mirror of
https://github.com/corda/corda.git
synced 2024-12-18 20:47:57 +00:00
Merging forward updates from release/os/4.10 to release/os/4.11 - 2024-11-07
This commit is contained in:
commit
b6dbd51326
@ -110,10 +110,11 @@ object AutomaticPlaceholderConstraint : AttachmentConstraint {
|
||||
* @property key A [PublicKey] that must be fulfilled by the owning keys of the attachment's signing parties.
|
||||
*/
|
||||
data class SignatureAttachmentConstraint(val key: PublicKey) : AttachmentConstraint {
|
||||
override fun isSatisfiedBy(attachment: Attachment): Boolean {
|
||||
override fun isSatisfiedBy(attachment: Attachment) = isSatisfiedBy(attachment, disableWarnings = false)
|
||||
fun isSatisfiedBy(attachment: Attachment, disableWarnings: Boolean): Boolean {
|
||||
log.debug("Checking signature constraints: verifying $key in contract attachment signer keys: ${attachment.signerKeys}")
|
||||
return if (!key.isFulfilledBy(attachment.signerKeys.map { it })) {
|
||||
log.warn("Untrusted signing key: expected $key. but contract attachment contains ${attachment.signerKeys}")
|
||||
if (!disableWarnings) log.warn("Untrusted signing key: expected $key. but contract attachment contains ${attachment.signerKeys}")
|
||||
false
|
||||
} else true
|
||||
}
|
||||
@ -128,3 +129,11 @@ data class SignatureAttachmentConstraint(val key: PublicKey) : AttachmentConstra
|
||||
fun create(key: PublicKey) = interner.intern(SignatureAttachmentConstraint(key))
|
||||
}
|
||||
}
|
||||
|
||||
fun isSatisfiedByWithNoWarnForSigConstraint(constraint: AttachmentConstraint, attachment: Attachment): Boolean {
|
||||
return if (constraint is SignatureAttachmentConstraint) {
|
||||
constraint.isSatisfiedBy(attachment, true)
|
||||
} else {
|
||||
constraint.isSatisfiedBy(attachment)
|
||||
}
|
||||
}
|
||||
|
@ -30,6 +30,7 @@ import net.corda.core.contracts.TransactionVerificationException.TransactionMiss
|
||||
import net.corda.core.contracts.TransactionVerificationException.TransactionNonMatchingEncumbranceException
|
||||
import net.corda.core.contracts.TransactionVerificationException.TransactionNotaryMismatchEncumbranceException
|
||||
import net.corda.core.contracts.TransactionVerificationException.TransactionRequiredContractUnspecifiedException
|
||||
import net.corda.core.contracts.isSatisfiedByWithNoWarnForSigConstraint
|
||||
import net.corda.core.crypto.CompositeKey
|
||||
import net.corda.core.crypto.SecureHash
|
||||
import net.corda.core.internal.rules.StateContractValidationEnforcementRule
|
||||
@ -427,7 +428,7 @@ private class Validator(private val ltx: LedgerTransaction, private val transact
|
||||
|
||||
if (HashAttachmentConstraint.disableHashConstraints && constraint is HashAttachmentConstraint)
|
||||
logger.warnOnce("Skipping hash constraints verification.")
|
||||
else if (!constraint.isSatisfiedBy(constraintAttachment)) {
|
||||
else if (!isSatisfiedByWithNoWarnForSigConstraint(constraint, constraintAttachment)) {
|
||||
verifyConstraintUsingRotatedKeys(constraint, constraintAttachment, contract)
|
||||
}
|
||||
}
|
||||
|
@ -571,7 +571,7 @@ open class TransactionBuilder(
|
||||
|
||||
// Sanity check that the selected attachment actually passes.
|
||||
|
||||
if (!defaultOutputConstraint.isSatisfiedBy(constraintAttachment)) {
|
||||
if (!isSatisfiedByWithNoWarnForSigConstraint(defaultOutputConstraint, constraintAttachment)) {
|
||||
// The defaultOutputConstraint is the input constraint by the attachment in use currently may have a rotated key
|
||||
if (defaultOutputConstraint is SignatureAttachmentConstraint && (getRotatedKeys(serviceHub).canBeTransitioned(defaultOutputConstraint.key, constraintAttachment.signerKeys))) {
|
||||
return Pair(makeSignatureAttachmentConstraint(attachmentToUse.signerKeys), constraintAttachment)
|
||||
|
Loading…
Reference in New Issue
Block a user