ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-05-18 16:33:26 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #6523 from corda/wz/merge-os-45-46-2020-07-28

Browse Source 
NOTICK: Merging forward updates from OS 4.5 to OS 4.6
This commit is contained in:
Ross Nicoll 2020-07-28 16:50:00 +01:00 committed by GitHub
commit c91dba83d3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 60 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.ci/dev/publish-api-docs/Jenkinsfile vendored
View File

@ -1,5 +1,15 @@
@Library('corda-shared-build-pipeline-steps') #!groovy
/**
* Jenkins pipeline to build Corda OS KDoc & Javadoc archive
*/
/**
* Kill already started job.
* Assume new commit takes precendence and results from previous
* unfinished builds are not required.
* This feature doesn't play well with disableConcurrentBuilds() option
*/
@Library('corda-shared-build-pipeline-steps')
import static com.r3.build.BuildControl.killAllExistingBuildsForJob import static com.r3.build.BuildControl.killAllExistingBuildsForJob
killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger()) killAllExistingBuildsForJob(env.JOB_NAME, env.BUILD_NUMBER.toInteger())
@ -10,6 +20,7 @@ pipeline {
ansiColor('xterm') ansiColor('xterm')
timestamps() timestamps()
timeout(time: 3, unit: 'HOURS') timeout(time: 3, unit: 'HOURS')
buildDiscarder(logRotator(daysToKeepStr: '14', artifactDaysToKeepStr: '14'))
} }
environment { environment {
@ -20,7 +31,7 @@ pipeline {
stages { stages {
stage('Publish Archived API Docs to Artifactory') { stage('Publish Archived API Docs to Artifactory') {
when { tag pattern: /^release-os-V(\d+\.\d+)(\.\d+){0,1}(-GA){0,1}(-\d{4}-\d\d-\d\d-\d{4}){0,1}$/, comparator: 'REGEXP' } when { tag pattern: /^docs-release-os-V(\d+\.\d+)(\.\d+){0,1}(-GA){0,1}(-\d{4}-\d\d-\d\d-\d{4}){0,1}$/, comparator: 'REGEXP' }
steps { steps {
sh "./gradlew :clean :docs:artifactoryPublish -DpublishApiDocs" sh "./gradlew :clean :docs:artifactoryPublish -DpublishApiDocs"
} }

4
build.gradle
View File

@ -62,8 +62,8 @@ buildscript {
ext.asm_version = '7.1' ext.asm_version = '7.1'
ext.artemis_version = '2.6.2' ext.artemis_version = '2.6.2'
// TODO Upgrade Jackson only when corda is using kotlin 1.3.10 // TODO Upgrade to Jackson 2.10+ only when corda is using kotlin 1.3.10
ext.jackson_version = '2.9.7' ext.jackson_version = '2.9.8'
ext.jetty_version = '9.4.19.v20190610' ext.jetty_version = '9.4.19.v20190610'
ext.jersey_version = '2.25' ext.jersey_version = '2.25'
ext.servlet_version = '4.0.1' ext.servlet_version = '4.0.1'

19
node-api/src/main/kotlin/net/corda/nodeapi/internal/crypto/ContentSignerBuilder.kt
View File

@ -6,6 +6,7 @@ import net.corda.core.crypto.internal.Instances
import org.bouncycastle.asn1.x509.AlgorithmIdentifier import org.bouncycastle.asn1.x509.AlgorithmIdentifier
import org.bouncycastle.operator.ContentSigner import org.bouncycastle.operator.ContentSigner
import java.io.OutputStream import java.io.OutputStream
import java.security.InvalidKeyException
import java.security.PrivateKey import java.security.PrivateKey
import java.security.Provider import java.security.Provider
import java.security.SecureRandom import java.security.SecureRandom
@ -24,14 +25,18 @@ object ContentSignerBuilder {
else else
Signature.getInstance(signatureScheme.signatureName, provider) Signature.getInstance(signatureScheme.signatureName, provider)
val sig = signatureInstance.apply { val sig = try {
// TODO special handling for Sphincs due to a known BouncyCastle's Sphincs bug we reported. signatureInstance.apply {
// It is fixed in BC 161b12, so consider updating the below if-statement after updating BouncyCastle. // TODO special handling for Sphincs due to a known BouncyCastle's Sphincs bug we reported.
if (random != null && signatureScheme != SPHINCS256_SHA256) { // It is fixed in BC 161b12, so consider updating the below if-statement after updating BouncyCastle.
initSign(privateKey, random) if (random != null && signatureScheme != SPHINCS256_SHA256) {
} else { initSign(privateKey, random)
initSign(privateKey) } else {
initSign(privateKey)
}
} }
} catch(ex: InvalidKeyException) {
throw InvalidKeyException("Incorrect key type ${privateKey.algorithm} for signature scheme ${signatureInstance.algorithm}", ex)
} }
return object : ContentSigner { return object : ContentSigner {
private val stream = SignatureOutputStream(sig, optimised) private val stream = SignatureOutputStream(sig, optimised)

33
node-api/src/test/kotlin/net/corda/nodeapi/internal/crypto/ContentSignerBuilderTest.kt Normal file
View File

@ -0,0 +1,33 @@
package net.corda.nodeapi.internal.crypto
import net.corda.core.crypto.Crypto
import org.assertj.core.api.Assertions.assertThatExceptionOfType
import org.junit.Test
import java.math.BigInteger
import java.security.InvalidKeyException
class ContentSignerBuilderTest {
companion object {
private const val entropy = "20200723"
}
@Test(timeout = 300_000)
fun `should build content signer for valid eddsa key`() {
val signatureScheme = Crypto.EDDSA_ED25519_SHA512
val provider = Crypto.findProvider(signatureScheme.providerName)
val issuerKeyPair = Crypto.deriveKeyPairFromEntropy(signatureScheme, BigInteger(entropy))
ContentSignerBuilder.build(signatureScheme, issuerKeyPair.private, provider)
}
@Test(timeout = 300_000)
fun `should fail to build content signer for incorrect key type`() {
val signatureScheme = Crypto.EDDSA_ED25519_SHA512
val provider = Crypto.findProvider(signatureScheme.providerName)
val issuerKeyPair = Crypto.deriveKeyPairFromEntropy(Crypto.ECDSA_SECP256R1_SHA256, BigInteger(entropy))
assertThatExceptionOfType(InvalidKeyException::class.java)
.isThrownBy {
ContentSignerBuilder.build(signatureScheme, issuerKeyPair.private, provider)
}
.withMessage("Incorrect key type EC for signature scheme NONEwithEdDSA")
}
}