From d00163e29de5a382f4309add62684dd88651f852 Mon Sep 17 00:00:00 2001 From: Andrius Dagys Date: Mon, 14 Nov 2016 16:02:20 +0000 Subject: [PATCH] Stop using "legally-Identifiable" signatures for the notary protocol, as notary nodes will use their service identity to sign (and not the legal one). It also doesn't make sense to attach an identity on the signature if it's a group identity and the signer holds only 1 out of many keys. --- .../AbstractStateReplacementProtocol.kt | 2 +- .../net/corda/protocols/NotaryProtocol.kt | 18 ++++++++---------- .../corda/protocols/TwoPartyDealProtocol.kt | 6 +++--- .../corda/protocols/TwoPartyTradeProtocol.kt | 6 +++--- .../corda/node/services/NotaryServiceTests.kt | 4 ++-- .../services/ValidatingNotaryServiceTests.kt | 2 +- 6 files changed, 18 insertions(+), 20 deletions(-) diff --git a/core/src/main/kotlin/net/corda/protocols/AbstractStateReplacementProtocol.kt b/core/src/main/kotlin/net/corda/protocols/AbstractStateReplacementProtocol.kt index bbc5a8f0dc..bfaa64851d 100644 --- a/core/src/main/kotlin/net/corda/protocols/AbstractStateReplacementProtocol.kt +++ b/core/src/main/kotlin/net/corda/protocols/AbstractStateReplacementProtocol.kt @@ -105,7 +105,7 @@ abstract class AbstractStateReplacementProtocol { } @Suspendable - private fun getNotarySignature(stx: SignedTransaction): DigitalSignature.LegallyIdentifiable { + private fun getNotarySignature(stx: SignedTransaction): DigitalSignature.WithKey { progressTracker.currentStep = NOTARY return subProtocol(NotaryProtocol.Client(stx)) } diff --git a/core/src/main/kotlin/net/corda/protocols/NotaryProtocol.kt b/core/src/main/kotlin/net/corda/protocols/NotaryProtocol.kt index fa7ef94067..28abdfcf61 100644 --- a/core/src/main/kotlin/net/corda/protocols/NotaryProtocol.kt +++ b/core/src/main/kotlin/net/corda/protocols/NotaryProtocol.kt @@ -22,7 +22,7 @@ object NotaryProtocol { * by another transaction or the timestamp is invalid. */ open class Client(private val stx: SignedTransaction, - override val progressTracker: ProgressTracker = Client.tracker()) : ProtocolLogic() { + override val progressTracker: ProgressTracker = Client.tracker()) : ProtocolLogic() { companion object { @@ -36,7 +36,7 @@ object NotaryProtocol { lateinit var notaryParty: Party @Suspendable - override fun call(): DigitalSignature.LegallyIdentifiable { + override fun call(): DigitalSignature.WithKey { progressTracker.currentStep = REQUESTING val wtx = stx.tx notaryParty = wtx.notary ?: throw IllegalStateException("Transaction does not specify a Notary") @@ -56,7 +56,7 @@ object NotaryProtocol { } @Throws(NotaryException::class, IllegalStateException::class) - private fun validateResponse(response: UntrustworthyData): DigitalSignature.LegallyIdentifiable { + private fun validateResponse(response: UntrustworthyData): DigitalSignature.WithKey { return response.unwrap { notaryResult -> progressTracker.currentStep = VALIDATING when (notaryResult) { @@ -74,8 +74,8 @@ object NotaryProtocol { } } - private fun validateSignature(sig: DigitalSignature.LegallyIdentifiable, data: ByteArray) { - check(sig.signer == notaryParty) { "Notary result not signed by the correct service" } + private fun validateSignature(sig: DigitalSignature.WithKey, data: ByteArray) { + check(sig.by in notaryParty.owningKey.keys) { "Invalid signer for the notary result" } sig.verifyWithECDSA(data) } } @@ -140,11 +140,9 @@ object NotaryProtocol { } } - private fun sign(bits: ByteArray): DigitalSignature.LegallyIdentifiable { - val myNodeInfo = serviceHub.myInfo - val myIdentity = myNodeInfo.notaryIdentity + private fun sign(bits: ByteArray): DigitalSignature.WithKey { val mySigningKey = serviceHub.notaryIdentityKey - return mySigningKey.signWithECDSA(bits, myIdentity) + return mySigningKey.signWithECDSA(bits) } } @@ -153,7 +151,7 @@ object NotaryProtocol { sealed class Result { class Error(val error: NotaryError): Result() - class Success(val sig: DigitalSignature.LegallyIdentifiable) : Result() + class Success(val sig: DigitalSignature.WithKey) : Result() } } diff --git a/core/src/main/kotlin/net/corda/protocols/TwoPartyDealProtocol.kt b/core/src/main/kotlin/net/corda/protocols/TwoPartyDealProtocol.kt index 13d392e9a0..1d001ae098 100644 --- a/core/src/main/kotlin/net/corda/protocols/TwoPartyDealProtocol.kt +++ b/core/src/main/kotlin/net/corda/protocols/TwoPartyDealProtocol.kt @@ -41,7 +41,7 @@ object TwoPartyDealProtocol { // This object is serialised to the network and is the first protocol message the seller sends to the buyer. data class Handshake(val payload: T, val publicKey: PublicKeyTree) - class SignaturesFromPrimary(val sellerSig: DigitalSignature.WithKey, val notarySig: DigitalSignature.LegallyIdentifiable) + class SignaturesFromPrimary(val sellerSig: DigitalSignature.WithKey, val notarySig: DigitalSignature.WithKey) /** * [Primary] at the end sends the signed tx to all the regulator parties. This a seperate workflow which needs a @@ -160,7 +160,7 @@ object TwoPartyDealProtocol { } @Suspendable - private fun getNotarySignature(stx: SignedTransaction): DigitalSignature.LegallyIdentifiable { + private fun getNotarySignature(stx: SignedTransaction): DigitalSignature.WithKey { progressTracker.currentStep = NOTARY return subProtocol(NotaryProtocol.Client(stx)) } @@ -172,7 +172,7 @@ object TwoPartyDealProtocol { @Suspendable private fun sendSignatures(allPartySignedTx: SignedTransaction, ourSignature: DigitalSignature.WithKey, - notarySignature: DigitalSignature.LegallyIdentifiable): SignedTransaction { + notarySignature: DigitalSignature.WithKey): SignedTransaction { progressTracker.currentStep = SENDING_SIGS val fullySigned = allPartySignedTx + notarySignature diff --git a/finance/src/main/kotlin/net/corda/protocols/TwoPartyTradeProtocol.kt b/finance/src/main/kotlin/net/corda/protocols/TwoPartyTradeProtocol.kt index 21a42f6e9f..4e2547d742 100644 --- a/finance/src/main/kotlin/net/corda/protocols/TwoPartyTradeProtocol.kt +++ b/finance/src/main/kotlin/net/corda/protocols/TwoPartyTradeProtocol.kt @@ -55,7 +55,7 @@ object TwoPartyTradeProtocol { ) data class SignaturesFromSeller(val sellerSig: DigitalSignature.WithKey, - val notarySig: DigitalSignature.LegallyIdentifiable) + val notarySig: DigitalSignature.WithKey) open class Seller(val otherParty: Party, val notaryNode: NodeInfo, @@ -90,7 +90,7 @@ object TwoPartyTradeProtocol { } @Suspendable - private fun getNotarySignature(stx: SignedTransaction): DigitalSignature.LegallyIdentifiable { + private fun getNotarySignature(stx: SignedTransaction): DigitalSignature.WithKey { progressTracker.currentStep = NOTARY return subProtocol(NotaryProtocol.Client(stx)) } @@ -142,7 +142,7 @@ object TwoPartyTradeProtocol { @Suspendable private fun sendSignatures(allPartySignedTx: SignedTransaction, ourSignature: DigitalSignature.WithKey, - notarySignature: DigitalSignature.LegallyIdentifiable): SignedTransaction { + notarySignature: DigitalSignature.WithKey): SignedTransaction { progressTracker.currentStep = SENDING_SIGS val fullySigned = allPartySignedTx + notarySignature diff --git a/node/src/test/kotlin/net/corda/node/services/NotaryServiceTests.kt b/node/src/test/kotlin/net/corda/node/services/NotaryServiceTests.kt index ebaad2eb0a..f3bb67a55a 100644 --- a/node/src/test/kotlin/net/corda/node/services/NotaryServiceTests.kt +++ b/node/src/test/kotlin/net/corda/node/services/NotaryServiceTests.kt @@ -5,8 +5,8 @@ import net.corda.core.contracts.DummyContract import net.corda.core.contracts.StateAndRef import net.corda.core.contracts.StateRef import net.corda.core.contracts.TransactionType -import net.corda.core.node.services.ServiceInfo import net.corda.core.crypto.DigitalSignature +import net.corda.core.node.services.ServiceInfo import net.corda.core.seconds import net.corda.core.transactions.SignedTransaction import net.corda.core.utilities.DUMMY_NOTARY @@ -108,7 +108,7 @@ class NotaryServiceTests { } - private fun runNotaryClient(stx: SignedTransaction): ListenableFuture { + private fun runNotaryClient(stx: SignedTransaction): ListenableFuture { val protocol = NotaryProtocol.Client(stx) val future = clientNode.services.startProtocol(protocol) net.runNetwork() diff --git a/node/src/test/kotlin/net/corda/node/services/ValidatingNotaryServiceTests.kt b/node/src/test/kotlin/net/corda/node/services/ValidatingNotaryServiceTests.kt index 161d8ce8ca..00ff339048 100644 --- a/node/src/test/kotlin/net/corda/node/services/ValidatingNotaryServiceTests.kt +++ b/node/src/test/kotlin/net/corda/node/services/ValidatingNotaryServiceTests.kt @@ -78,7 +78,7 @@ class ValidatingNotaryServiceTests { assertEquals(setOf(expectedMissingKey), missingKeys) } - private fun runClient(stx: SignedTransaction): ListenableFuture { + private fun runClient(stx: SignedTransaction): ListenableFuture { val protocol = NotaryProtocol.Client(stx) val future = clientNode.services.startProtocol(protocol) net.runNetwork()