com.r3.corda.networkmanage.hsm.signer.HsmCsrSigner import com.r3.corda.networkmanage.hsm.signer.HsmSigner import net.corda.core.crypto.Crypto.generateKeyPair -import net.corda.core.crypto.secureRandomBytes import net.corda.core.identity.CordaX500Name.Companion.parse +import net.corda.core.serialization.serialize import net.corda.nodeapi.internal.crypto.CertificateType import net.corda.nodeapi.internal.crypto.X509Utilities.CORDA_INTERMEDIATE_CA import net.corda.nodeapi.internal.crypto.X509Utilities.CORDA_ROOT_CA import net.corda.nodeapi.internal.crypto.X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME import net.corda.nodeapi.internal.crypto.X509Utilities.createCertificateSigningRequest +import net.corda.nodeapi.internal.persistence.DatabaseConfig +import net.corda.testing.common.internal.testNetworkParameters +import org.assertj.core.api.Assertions.assertThat import org.junit.Test import kotlin.test.assertEquals import kotlin.test.assertNotNull -class HsmSigningServiceTest : HsmCertificateTest() { - - @Test - fun `HSM signing service can sign network map data`() { - // when root cert is created - run(rootCertParameters) - // when network map cert is created - run(rootCertParameters.copy( - certConfig = rootCertParameters.certConfig.copy( - keyGroup = NETWORK_MAP_CERT_KEY_GROUP, - rootKeyGroup = ROOT_CERT_KEY_GROUP, - certificateType = CertificateType.NETWORK_MAP, - subject = NETWORK_MAP_CERT_SUBJECT - ) - )) - // when doorman cert is created - run(rootCertParameters.copy( - certConfig = rootCertParameters.certConfig.copy( - keyGroup = DOORMAN_CERT_KEY_GROUP, - rootKeyGroup = ROOT_CERT_KEY_GROUP, - certificateType = CertificateType.INTERMEDIATE_CA, - subject = DOORMAN_CERT_SUBJECT - ) - )) - - // given authenticated user - val userInput = givenHsmUserAuthenticationInput() - - // given HSM network map signer - val signer = HsmSigner(Authenticator( - provider = hsmSigningServiceConfig.createProvider(hsmSigningServiceConfig.networkMapKeyGroup), - inputReader = userInput)) - - // give random data to sign - val toSign = secureRandomBytes(10) - - // when - signer.signBytes(toSign) - - // No exception is thrown - } +class HsmSigningServiceTest : HsmBaseTest() { @Test fun `HSM signing service can sign CSR data`() { // when root cert is created - run(rootCertParameters) + run(createGeneratorParameters( + keyGroup = ROOT_CERT_KEY_GROUP, + rootKeyGroup = null, + certificateType = CertificateType.ROOT_CA, + subject = ROOT_CERT_SUBJECT + )) // when network map cert is created - run(rootCertParameters.copy( - certConfig = rootCertParameters.certConfig.copy( - keyGroup = NETWORK_MAP_CERT_KEY_GROUP, - rootKeyGroup = ROOT_CERT_KEY_GROUP, - certificateType = CertificateType.NETWORK_MAP, - subject = NETWORK_MAP_CERT_SUBJECT - ) + run(createGeneratorParameters( + keyGroup = NETWORK_MAP_CERT_KEY_GROUP, + rootKeyGroup = ROOT_CERT_KEY_GROUP, + certificateType = CertificateType.NETWORK_MAP, + subject = NETWORK_MAP_CERT_SUBJECT )) // when doorman cert is created - run(rootCertParameters.copy( - certConfig = rootCertParameters.certConfig.copy( - keyGroup = DOORMAN_CERT_KEY_GROUP, - rootKeyGroup = ROOT_CERT_KEY_GROUP, - certificateType = CertificateType.INTERMEDIATE_CA, - subject = DOORMAN_CERT_SUBJECT - ) + run(createGeneratorParameters( + keyGroup = DOORMAN_CERT_KEY_GROUP, + rootKeyGroup = ROOT_CERT_KEY_GROUP, + certificateType = CertificateType.INTERMEDIATE_CA, + subject = DOORMAN_CERT_SUBJECT )) - // given authenticated user val userInput = givenHsmUserAuthenticationInput() @@ -117,4 +85,56 @@ class HsmSigningServiceTest : HsmCertificateTest() { val certificates = toSign.certPath!!.certificates assertEquals(3, certificates.size) } + + @Test + fun `HSM signing service can sign and serialize network map data to the Doorman DB`() { + // when root cert is created + run(createGeneratorParameters( + keyGroup = ROOT_CERT_KEY_GROUP, + rootKeyGroup = null, + certificateType = CertificateType.ROOT_CA, + subject = ROOT_CERT_SUBJECT + )) + // when network map cert is created + run(createGeneratorParameters( + keyGroup = NETWORK_MAP_CERT_KEY_GROUP, + rootKeyGroup = ROOT_CERT_KEY_GROUP, + certificateType = CertificateType.NETWORK_MAP, + subject = NETWORK_MAP_CERT_SUBJECT + )) + // when doorman cert is created + run(createGeneratorParameters( + keyGroup = DOORMAN_CERT_KEY_GROUP, + rootKeyGroup = ROOT_CERT_KEY_GROUP, + certificateType = CertificateType.INTERMEDIATE_CA, + subject = DOORMAN_CERT_SUBJECT + )) + + // given authenticated user + val userInput = givenHsmUserAuthenticationInput() + + // given HSM network map signer + val hsmDataSigner = HsmSigner(Authenticator( + provider = hsmSigningServiceConfig.createProvider(hsmSigningServiceConfig.networkMapKeyGroup), + inputReader = userInput)) + + val database = configureDatabase(makeTestDataSourceProperties(), DatabaseConfig(runMigration = true)) + val networkMapStorage = PersistentNetworkMapStorage(database) + + // given network map parameters + val networkMapParameters = testNetworkParameters(emptyList()) + val networkMapSigner = NetworkMapSigner(networkMapStorage, hsmDataSigner) + + // when + initialiseSerialization() + networkMapStorage.saveNetworkParameters(networkMapParameters, hsmDataSigner.signBytes(networkMapParameters.serialize().bytes)) + networkMapSigner.signNetworkMap() + + // then + val signedNetworkMap = networkMapStorage.getCurrentNetworkMap() + assertNotNull(signedNetworkMap) + val persistedNetworkMap = signedNetworkMap!!.verified() + assertEquals(networkMapParameters.serialize().hash, persistedNetworkMap.networkParameterHash) + assertThat(persistedNetworkMap.nodeInfoHashes).isEmpty() + } } \ No newline at end of file diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt index 563669ece1..b1c9d5f033 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt @@ -1,6 +1,8 @@ package com.r3.corda.networkmanage.hsm import com.nhaarman.mockito_kotlin.* +import com.r3.corda.networkmanage.common.HOST +import com.r3.corda.networkmanage.common.HsmBaseTest import com.r3.corda.networkmanage.common.persistence.configureDatabase import com.r3.corda.networkmanage.doorman.DoormanConfig import com.r3.corda.networkmanage.doorman.NetworkManagementServer @@ -31,22 +33,13 @@ import org.junit.After import org.junit.Before import org.junit.Rule import org.junit.Test -import org.junit.rules.TemporaryFolder import java.net.URL import java.security.cert.X509Certificate import java.util.* import javax.persistence.PersistenceException import kotlin.concurrent.scheduleAtFixedRate -class SigningServiceIntegrationTest { - companion object { - private val HOST = "localhost" - private val DB_NAME = "test_db" - } - - @Rule - @JvmField - val tempFolder = TemporaryFolder() +class SigningServiceIntegrationTest : HsmBaseTest() { @Rule @JvmField @@ -160,13 +153,4 @@ class SigningServiceIntegrationTest { // doReturn(trustStore).whenever(it).loadTrustStore(any()) } } - - private fun makeTestDataSourceProperties(): Properties { - val props = Properties() - props.setProperty("dataSourceClassName", "org.h2.jdbcx.JdbcDataSource") - props.setProperty("dataSource.url", "jdbc:h2:mem:${SigningServiceIntegrationTest.DB_NAME};DB_CLOSE_DELAY=-1") - props.setProperty("dataSource.user", "sa") - props.setProperty("dataSource.password", "") - return props - } } diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/signer/NetworkMapSigner.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/signer/NetworkMapSigner.kt index e75baa4c5b..b4195c3b56 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/signer/NetworkMapSigner.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/signer/NetworkMapSigner.kt @@ -21,7 +21,7 @@ class NetworkMapSigner(private val networkMapStorage: NetworkMapStorage, private // in current network map. val latestNetworkParameters = networkMapStorage.getLatestNetworkParameters() if (latestNetworkParameters == null) { - logger.debug("No network parameters present") + logger.info("No network parameters present") return } val currentNetworkParameters = networkMapStorage.getNetworkParametersOfNetworkMap() diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt index b69845651e..5f0213acdd 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt @@ -7,10 +7,15 @@ import joptsimple.ArgumentAcceptingOptionSpec import joptsimple.OptionParser import net.corda.core.crypto.sha256 import net.corda.core.internal.SignedDataWithCert +import net.corda.core.serialization.internal.SerializationEnvironmentImpl +import net.corda.core.serialization.internal.nodeSerializationEnv import net.corda.nodeapi.internal.crypto.X509CertificateFactory import net.corda.nodeapi.internal.crypto.X509KeyStore import net.corda.nodeapi.internal.network.NetworkMap import net.corda.nodeapi.internal.network.NetworkParameters +import net.corda.nodeapi.internal.serialization.AMQP_P2P_CONTEXT +import net.corda.nodeapi.internal.serialization.SerializationFactoryImpl +import net.corda.nodeapi.internal.serialization.amqp.AMQPClientSerializationScheme import java.security.KeyPair import java.security.PrivateKey import java.security.PublicKey @@ -57,6 +62,15 @@ fun X509KeyStore.getCertPathAndKey(alias: String, privateKeyPassword: String): C return CertPathAndKey(getCertificateChain(alias), getPrivateKey(alias, privateKeyPassword)) } +fun initialiseSerialization() { + val context = AMQP_P2P_CONTEXT + nodeSerializationEnv = SerializationEnvironmentImpl( + SerializationFactoryImpl().apply { + registerScheme(AMQPClientSerializationScheme()) + }, + context) +} + private fun String.toCamelcase(): String { return if (contains('_') || contains('-')) { CaseFormat.LOWER_UNDERSCORE.to(CaseFormat.LOWER_CAMEL, this.replace("-", "_")) diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt index d83166e26c..8097ccb2b9 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt @@ -3,20 +3,12 @@ package com.r3.corda.networkmanage.doorman import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE import com.r3.corda.networkmanage.common.persistence.configureDatabase -import com.r3.corda.networkmanage.common.utils.CORDA_NETWORK_MAP -import com.r3.corda.networkmanage.common.utils.CertPathAndKey -import com.r3.corda.networkmanage.common.utils.ShowHelpException -import com.r3.corda.networkmanage.common.utils.getCertPathAndKey +import com.r3.corda.networkmanage.common.utils.* import com.r3.corda.networkmanage.doorman.signer.LocalSigner import com.r3.corda.networkmanage.hsm.configuration.Parameters.Companion.DEFAULT_CSR_CERTIFICATE_NAME -import net.corda.core.serialization.internal.SerializationEnvironmentImpl -import net.corda.core.serialization.internal.nodeSerializationEnv import net.corda.core.utilities.NetworkHostAndPort import net.corda.nodeapi.internal.crypto.X509KeyStore import net.corda.nodeapi.internal.network.NetworkParameters -import net.corda.nodeapi.internal.serialization.AMQP_P2P_CONTEXT -import net.corda.nodeapi.internal.serialization.SerializationFactoryImpl -import net.corda.nodeapi.internal.serialization.amqp.AMQPClientSerializationScheme import org.bouncycastle.pkcs.PKCS10CertificationRequest import java.time.Instant import kotlin.concurrent.thread @@ -100,12 +92,3 @@ fun main(args: Array) { e.parser.printHelpOn(System.out) } } - -private fun initialiseSerialization() { - val context = AMQP_P2P_CONTEXT - nodeSerializationEnv = SerializationEnvironmentImpl( - SerializationFactoryImpl().apply { - registerScheme(AMQPClientSerializationScheme()) - }, - context) -} diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt index bdae729e9f..da3e58b112 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt @@ -6,6 +6,7 @@ import com.r3.corda.networkmanage.common.persistence.PersistentNetworkMapStorage import com.r3.corda.networkmanage.common.persistence.configureDatabase import com.r3.corda.networkmanage.common.signer.NetworkMapSigner import com.r3.corda.networkmanage.common.utils.ShowHelpException +import com.r3.corda.networkmanage.common.utils.initialiseSerialization import com.r3.corda.networkmanage.hsm.authentication.AuthMode import com.r3.corda.networkmanage.hsm.authentication.Authenticator import com.r3.corda.networkmanage.hsm.authentication.createProvider @@ -54,6 +55,7 @@ fun run(parameters: Parameters) { // Create DB connection. checkNotNull(dataSourceProperties) + initialiseSerialization() val database = configureDatabase(dataSourceProperties, databaseConfig) val csrStorage = DBSignedCertificateRequestStorage(database) val hsmSigner = HsmSigner(