ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2024-12-18 20:47:57 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/release/os/4.4' into rni/notick/merge-4.4-4.5

Browse Source
This commit is contained in:
Ross Nicoll 2020-07-23 17:24:36 +01:00
commit 9527c553ec
4 changed files with 48 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
build.gradle
View File

@ -62,8 +62,8 @@ buildscript {
ext.asm_version = '7.1'
ext.artemis_version = '2.6.2'
// TODO Upgrade Jackson only when corda is using kotlin 1.3.10
ext.jackson_version = '2.9.7'
// TODO Upgrade to Jackson 2.10+ only when corda is using kotlin 1.3.10
ext.jackson_version = '2.9.8'
ext.jetty_version = '9.4.19.v20190610'
ext.jersey_version = '2.25'
ext.servlet_version = '4.0.1'

2
constants.properties
View File

@ -20,7 +20,7 @@ quasarClassifier=jdk8
quasarVersion11=0.8.0_r3
jdkClassifier11=jdk11
proguardVersion=6.1.1
bouncycastleVersion=1.60
bouncycastleVersion=1.61
classgraphVersion=4.8.78
disruptorVersion=3.4.2
typesafeConfigVersion=1.3.4

19
node-api/src/main/kotlin/net/corda/nodeapi/internal/crypto/ContentSignerBuilder.kt
View File

@ -6,6 +6,7 @@ import net.corda.core.crypto.internal.Instances
import org.bouncycastle.asn1.x509.AlgorithmIdentifier
import org.bouncycastle.operator.ContentSigner
import java.io.OutputStream
import java.security.InvalidKeyException
import java.security.PrivateKey
import java.security.Provider
import java.security.SecureRandom
@ -24,14 +25,18 @@ object ContentSignerBuilder {
else
Signature.getInstance(signatureScheme.signatureName, provider)
val sig = signatureInstance.apply {
// TODO special handling for Sphincs due to a known BouncyCastle's Sphincs bug we reported.
// It is fixed in BC 161b12, so consider updating the below if-statement after updating BouncyCastle.
if (random != null && signatureScheme != SPHINCS256_SHA256) {
initSign(privateKey, random)
} else {
initSign(privateKey)
val sig = try {
signatureInstance.apply {
// TODO special handling for Sphincs due to a known BouncyCastle's Sphincs bug we reported.
// It is fixed in BC 161b12, so consider updating the below if-statement after updating BouncyCastle.
if (random != null && signatureScheme != SPHINCS256_SHA256) {
initSign(privateKey, random)
} else {
initSign(privateKey)
}
}
} catch(ex: InvalidKeyException) {
throw InvalidKeyException("Incorrect key type ${privateKey.algorithm} for signature scheme ${signatureInstance.algorithm}", ex)
}
return object : ContentSigner {
private val stream = SignatureOutputStream(sig, optimised)

33
node-api/src/test/kotlin/net/corda/nodeapi/internal/crypto/ContentSignerBuilderTest.kt Normal file
View File

@ -0,0 +1,33 @@
package net.corda.nodeapi.internal.crypto
import net.corda.core.crypto.Crypto
import org.assertj.core.api.Assertions.assertThatExceptionOfType
import org.junit.Test
import java.math.BigInteger
import java.security.InvalidKeyException
class ContentSignerBuilderTest {
companion object {
private const val entropy = "20200723"
}
@Test(timeout = 300_000)
fun `should build content signer for valid eddsa key`() {
val signatureScheme = Crypto.EDDSA_ED25519_SHA512
val provider = Crypto.findProvider(signatureScheme.providerName)
val issuerKeyPair = Crypto.deriveKeyPairFromEntropy(signatureScheme, BigInteger(entropy))
ContentSignerBuilder.build(signatureScheme, issuerKeyPair.private, provider)
}
@Test(timeout = 300_000)
fun `should fail to build content signer for incorrect key type`() {
val signatureScheme = Crypto.EDDSA_ED25519_SHA512
val provider = Crypto.findProvider(signatureScheme.providerName)
val issuerKeyPair = Crypto.deriveKeyPairFromEntropy(Crypto.ECDSA_SECP256R1_SHA256, BigInteger(entropy))
assertThatExceptionOfType(InvalidKeyException::class.java)
.isThrownBy {
ContentSignerBuilder.build(signatureScheme, issuerKeyPair.private, provider)
}
.withMessage("Incorrect key type EC for signature scheme NONEwithEdDSA")
}
}