mirror of
https://github.com/corda/corda.git
synced 2024-12-27 08:22:35 +00:00
Renaming configuration sections for doorman and network map (#472)
This commit is contained in:
parent
29215035e1
commit
8f05dc2230
@ -34,7 +34,7 @@ Allowed parameters are:
|
||||
|
||||
:dataSourceProperties: Data source properties. It should describe (or point to) the Doorman database.
|
||||
|
||||
:csrSigning: CSR signing process configuration parameters. If specified, the signing service will sign approved CSRs.
|
||||
:doorman: CSR signing process configuration parameters. If specified, the signing service will sign approved CSRs.
|
||||
|
||||
:validDays: Number of days issued signatures are valid for.
|
||||
|
||||
@ -56,7 +56,7 @@ Allowed parameters are:
|
||||
|
||||
:threshold: Minimum authentication strength threshold required for certificate signing requests.
|
||||
|
||||
:networkMapSigning: Network map signing process configuration parameters. If specified, the signing service will sign the network map.
|
||||
:networkMap: Network map signing process configuration parameters. If specified, the signing service will sign the network map.
|
||||
|
||||
:username: HSM username to be used when communicating with the HSM.
|
||||
|
||||
|
@ -2,7 +2,7 @@ basedir = "."
|
||||
device = "3001@192.168.0.1"
|
||||
keySpecifier = -1
|
||||
|
||||
csrSigning {
|
||||
doorman {
|
||||
crlDistributionPoint = "http://test.com/revoked.crl"
|
||||
validDays = 3650
|
||||
rootKeyStoreFile = "dummyfile.jks"
|
||||
@ -15,7 +15,7 @@ csrSigning {
|
||||
}
|
||||
}
|
||||
|
||||
networkMapSigning {
|
||||
networkMap {
|
||||
username = "TEST_USERNAME",
|
||||
keyGroup = "DEV.CORDACONNECT.OPS.NETMAP"
|
||||
authParameters {
|
||||
|
@ -122,7 +122,7 @@ abstract class HsmBaseTest {
|
||||
dataSourceProperties = mock(),
|
||||
device = "${hsmSimulator.port}@${hsmSimulator.host}",
|
||||
keySpecifier = 1,
|
||||
csrSigning = DoormanCertificateParameters(
|
||||
doorman = DoormanCertificateParameters(
|
||||
rootKeyStoreFile = rootKeyStoreFile,
|
||||
keyGroup = DOORMAN_CERT_KEY_GROUP,
|
||||
validDays = 3650,
|
||||
@ -133,7 +133,7 @@ abstract class HsmBaseTest {
|
||||
threshold = 2
|
||||
)
|
||||
),
|
||||
networkMapSigning = NetworkMapCertificateParameters(
|
||||
networkMap = NetworkMapCertificateParameters(
|
||||
username = "INTEGRATION_TEST",
|
||||
keyGroup = NETWORK_MAP_CERT_KEY_GROUP,
|
||||
authParameters = AuthenticationParameters(
|
||||
|
@ -14,7 +14,7 @@ class HsmAuthenticatorTest : HsmBaseTest() {
|
||||
// given
|
||||
val userInput = givenHsmUserAuthenticationInput()
|
||||
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
|
||||
val doormanCertificateConfig = hsmSigningServiceConfig.csrSigning!!
|
||||
val doormanCertificateConfig = hsmSigningServiceConfig.doorman!!
|
||||
val authenticator = Authenticator(provider = createProvider(
|
||||
doormanCertificateConfig.keyGroup,
|
||||
hsmSigningServiceConfig.keySpecifier,
|
||||
|
@ -49,13 +49,13 @@ class HsmPermissionTest : HsmBaseTest() {
|
||||
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
|
||||
val signer = HsmCsrSigner(
|
||||
mock(),
|
||||
hsmSigningServiceConfig.csrSigning!!.loadRootKeyStore(),
|
||||
hsmSigningServiceConfig.doorman!!.loadRootKeyStore(),
|
||||
"",
|
||||
null,
|
||||
3650,
|
||||
Authenticator(
|
||||
provider = createProvider(
|
||||
hsmSigningServiceConfig.csrSigning!!.keyGroup,
|
||||
hsmSigningServiceConfig.doorman!!.keyGroup,
|
||||
hsmSigningServiceConfig.keySpecifier,
|
||||
hsmSigningServiceConfig.device),
|
||||
inputReader = userInput)
|
||||
@ -105,13 +105,13 @@ class HsmPermissionTest : HsmBaseTest() {
|
||||
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
|
||||
val signer = HsmCsrSigner(
|
||||
mock(),
|
||||
hsmSigningServiceConfig.csrSigning!!.loadRootKeyStore(),
|
||||
hsmSigningServiceConfig.doorman!!.loadRootKeyStore(),
|
||||
"trustpass",
|
||||
null,
|
||||
3650,
|
||||
Authenticator(
|
||||
provider = createProvider(
|
||||
hsmSigningServiceConfig.csrSigning!!.keyGroup,
|
||||
hsmSigningServiceConfig.doorman!!.keyGroup,
|
||||
hsmSigningServiceConfig.keySpecifier,
|
||||
hsmSigningServiceConfig.device),
|
||||
inputReader = userInput)
|
||||
|
@ -45,7 +45,7 @@ class HsmSigningServiceTest : HsmBaseTest() {
|
||||
|
||||
// given HSM CSR signer
|
||||
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
|
||||
val doormanCertificateConfig = hsmSigningServiceConfig.csrSigning!!
|
||||
val doormanCertificateConfig = hsmSigningServiceConfig.doorman!!
|
||||
val signer = HsmCsrSigner(
|
||||
mock(),
|
||||
doormanCertificateConfig.loadRootKeyStore(),
|
||||
@ -89,7 +89,7 @@ class HsmSigningServiceTest : HsmBaseTest() {
|
||||
|
||||
// given HSM CSR signer
|
||||
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
|
||||
val doormanCertificateConfig = hsmSigningServiceConfig.csrSigning!!
|
||||
val doormanCertificateConfig = hsmSigningServiceConfig.doorman!!
|
||||
val signer = HsmCsrSigner(
|
||||
mock(),
|
||||
doormanCertificateConfig.loadRootKeyStore(),
|
||||
@ -134,7 +134,7 @@ class HsmSigningServiceTest : HsmBaseTest() {
|
||||
|
||||
// given HSM network map signer
|
||||
val hsmSigningServiceConfig = createHsmSigningServiceConfig()
|
||||
val networkMapCertificateConfig = hsmSigningServiceConfig.networkMapSigning!!
|
||||
val networkMapCertificateConfig = hsmSigningServiceConfig.networkMap!!
|
||||
val hsmDataSigner = HsmSigner(Authenticator(
|
||||
provider = createProvider(
|
||||
networkMapCertificateConfig.keyGroup,
|
||||
|
@ -1,5 +1,6 @@
|
||||
package com.r3.corda.networkmanage.hsm
|
||||
|
||||
import com.google.common.primitives.Booleans
|
||||
import com.r3.corda.networkmanage.common.persistence.configureDatabase
|
||||
import com.r3.corda.networkmanage.common.utils.ShowHelpException
|
||||
import com.r3.corda.networkmanage.common.utils.initialiseSerialization
|
||||
@ -21,8 +22,8 @@ fun main(args: Array<String>) {
|
||||
require(Cipher.getMaxAllowedKeyLength("AES") >= 256) {
|
||||
"Unlimited Strength Jurisdiction Policy Files must be installed, see http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html"
|
||||
}
|
||||
require(csrSigning != null || networkMapSigning != null) {
|
||||
"Either network map or certificate signing request certificate parameters must be specified."
|
||||
require(Booleans.countTrue(doorman != null, networkMap != null) == 1) {
|
||||
"Exactly one networkMap or doorman configuration needs to be specified."
|
||||
}
|
||||
requireNotNull(dataSourceProperties)
|
||||
|
||||
@ -34,12 +35,11 @@ fun main(args: Array<String>) {
|
||||
initialiseSerialization()
|
||||
// Create DB connection.
|
||||
val persistence = configureDatabase(dataSourceProperties, database)
|
||||
if (networkMapSigning != null) {
|
||||
NetworkMapProcessor(networkMapSigning, device, keySpecifier, persistence).run()
|
||||
}
|
||||
if (csrSigning != null) {
|
||||
if (networkMap != null) {
|
||||
NetworkMapProcessor(networkMap, device, keySpecifier, persistence).run()
|
||||
} else {
|
||||
try {
|
||||
CsrProcessor(csrSigning, device, keySpecifier, persistence).showMenu()
|
||||
CsrProcessor(doorman!!, device, keySpecifier, persistence).showMenu()
|
||||
} catch (e: ShowHelpException) {
|
||||
e.errorMessage?.let(::println)
|
||||
e.parser.printHelpOn(System.out)
|
||||
|
@ -21,8 +21,8 @@ data class Parameters(val dataSourceProperties: Properties,
|
||||
val database: DatabaseConfig = DatabaseConfig(),
|
||||
val device: String,
|
||||
val keySpecifier: Int,
|
||||
val networkMapSigning: NetworkMapCertificateParameters? = null,
|
||||
val csrSigning: DoormanCertificateParameters? = null)
|
||||
val networkMap: NetworkMapCertificateParameters? = null,
|
||||
val doorman: DoormanCertificateParameters? = null)
|
||||
|
||||
/**
|
||||
* Network map signing process specific parameters.
|
||||
|
@ -18,11 +18,11 @@ class ConfigurationTest : TestBase() {
|
||||
fun `config file is parsed correctly`() {
|
||||
val parameters = parseParameters("--config-file", validConfigPath)
|
||||
assertEquals("3001@192.168.0.1", parameters.device)
|
||||
val doormanCertParameters = parameters.csrSigning!!
|
||||
val doormanCertParameters = parameters.doorman!!
|
||||
assertEquals(AuthMode.PASSWORD, doormanCertParameters.authParameters.mode)
|
||||
assertEquals(2, doormanCertParameters.authParameters.threshold)
|
||||
assertEquals(3650, doormanCertParameters.validDays)
|
||||
val nmParams = parameters.networkMapSigning!!
|
||||
val nmParams = parameters.networkMap!!
|
||||
assertEquals(AuthMode.KEY_FILE, nmParams.authParameters.mode)
|
||||
assertEquals(Paths.get("./Administrator.KEY"), nmParams.authParameters.keyFilePath)
|
||||
assertEquals(2, nmParams.authParameters.threshold)
|
||||
|
Loading…
Reference in New Issue
Block a user