ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2024-12-26 16:11:12 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Renaming configuration sections for doorman and network map (#472)

Browse Source
This commit is contained in:
Michal Kit 2018-03-02 11:41:00 +00:00 committed by GitHub
parent 29215035e1
commit 8f05dc2230
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/source/running-signing-service.rst
View File

@ -34,7 +34,7 @@ Allowed parameters are:
:dataSourceProperties: Data source properties. It should describe (or point to) the Doorman database.
:csrSigning: CSR signing process configuration parameters. If specified, the signing service will sign approved CSRs.
:doorman: CSR signing process configuration parameters. If specified, the signing service will sign approved CSRs.
:validDays: Number of days issued signatures are valid for.
@ -56,7 +56,7 @@ Allowed parameters are:
:threshold: Minimum authentication strength threshold required for certificate signing requests.
:networkMapSigning: Network map signing process configuration parameters. If specified, the signing service will sign the network map.
:networkMap: Network map signing process configuration parameters. If specified, the signing service will sign the network map.
:username: HSM username to be used when communicating with the HSM.

4
network-management/hsm.conf
View File

@ -2,7 +2,7 @@ basedir = "."
device = "3001@192.168.0.1"
keySpecifier = -1
csrSigning {
doorman {
crlDistributionPoint = "http://test.com/revoked.crl"
validDays = 3650
rootKeyStoreFile = "dummyfile.jks"
@ -15,7 +15,7 @@ csrSigning {
}
}
networkMapSigning {
networkMap {
username = "TEST_USERNAME",
keyGroup = "DEV.CORDACONNECT.OPS.NETMAP"
authParameters {

4
network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt
View File

@ -122,7 +122,7 @@ abstract class HsmBaseTest {
dataSourceProperties = mock(),
device = "${hsmSimulator.port}@${hsmSimulator.host}",
keySpecifier = 1,
csrSigning = DoormanCertificateParameters(
doorman = DoormanCertificateParameters(
rootKeyStoreFile = rootKeyStoreFile,
keyGroup = DOORMAN_CERT_KEY_GROUP,
validDays = 3650,
@ -133,7 +133,7 @@ abstract class HsmBaseTest {
threshold = 2
)
),
networkMapSigning = NetworkMapCertificateParameters(
networkMap = NetworkMapCertificateParameters(
username = "INTEGRATION_TEST",
keyGroup = NETWORK_MAP_CERT_KEY_GROUP,
authParameters = AuthenticationParameters(

2
network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmAuthenticatorTest.kt
View File

@ -14,7 +14,7 @@ class HsmAuthenticatorTest : HsmBaseTest() {
// given
val userInput = givenHsmUserAuthenticationInput()
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
val doormanCertificateConfig = hsmSigningServiceConfig.csrSigning!!
val doormanCertificateConfig = hsmSigningServiceConfig.doorman!!
val authenticator = Authenticator(provider = createProvider(
doormanCertificateConfig.keyGroup,
hsmSigningServiceConfig.keySpecifier,

8
network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmPermissionTest.kt
View File

@ -49,13 +49,13 @@ class HsmPermissionTest : HsmBaseTest() {
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
val signer = HsmCsrSigner(
mock(),
hsmSigningServiceConfig.csrSigning!!.loadRootKeyStore(),
hsmSigningServiceConfig.doorman!!.loadRootKeyStore(),
"",
null,
3650,
Authenticator(
provider = createProvider(
hsmSigningServiceConfig.csrSigning!!.keyGroup,
hsmSigningServiceConfig.doorman!!.keyGroup,
hsmSigningServiceConfig.keySpecifier,
hsmSigningServiceConfig.device),
inputReader = userInput)
@ -105,13 +105,13 @@ class HsmPermissionTest : HsmBaseTest() {
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
val signer = HsmCsrSigner(
mock(),
hsmSigningServiceConfig.csrSigning!!.loadRootKeyStore(),
hsmSigningServiceConfig.doorman!!.loadRootKeyStore(),
"trustpass",
null,
3650,
Authenticator(
provider = createProvider(
hsmSigningServiceConfig.csrSigning!!.keyGroup,
hsmSigningServiceConfig.doorman!!.keyGroup,
hsmSigningServiceConfig.keySpecifier,
hsmSigningServiceConfig.device),
inputReader = userInput)

6
network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/HsmSigningServiceTest.kt
View File

@ -45,7 +45,7 @@ class HsmSigningServiceTest : HsmBaseTest() {
// given HSM CSR signer
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
val doormanCertificateConfig = hsmSigningServiceConfig.csrSigning!!
val doormanCertificateConfig = hsmSigningServiceConfig.doorman!!
val signer = HsmCsrSigner(
mock(),
doormanCertificateConfig.loadRootKeyStore(),
@ -89,7 +89,7 @@ class HsmSigningServiceTest : HsmBaseTest() {
// given HSM CSR signer
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
val doormanCertificateConfig = hsmSigningServiceConfig.csrSigning!!
val doormanCertificateConfig = hsmSigningServiceConfig.doorman!!
val signer = HsmCsrSigner(
mock(),
doormanCertificateConfig.loadRootKeyStore(),
@ -134,7 +134,7 @@ class HsmSigningServiceTest : HsmBaseTest() {
// given HSM network map signer
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
val networkMapCertificateConfig = hsmSigningServiceConfig.networkMapSigning!!
val networkMapCertificateConfig = hsmSigningServiceConfig.networkMap!!
val hsmDataSigner = HsmSigner(Authenticator(
provider = createProvider(
networkMapCertificateConfig.keyGroup,

14
network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt
View File

@ -1,5 +1,6 @@
package com.r3.corda.networkmanage.hsm
import com.google.common.primitives.Booleans
import com.r3.corda.networkmanage.common.persistence.configureDatabase
import com.r3.corda.networkmanage.common.utils.ShowHelpException
import com.r3.corda.networkmanage.common.utils.initialiseSerialization
@ -21,8 +22,8 @@ fun main(args: Array<String>) {
require(Cipher.getMaxAllowedKeyLength("AES") >= 256) {
"Unlimited Strength Jurisdiction Policy Files must be installed, see http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html"
}
require(csrSigning != null || networkMapSigning != null) {
"Either network map or certificate signing request certificate parameters must be specified."
require(Booleans.countTrue(doorman != null, networkMap != null) == 1) {
"Exactly one networkMap or doorman configuration needs to be specified."
}
requireNotNull(dataSourceProperties)
@ -34,12 +35,11 @@ fun main(args: Array<String>) {
initialiseSerialization()
// Create DB connection.
val persistence = configureDatabase(dataSourceProperties, database)
if (networkMapSigning != null) {
NetworkMapProcessor(networkMapSigning, device, keySpecifier, persistence).run()
}
if (csrSigning != null) {
if (networkMap != null) {
NetworkMapProcessor(networkMap, device, keySpecifier, persistence).run()
} else {
try {
CsrProcessor(csrSigning, device, keySpecifier, persistence).showMenu()
CsrProcessor(doorman!!, device, keySpecifier, persistence).showMenu()
} catch (e: ShowHelpException) {
e.errorMessage?.let(::println)
e.parser.printHelpOn(System.out)

4
network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt
View File

@ -21,8 +21,8 @@ data class Parameters(val dataSourceProperties: Properties,
val database: DatabaseConfig = DatabaseConfig(),
val device: String,
val keySpecifier: Int,
val networkMapSigning: NetworkMapCertificateParameters? = null,
val csrSigning: DoormanCertificateParameters? = null)
val networkMap: NetworkMapCertificateParameters? = null,
val doorman: DoormanCertificateParameters? = null)
/**
* Network map signing process specific parameters.

4
network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt
View File

@ -18,11 +18,11 @@ class ConfigurationTest : TestBase() {
fun `config file is parsed correctly`() {
val parameters = parseParameters("--config-file", validConfigPath)
assertEquals("3001@192.168.0.1", parameters.device)
val doormanCertParameters = parameters.csrSigning!!
val doormanCertParameters = parameters.doorman!!
assertEquals(AuthMode.PASSWORD, doormanCertParameters.authParameters.mode)
assertEquals(2, doormanCertParameters.authParameters.threshold)
assertEquals(3650, doormanCertParameters.validDays)
val nmParams = parameters.networkMapSigning!!
val nmParams = parameters.networkMap!!
assertEquals(AuthMode.KEY_FILE, nmParams.authParameters.mode)
assertEquals(Paths.get("./Administrator.KEY"), nmParams.authParameters.keyFilePath)
assertEquals(2, nmParams.authParameters.threshold)