diff --git a/network-management/hsm-for-doorman.conf b/network-management/hsm-for-doorman.conf index e6573a00f5..33cb6795a0 100644 --- a/network-management/hsm-for-doorman.conf +++ b/network-management/hsm-for-doorman.conf @@ -4,7 +4,7 @@ keySpecifier = -1 doorman { crlDistributionPoint = "http://test.com/revoked.crl" - compatibilityZoneURL = "http://test.com/api" + crlServerSocketAddress = "test.com:2333" crlUpdatePeriod = 200000 validDays = 3650 rootKeyStoreFile = "dummyfile.jks" diff --git a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt index 81acdade75..f0490c1984 100644 --- a/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/common/HsmBaseTest.kt @@ -24,6 +24,7 @@ import com.r3.corda.networkmanage.hsm.generator.GeneratorParameters import com.r3.corda.networkmanage.hsm.generator.UserAuthenticationParameters import net.corda.core.crypto.random63BitValue import net.corda.core.internal.div +import net.corda.core.utilities.NetworkHostAndPort import net.corda.nodeapi.internal.crypto.CertificateType import org.junit.Before import org.junit.Rule @@ -146,7 +147,7 @@ abstract class HsmBaseTest { validDays = 3650, rootKeyStorePassword = TRUSTSTORE_PASSWORD, crlDistributionPoint = URL("http://test.com/revoked.crl"), - compatibilityZoneURL = URL("http://test.com/api"), + crlServerSocketAddress = NetworkHostAndPort("test.com", 4555), crlUpdatePeriod = 1000, authParameters = AuthParametersConfig( mode = SigningServiceAuthMode.PASSWORD, diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/sockets/CertificateRevocationListSubmission.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/sockets/CertificateRevocationListSubmission.kt new file mode 100644 index 0000000000..5e11c50a45 --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/sockets/CertificateRevocationListSubmission.kt @@ -0,0 +1,10 @@ +package com.r3.corda.networkmanage.common.sockets + +import net.corda.core.serialization.CordaSerializable +import java.security.cert.X509CRL +import java.time.Instant + +@CordaSerializable +data class CertificateRevocationListSubmission(val list: X509CRL, + val signer: String, + val revocationTime: Instant) \ No newline at end of file diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/sockets/CrrSocketMessage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/sockets/CrrSocketMessage.kt new file mode 100644 index 0000000000..6212e86b4b --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/sockets/CrrSocketMessage.kt @@ -0,0 +1,28 @@ +package com.r3.corda.networkmanage.common.sockets + +import com.r3.corda.networkmanage.common.persistence.RequestStatus +import net.corda.core.serialization.CordaSerializable +import java.security.cert.X509CRL + +@CordaSerializable +interface CrrSocketMessage + +/** + * CRL retrieval message type + */ +class CrlRetrievalMessage : CrrSocketMessage + +/** + * CRL response message type + */ +data class CrlResponseMessage(val crl: X509CRL?) : CrrSocketMessage + +/** + * CRL submission message type + */ +class CrlSubmissionMessage : CrrSocketMessage + +/** + * By status CRRs retrieval message type + */ +data class CrrsByStatusMessage(val status: RequestStatus) : CrrSocketMessage \ No newline at end of file diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/SocketUtils.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/SocketUtils.kt new file mode 100644 index 0000000000..540f1f3d06 --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/SocketUtils.kt @@ -0,0 +1,26 @@ +package com.r3.corda.networkmanage.common.utils + +import net.corda.core.serialization.deserialize +import net.corda.core.serialization.serialize +import java.io.DataInputStream +import java.io.DataOutputStream +import java.io.InputStream +import java.io.OutputStream + +inline fun InputStream.readObject(): T { + DataInputStream(this).run { + val messageSize = this.readInt() + val messageBytes = ByteArray(messageSize) + this.read(messageBytes) + return messageBytes.deserialize() + } +} + +fun OutputStream.writeObject(message: Any) { + DataOutputStream(this).run { + val messageBytes = message.serialize().bytes + this.writeInt(messageBytes.size) + this.write(messageBytes) + this.flush() + } +} \ No newline at end of file diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/sockets/CertificateRevocationSocketServer.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/sockets/CertificateRevocationSocketServer.kt new file mode 100644 index 0000000000..b13383a0ce --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/sockets/CertificateRevocationSocketServer.kt @@ -0,0 +1,87 @@ +package com.r3.corda.networkmanage.doorman.sockets + +import com.google.common.util.concurrent.MoreExecutors.shutdownAndAwaitTermination +import com.r3.corda.networkmanage.common.persistence.CertificateRevocationListStorage +import com.r3.corda.networkmanage.common.persistence.CertificateRevocationRequestStorage +import com.r3.corda.networkmanage.common.persistence.CrlIssuer +import com.r3.corda.networkmanage.common.sockets.* +import com.r3.corda.networkmanage.common.utils.readObject +import com.r3.corda.networkmanage.common.utils.writeObject +import net.corda.core.utilities.contextLogger +import net.corda.core.utilities.seconds +import java.net.ServerSocket +import java.util.concurrent.Executors +import java.util.concurrent.TimeUnit + +class CertificateRevocationSocketServer(val port: Int, + private val crlStorage: CertificateRevocationListStorage, + private val crrStorage: CertificateRevocationRequestStorage) : AutoCloseable { + private companion object { + private val logger = contextLogger() + + private val RECONNECT_INTERVAL = 10.seconds.toMillis() + } + + private val executor = Executors.newSingleThreadScheduledExecutor() + + @Volatile + private var isRunning = false + + fun start() { + check(!isRunning) { "The server has already been started." } + isRunning = true + executor.submit { + while (isRunning) { + try { + listen() + } catch (e: Exception) { + logger.error("Socket execution error.", e) + if (isRunning) { + logger.info("Server socket will be recreated in $RECONNECT_INTERVAL milliseconds") + Thread.sleep(RECONNECT_INTERVAL) + logger.info("Recreating server socket...") + } + } + } + } + } + + override fun close() { + isRunning = false + shutdownAndAwaitTermination(executor, RECONNECT_INTERVAL, TimeUnit.MILLISECONDS) + } + + private fun listen() { + ServerSocket(port).use { + logger.info("Server socket is running.") + while (isRunning) { + logger.debug("Waiting for socket data...") + val acceptedSocket = it.accept() + acceptedSocket.use { + val message = it.getInputStream().readObject() + logger.debug("Received message type is $message.") + acceptedSocket.getOutputStream().let { + when (message) { + is CrlRetrievalMessage -> { + val crl = crlStorage.getCertificateRevocationList(CrlIssuer.DOORMAN) + it.writeObject(CrlResponseMessage(crl)) + logger.debug("Sending the current certificate revocation list.") + } + is CrrsByStatusMessage -> { + it.writeObject(crrStorage.getRevocationRequests(message.status)) + logger.debug("Sending ${message.status.name} certificate revocation requests.") + } + is CrlSubmissionMessage -> { + val crlSubmission = acceptedSocket.getInputStream().readObject() + crlStorage.saveCertificateRevocationList(crlSubmission.list, CrlIssuer.DOORMAN, crlSubmission.signer, crlSubmission.revocationTime) + } + else -> logger.warn("Unknown message type $message") + } + } + } + } + } + } + + +} \ No newline at end of file diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/CertificateRevocationListWebService.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/CertificateRevocationListWebService.kt index e7fdea914d..c037be93cb 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/CertificateRevocationListWebService.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/CertificateRevocationListWebService.kt @@ -6,7 +6,6 @@ import com.r3.corda.networkmanage.common.persistence.CertificateRevocationListSt import com.r3.corda.networkmanage.common.persistence.CrlIssuer import com.r3.corda.networkmanage.doorman.webservice.CertificateRevocationListWebService.Companion.CRL_PATH import net.corda.core.utilities.contextLogger -import java.util.concurrent.ExecutionException import java.util.concurrent.TimeUnit import javax.ws.rs.GET import javax.ws.rs.Path diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt index a7032ed9ef..ec944ad6dc 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt @@ -62,6 +62,6 @@ fun main(args: Array) { } else if (config.doorman != null) { CsrProcessor(config.doorman, config.device, config.keySpecifier, persistence).showMenu() } else if (config.doorman != null) { - CrrProcessor(config.doorman, config.device, config.keySpecifier, persistence).showMenu() + CrrProcessor(config.doorman, config.device, config.keySpecifier).showMenu() } } diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/SigningServiceConfig.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/SigningServiceConfig.kt index 2ce0db043a..b4f01a1486 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/SigningServiceConfig.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/SigningServiceConfig.kt @@ -20,9 +20,11 @@ import joptsimple.OptionParser import joptsimple.util.PathConverter import joptsimple.util.PathProperties import net.corda.core.internal.div +import net.corda.core.utilities.NetworkHostAndPort import net.corda.nodeapi.internal.config.parseAs import net.corda.nodeapi.internal.crypto.X509KeyStore import net.corda.nodeapi.internal.persistence.DatabaseConfig +import java.net.InetAddress import java.net.URL import java.nio.file.Path import java.nio.file.Paths @@ -56,7 +58,7 @@ data class NetworkMapCertificateConfig(val username: String, * Certificate signing requests process specific parameters. */ data class DoormanCertificateConfig(val crlDistributionPoint: URL, - val compatibilityZoneURL: URL, + val crlServerSocketAddress: NetworkHostAndPort, val crlUpdatePeriod: Long, val keyGroup:String, val validDays: Int, diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/processor/CrrProcessor.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/processor/CrrProcessor.kt index 355ca12aee..9d95b5962c 100644 --- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/processor/CrrProcessor.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/processor/CrrProcessor.kt @@ -1,26 +1,22 @@ package com.r3.corda.networkmanage.hsm.processor -import com.google.common.net.HostAndPort import com.r3.corda.networkmanage.common.persistence.CrlIssuer -import com.r3.corda.networkmanage.common.persistence.PersistentCertificateRevocationListStorage -import com.r3.corda.networkmanage.common.persistence.PersistentCertificateRevocationRequestStorage -import com.r3.corda.networkmanage.common.persistence.RequestStatus import com.r3.corda.networkmanage.common.signer.CertificateRevocationListSigner import com.r3.corda.networkmanage.hsm.authentication.Authenticator import com.r3.corda.networkmanage.hsm.authentication.createProvider import com.r3.corda.networkmanage.hsm.configuration.DoormanCertificateConfig import com.r3.corda.networkmanage.hsm.menu.Menu import com.r3.corda.networkmanage.hsm.signer.HsmSigner +import com.r3.corda.networkmanage.hsm.sockets.SocketCertificateRevocationList +import com.r3.corda.networkmanage.hsm.sockets.CertificateRevocationRequestRetriever import com.r3.corda.networkmanage.hsm.utils.HsmX509Utilities.getAndInitializeKeyStore import net.corda.nodeapi.internal.crypto.X509Utilities.CORDA_INTERMEDIATE_CA import net.corda.nodeapi.internal.crypto.getX509Certificate -import net.corda.nodeapi.internal.persistence.CordaPersistence import java.time.Duration class CrrProcessor(private val config: DoormanCertificateConfig, private val device: String, - private val keySpecifier: Int, - private val persistance: CordaPersistence) : Processor() { + private val keySpecifier: Int) : Processor() { private companion object { private const val RESET = "\u001B[0m" private const val BLACK = "\u001B[30m" @@ -40,12 +36,12 @@ class CrrProcessor(private val config: DoormanCertificateConfig, mode = auth.mode, authStrengthThreshold = auth.threshold) Menu().withExceptionHandler(this::processError).setExitOption("2", "Quit").addItem("1", "View current and sign a new certificate revocation list", { - val crlStorage = PersistentCertificateRevocationListStorage(persistance) - val currentCrl = crlStorage.getCertificateRevocationList(CrlIssuer.DOORMAN) + val crlTransceiver = SocketCertificateRevocationList(config.crlServerSocketAddress) + val currentCrl = crlTransceiver.getCertificateRevocationList(CrlIssuer.DOORMAN) printlnColor("Current CRL:") printlnColor(currentCrl.toString(), YELLOW) - val crrStorage = PersistentCertificateRevocationRequestStorage(persistance) - val approvedRequests = crrStorage.getRevocationRequests(RequestStatus.APPROVED) + val crrRetriever = CertificateRevocationRequestRetriever(config.crlServerSocketAddress) + val approvedRequests = crrRetriever.retrieveApprovedCertificateRevocationRequests() if (approvedRequests.isEmpty()) { printlnColor("There are no approved Certificate Revocation Requests.", GREEN) } else { @@ -60,12 +56,12 @@ class CrrProcessor(private val config: DoormanCertificateConfig, val keyStore = getAndInitializeKeyStore(provider) val issuerCertificate = keyStore.getX509Certificate(CORDA_INTERMEDIATE_CA) val crlSigner = CertificateRevocationListSigner( - revocationListStorage = crlStorage, + revocationListStorage = crlTransceiver, issuerCertificate = issuerCertificate, updateInterval = Duration.ofMillis(config.crlUpdatePeriod), endpoint = config.crlDistributionPoint, signer = HsmSigner(provider = provider, keyName = CORDA_INTERMEDIATE_CA)) - val currentRequests = crrStorage.getRevocationRequests(RequestStatus.DONE) + val currentRequests = crrRetriever.retrieveDoneCertificateRevocationRequests() crlSigner.createSignedCRL(approvedRequests, currentRequests, signers.toString()) } }) diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/sockets/CertificateRevocationRequestRetriever.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/sockets/CertificateRevocationRequestRetriever.kt new file mode 100644 index 0000000000..0da2d7b1ff --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/sockets/CertificateRevocationRequestRetriever.kt @@ -0,0 +1,36 @@ +package com.r3.corda.networkmanage.hsm.sockets + +import com.r3.corda.networkmanage.common.persistence.CertificateRevocationRequestData +import com.r3.corda.networkmanage.common.persistence.RequestStatus +import com.r3.corda.networkmanage.common.sockets.CrrsByStatusMessage +import com.r3.corda.networkmanage.common.utils.readObject +import com.r3.corda.networkmanage.common.utils.writeObject +import net.corda.core.utilities.NetworkHostAndPort +import net.corda.core.utilities.contextLogger +import java.net.Socket + +class CertificateRevocationRequestRetriever(private val serverHostAndPort: NetworkHostAndPort) { + + private companion object { + private val logger = contextLogger() + } + + fun retrieveApprovedCertificateRevocationRequests(): List { + return retrieveCertificateRevocationRequests(RequestStatus.APPROVED) + } + + fun retrieveDoneCertificateRevocationRequests(): List { + return retrieveCertificateRevocationRequests(RequestStatus.DONE) + } + + private fun retrieveCertificateRevocationRequests(status: RequestStatus): List { + require(status == RequestStatus.DONE || status == RequestStatus.APPROVED) { "Allowed status values: APPROVED, DONE" } + return Socket(serverHostAndPort.host, serverHostAndPort.port).use { + it.getOutputStream().let { + logger.debug("Requesting $status certificate revocation requests...") + it.writeObject(CrrsByStatusMessage(status)) + } + it.getInputStream().readObject() + } + } +} \ No newline at end of file diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/sockets/SocketCertificateRevocationList.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/sockets/SocketCertificateRevocationList.kt new file mode 100644 index 0000000000..0dc722fcf2 --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/sockets/SocketCertificateRevocationList.kt @@ -0,0 +1,40 @@ +package com.r3.corda.networkmanage.hsm.sockets + +import com.r3.corda.networkmanage.common.persistence.CertificateRevocationListStorage +import com.r3.corda.networkmanage.common.persistence.CrlIssuer +import com.r3.corda.networkmanage.common.sockets.CertificateRevocationListSubmission +import com.r3.corda.networkmanage.common.sockets.CrlResponseMessage +import com.r3.corda.networkmanage.common.sockets.CrlRetrievalMessage +import com.r3.corda.networkmanage.common.sockets.CrlSubmissionMessage +import com.r3.corda.networkmanage.common.utils.readObject +import com.r3.corda.networkmanage.common.utils.writeObject +import net.corda.core.utilities.NetworkHostAndPort +import net.corda.core.utilities.contextLogger +import java.net.Socket +import java.security.cert.X509CRL +import java.time.Instant + +class SocketCertificateRevocationList(private val serverHostAndPort: NetworkHostAndPort) : CertificateRevocationListStorage { + + private companion object { + private val logger = contextLogger() + } + + override fun getCertificateRevocationList(crlIssuer: CrlIssuer): X509CRL? { + return Socket(serverHostAndPort.host, serverHostAndPort.port).use { + logger.debug("Requesting the current revocation list...") + it.getOutputStream().writeObject(CrlRetrievalMessage()) + it.getInputStream().readObject().crl + } + } + + override fun saveCertificateRevocationList(crl: X509CRL, crlIssuer: CrlIssuer, signedBy: String, revokedAt: Instant) { + Socket(serverHostAndPort.host, serverHostAndPort.port).use { + it.getOutputStream().let { + it.writeObject(CrlSubmissionMessage()) + logger.debug("Submitting a new revocation list...") + it.writeObject(CertificateRevocationListSubmission(crl, signedBy, revokedAt)) + } + } + } +} \ No newline at end of file diff --git a/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/sockets/CertificateRevocationSocketServerTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/sockets/CertificateRevocationSocketServerTest.kt new file mode 100644 index 0000000000..1945f0a177 --- /dev/null +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/sockets/CertificateRevocationSocketServerTest.kt @@ -0,0 +1,123 @@ +package com.r3.corda.networkmanage.doorman.sockets + +import com.nhaarman.mockito_kotlin.eq +import com.nhaarman.mockito_kotlin.mock +import com.r3.corda.networkmanage.common.persistence.* +import com.r3.corda.networkmanage.common.sockets.CrlResponseMessage +import com.r3.corda.networkmanage.common.sockets.CrlRetrievalMessage +import com.r3.corda.networkmanage.common.sockets.CrrsByStatusMessage +import com.r3.corda.networkmanage.common.utils.readObject +import com.r3.corda.networkmanage.common.utils.writeObject +import net.corda.core.crypto.Crypto +import net.corda.core.identity.CordaX500Name +import net.corda.core.internal.x500Name +import net.corda.nodeapi.internal.crypto.ContentSignerBuilder +import net.corda.testing.core.SerializationEnvironmentRule +import net.corda.testing.core.freePort +import net.corda.testing.internal.DEV_INTERMEDIATE_CA +import org.bouncycastle.cert.X509v2CRLBuilder +import org.bouncycastle.cert.jcajce.JcaX509CRLConverter +import org.bouncycastle.jce.provider.BouncyCastleProvider +import org.junit.After +import org.junit.Before +import org.junit.Rule +import org.junit.Test +import java.math.BigInteger +import java.net.Socket +import java.security.cert.CRLReason +import java.security.cert.X509CRL +import java.time.Instant +import java.util.* +import kotlin.test.assertEquals +import kotlin.test.assertNotNull + +class CertificateRevocationSocketServerTest { + + @Rule + @JvmField + val testSerialization = SerializationEnvironmentRule(true) + + private lateinit var crlStorage: CertificateRevocationListStorage + private lateinit var crrStorage: CertificateRevocationRequestStorage + private lateinit var server: CertificateRevocationSocketServer + + @Before + fun setUp() { + crlStorage = mock { + on { getCertificateRevocationList(eq(CrlIssuer.DOORMAN)) }.then { createCrl() } + } + crrStorage = mock { + on { getRevocationRequests(eq(RequestStatus.APPROVED)) }.then { listOf(createCertificateRevocationRequest(RequestStatus.APPROVED)) } + on { getRevocationRequests(eq(RequestStatus.DONE)) }.then { listOf(createCertificateRevocationRequest(RequestStatus.DONE)) } + } + server = CertificateRevocationSocketServer(freePort(), crlStorage, crrStorage) + server.start() + Thread.sleep(100) + } + + @After + fun tearDown() { + server.close() + } + + @Test + fun `crl is served correctly`() { + // given + + // when + val crl = Socket("localhost", server.port).use { + it.getOutputStream().writeObject(CrlRetrievalMessage()) + it.getInputStream().readObject().crl + } + + // then + assertNotNull(crl) + } + + @Test + fun `approved requests are served correctly`() { + // given + + // when + val approvedRequests = Socket("localhost", server.port).use { + it.getOutputStream().writeObject(CrrsByStatusMessage(RequestStatus.APPROVED)) + it.getInputStream().readObject>() + } + // then + assertNotNull(approvedRequests) + assertEquals(RequestStatus.APPROVED, approvedRequests.first().status) + } + + @Test + fun `done requests are served correctly`() { + // given + + // when + val doneRequests = Socket("localhost", server.port).use { + it.getOutputStream().writeObject(CrrsByStatusMessage(RequestStatus.DONE)) + it.getInputStream().readObject>() + } + // then + assertNotNull(doneRequests) + assertEquals(RequestStatus.DONE, doneRequests.first().status) + } + + private fun createCrl(): X509CRL { + val builder = X509v2CRLBuilder(CordaX500Name.build(DEV_INTERMEDIATE_CA.certificate.issuerX500Principal).x500Name, Date()) + val provider = BouncyCastleProvider() + val crlHolder = builder.build(ContentSignerBuilder.build(Crypto.RSA_SHA256, Crypto.generateKeyPair(Crypto.RSA_SHA256).private, provider)) + return JcaX509CRLConverter().setProvider(provider).getCRL(crlHolder) + } + + private fun createCertificateRevocationRequest(status: RequestStatus): CertificateRevocationRequestData { + return CertificateRevocationRequestData( + requestId = "123", + legalName = CordaX500Name.parse("CN=Test Corp, O=Test, L=London, C=GB"), + reporter = "Test", + certificateSerialNumber = BigInteger.TEN, + status = status, + reason = CRLReason.KEY_COMPROMISE, + modifiedAt = Instant.now() + ) + } +} \ No newline at end of file diff --git a/node-api/src/main/kotlin/net/corda/nodeapi/internal/serialization/amqp/custom/X509CRLSerializer.kt b/node-api/src/main/kotlin/net/corda/nodeapi/internal/serialization/amqp/custom/X509CRLSerializer.kt index 2f98bddb74..2b7f026d14 100644 --- a/node-api/src/main/kotlin/net/corda/nodeapi/internal/serialization/amqp/custom/X509CRLSerializer.kt +++ b/node-api/src/main/kotlin/net/corda/nodeapi/internal/serialization/amqp/custom/X509CRLSerializer.kt @@ -1,3 +1,13 @@ +/* + * R3 Proprietary and Confidential + * + * Copyright (c) 2018 R3 Limited. All rights reserved. + * + * The intellectual and technical concepts contained herein are proprietary to R3 and its suppliers and are protected by trade secret law. + * + * Distribution of this file or any portion thereof via any medium without the express permission of R3 is strictly prohibited. + */ + package net.corda.nodeapi.internal.serialization.amqp.custom import net.corda.nodeapi.internal.crypto.X509CertificateFactory