ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-06-18 23:28:21 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Clean up CordaX500Name (#1487)

Browse Source 
* Remove unused imports
* Move X500 name generation into test code as it's no longer used in the main code
This commit is contained in:
Ross Nicoll
2017-09-12 13:08:43 +01:00
committed by GitHub
parent de3468f8a7
commit c18b0ecdc3
23 changed files with 50 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
node/src/integration-test/kotlin/net/corda/services/messaging/P2PSecurityTest.kt
View File

@ -5,7 +5,10 @@ import net.corda.core.concurrent.CordaFuture
import net.corda.core.crypto.random63BitValue
import net.corda.core.identity.CordaX500Name
import net.corda.core.node.NodeInfo
import net.corda.core.utilities.*
import net.corda.core.utilities.NonEmptySet
import net.corda.core.utilities.cert
import net.corda.core.utilities.getOrThrow
import net.corda.core.utilities.seconds
import net.corda.node.internal.NetworkMapInfo
import net.corda.node.services.config.configureWithDevSSLCertificate
import net.corda.node.services.messaging.sendRequest

4
node/src/main/kotlin/net/corda/node/internal/AbstractNode.kt
View File

@ -737,8 +737,8 @@ abstract class AbstractNode(open val configuration: NodeConfiguration,
}
}
val subject = certificates[0].toX509CertHolder().subject
if (subject != name.x500Name)
val subject = CordaX500Name.build(certificates[0].toX509CertHolder().subject)
if (subject != name)
throw ConfigurationException("The name for $id doesn't match what's in the key store: $name vs $subject")
partyKeys += keys

1
node/src/main/kotlin/net/corda/node/internal/NodeStartup.kt
View File

@ -7,7 +7,6 @@ import net.corda.core.internal.*
import net.corda.core.internal.concurrent.thenMatch
import net.corda.core.node.services.ServiceInfo
import net.corda.core.utilities.loggerFor
import net.corda.core.utilities.organisation
import net.corda.node.*
import net.corda.node.services.config.FullNodeConfiguration
import net.corda.node.services.transactions.bftSMaRtSerialFilter

2
node/src/main/kotlin/net/corda/node/services/keys/KMSUtils.kt
View File

@ -1,9 +1,9 @@
package net.corda.node.services.keys
import net.corda.core.crypto.Crypto
import net.corda.core.utilities.cert
import net.corda.core.identity.PartyAndCertificate
import net.corda.core.node.services.IdentityService
import net.corda.core.utilities.cert
import net.corda.core.utilities.days
import net.corda.node.utilities.CertificateType
import net.corda.node.utilities.ContentSignerBuilder

5
node/src/main/kotlin/net/corda/node/services/messaging/ArtemisMessagingServer.kt
View File

@ -507,8 +507,9 @@ private class VerifyingNettyConnector(configuration: MutableMap<String, Any>,
}
// Make sure certificate has the same name.
val peerCertificate = session.peerCertificateChain[0].toX509CertHolder()
require(peerCertificate.subject == expectedLegalName.x500Name) {
"Peer has wrong subject name in the certificate - expected $expectedLegalName but got ${peerCertificate.subject}. This is either a fatal " +
val peerCertificateName = CordaX500Name.build(peerCertificate.subject)
require(peerCertificateName == expectedLegalName) {
"Peer has wrong subject name in the certificate - expected $expectedLegalName but got $peerCertificateName. This is either a fatal " +
"misconfiguration by the remote peer or an SSL man-in-the-middle attack!"
}
X509Utilities.validateCertificateChain(session.localCertificates.last().toX509CertHolder(), *session.peerCertificates)

1
node/src/main/kotlin/net/corda/node/shell/FlowWatchPrintingSubscriber.kt
View File

@ -1,6 +1,5 @@
package net.corda.node.shell
import net.corda.core.utilities.organisation
import net.corda.core.flows.FlowInitiator
import net.corda.core.flows.StateMachineRunId
import net.corda.core.internal.concurrent.openFuture

1
node/src/test/kotlin/net/corda/node/services/config/FullNodeConfigurationTest.kt
View File

@ -1,6 +1,5 @@
package net.corda.node.services.config
import net.corda.core.utilities.organisation
import net.corda.core.utilities.NetworkHostAndPort
import net.corda.nodeapi.User
import net.corda.testing.ALICE

9
node/src/test/kotlin/net/corda/node/utilities/X509UtilitiesTest.kt
View File

@ -9,18 +9,13 @@ import net.corda.core.serialization.SerializationContext
import net.corda.core.serialization.deserialize
import net.corda.core.serialization.serialize
import net.corda.core.utilities.cert
import net.corda.core.utilities.commonName
import net.corda.core.utilities.getX500Name
import net.corda.node.serialization.KryoServerSerializationScheme
import net.corda.node.services.config.createKeystoreForCordaNode
import net.corda.nodeapi.internal.serialization.AllWhitelist
import net.corda.nodeapi.internal.serialization.KryoHeaderV0_1
import net.corda.nodeapi.internal.serialization.SerializationContextImpl
import net.corda.nodeapi.internal.serialization.SerializationFactoryImpl
import net.corda.testing.ALICE
import net.corda.testing.BOB
import net.corda.testing.BOB_PUBKEY
import net.corda.testing.MEGA_CORP
import net.corda.testing.*
import org.bouncycastle.asn1.x500.X500Name
import org.bouncycastle.asn1.x509.BasicConstraints
import org.bouncycastle.asn1.x509.Extension
@ -58,7 +53,7 @@ class X509UtilitiesTest {
fun `create valid self-signed CA certificate`() {
val caKey = generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME)
val caCert = X509Utilities.createSelfSignedCACertificate(getX500Name(CN = "Test Cert", O = "R3 Ltd", L = "London", C = "GB"), caKey)
assertTrue { caCert.subject.commonName == "Test Cert" } // using our subject common name
assertEquals(X500Name("CN=Test Cert,O=R3 Ltd,L=London,C=GB"), caCert.subject)
assertEquals(caCert.issuer, caCert.subject) //self-signed
caCert.isValidOn(Date()) // throws on verification problems
caCert.isSignatureValid(JcaContentVerifierProviderBuilder().build(caKey.public)) // throws on verification problems

4
node/src/test/kotlin/net/corda/node/utilities/registration/NetworkisRegistrationHelperTest.kt
View File

@ -5,18 +5,16 @@ import com.nhaarman.mockito_kotlin.eq
import com.nhaarman.mockito_kotlin.mock
import net.corda.core.crypto.Crypto
import net.corda.core.crypto.SecureHash
import net.corda.core.identity.CordaX500Name
import net.corda.core.internal.exists
import net.corda.core.internal.toTypedArray
import net.corda.core.internal.toX509CertHolder
import net.corda.core.utilities.cert
import net.corda.core.utilities.commonName
import net.corda.core.utilities.getX500Name
import net.corda.node.utilities.X509Utilities
import net.corda.node.utilities.loadKeyStore
import net.corda.testing.ALICE
import net.corda.testing.getX500Name
import net.corda.testing.testNodeConfiguration
import org.bouncycastle.asn1.x500.X500Name
import org.junit.Rule
import org.junit.Test
import org.junit.rules.TemporaryFolder