From 6c2cfc3880f29280f0fac903cdd1ba35637d1ecf Mon Sep 17 00:00:00 2001 From: Michal Kit Date: Wed, 4 Apr 2018 14:33:40 +0100 Subject: [PATCH] ENT-1732 Preventing non-notaries composite keys being submitted in node info (#676) * Preventing non-notaries composite keys being submitted in node info * Addressing review comments --- .../doorman/webservice/NetworkMapWebService.kt | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NetworkMapWebService.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NetworkMapWebService.kt index 06a16e19e9..37d1f439aa 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NetworkMapWebService.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NetworkMapWebService.kt @@ -16,6 +16,7 @@ import com.r3.corda.networkmanage.common.persistence.NetworkMapStorage import com.r3.corda.networkmanage.common.persistence.NodeInfoStorage import com.r3.corda.networkmanage.doorman.NetworkMapConfig import com.r3.corda.networkmanage.doorman.webservice.NetworkMapWebService.Companion.NETWORK_MAP_PATH +import net.corda.core.crypto.CompositeKey import net.corda.core.crypto.SecureHash import net.corda.core.crypto.SignedData import net.corda.core.crypto.sha256 @@ -92,7 +93,7 @@ class NetworkMapWebService(private val nodeInfoStorage: NodeInfoStorage, is NetworkMapNotInitialisedException -> status(Response.Status.SERVICE_UNAVAILABLE).entity(e.message) is InvalidPlatformVersionException -> status(Response.Status.BAD_REQUEST).entity(e.message) is InvalidKeyException, is SignatureException -> status(Response.Status.UNAUTHORIZED).entity(e.message) - // Rethrow e if its not one of the expected exception, the server will return http 500 internal error. + // Rethrow e if its not one of the expected exception, the server will return http 500 internal error. else -> throw e } }.build() @@ -153,6 +154,7 @@ class NetworkMapWebService(private val nodeInfoStorage: NodeInfoStorage, } private fun verifyNodeInfo(nodeInfo: NodeInfo) { + checkCompositeKeys(nodeInfo) val minimumPlatformVersion = currentNetworkParameters?.minimumPlatformVersion ?: throw NetworkMapNotInitialisedException("Network parameters have not been initialised") if (nodeInfo.platformVersion < minimumPlatformVersion) { @@ -160,6 +162,16 @@ class NetworkMapWebService(private val nodeInfoStorage: NodeInfoStorage, } } + private fun checkCompositeKeys(nodeInfo: NodeInfo) { + val compositeKeyIdentities = nodeInfo.legalIdentities.filter { it.owningKey is CompositeKey } + if (compositeKeyIdentities.isEmpty()) { + return + } + val parameters = checkNotNull(currentNetworkParameters) { "Network parameters not available." } + val notaryIdentities = parameters.notaries.map { it.identity } + require(notaryIdentities.containsAll(compositeKeyIdentities)) { "A composite key needs to belong to a notary." } + } + private fun createResponse(payload: Any?, addCacheTimeout: Boolean = false): Response { return if (payload != null) { val ok = Response.ok(payload.serialize().bytes)