ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-02-07 03:29:19 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Change PersistentIdentityService to use AppendOnlyPersistentMap as this has bounded memory and works correctly for the use case of repeated duplicate inserts.

Browse Source
This commit is contained in:
Matthew Nesbit 2017-09-06 10:11:30 +01:00
parent b2051952d2
commit dc0b56432b
1 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
node/src/main/kotlin/net/corda/node/services/identity/PersistentIdentityService.kt
View File

@ -13,8 +13,8 @@ import net.corda.core.node.services.UnknownAnonymousPartyException
import net.corda.core.serialization.SingletonSerializeAsToken import net.corda.core.serialization.SingletonSerializeAsToken
import net.corda.core.utilities.cert import net.corda.core.utilities.cert
import net.corda.core.utilities.loggerFor import net.corda.core.utilities.loggerFor
import net.corda.node.utilities.AppendOnlyPersistentMap
import net.corda.node.utilities.NODE_DATABASE_PREFIX import net.corda.node.utilities.NODE_DATABASE_PREFIX
import net.corda.node.utilities.PersistentMap
import org.bouncycastle.asn1.x500.X500Name import org.bouncycastle.asn1.x500.X500Name
import org.bouncycastle.cert.X509CertificateHolder import org.bouncycastle.cert.X509CertificateHolder
import java.io.ByteArrayInputStream import java.io.ByteArrayInputStream
@ -40,8 +40,8 @@ class PersistentIdentityService(identities: Iterable<PartyAndCertificate> = empt
private val log = loggerFor<PersistentIdentityService>() private val log = loggerFor<PersistentIdentityService>()
private val certFactory: CertificateFactory = CertificateFactory.getInstance("X.509") private val certFactory: CertificateFactory = CertificateFactory.getInstance("X.509")
fun createPKMap(): PersistentMap<SecureHash, PartyAndCertificate, PersistentIdentity, String> { fun createPKMap(): AppendOnlyPersistentMap<SecureHash, PartyAndCertificate, PersistentIdentity, String> {
return PersistentMap( return AppendOnlyPersistentMap(
toPersistentEntityKey = { it.toString() }, toPersistentEntityKey = { it.toString() },
fromPersistentEntity = { fromPersistentEntity = {
Pair(SecureHash.parse(it.publicKeyHash), Pair(SecureHash.parse(it.publicKeyHash),
@ -56,8 +56,8 @@ class PersistentIdentityService(identities: Iterable<PartyAndCertificate> = empt
) )
} }
fun createX500Map(): PersistentMap<X500Name, SecureHash, PersistentIdentityNames, String> { fun createX500Map(): AppendOnlyPersistentMap<X500Name, SecureHash, PersistentIdentityNames, String> {
return PersistentMap( return AppendOnlyPersistentMap(
toPersistentEntityKey = { it.toString() }, toPersistentEntityKey = { it.toString() },
fromPersistentEntity = { Pair(X500Name(it.name), SecureHash.parse(it.publicKeyHash)) }, fromPersistentEntity = { Pair(X500Name(it.name), SecureHash.parse(it.publicKeyHash)) },
toPersistentEntity = { key: X500Name, value: SecureHash -> toPersistentEntity = { key: X500Name, value: SecureHash ->
@ -104,10 +104,13 @@ class PersistentIdentityService(identities: Iterable<PartyAndCertificate> = empt
init { init {
val caCertificatesWithRoot: Set<X509Certificate> = caCertificates.toSet() + trustRoot val caCertificatesWithRoot: Set<X509Certificate> = caCertificates.toSet() + trustRoot
caCertStore = CertStore.getInstance("Collection", CollectionCertStoreParameters(caCertificatesWithRoot)) caCertStore = CertStore.getInstance("Collection", CollectionCertStoreParameters(caCertificatesWithRoot))
keyToParties.putAll(identities.associateBy { mapToKey(it) }) identities.forEach {
principalToParties.putAll(identities.associateBy({ it.name }, { mapToKey(it) })) val key = mapToKey(it)
confidentialIdentities.forEach { identity -> keyToParties.addWithDuplicatesAllowed(key, it)
principalToParties.computeIfAbsent(identity.name) { mapToKey(identity) } principalToParties.addWithDuplicatesAllowed(it.name, key)
}
confidentialIdentities.forEach {
principalToParties.addWithDuplicatesAllowed(it.name, mapToKey(it))
} }
} }
@ -122,9 +125,10 @@ class PersistentIdentityService(identities: Iterable<PartyAndCertificate> = empt
identity.verify(trustAnchor) identity.verify(trustAnchor)
log.info("Registering identity $identity") log.info("Registering identity $identity")
keyToParties[mapToKey(identity)] = identity val key = mapToKey(identity)
keyToParties.addWithDuplicatesAllowed(key, identity)
// Always keep the first party we registered, as that's the well known identity // Always keep the first party we registered, as that's the well known identity
principalToParties.computeIfAbsent(identity.name) { mapToKey(identity) } principalToParties.addWithDuplicatesAllowed(identity.name, key)
val parentId = mapToKey(identity.certPath.certificates[1].publicKey) val parentId = mapToKey(identity.certPath.certificates[1].publicKey)
return keyToParties[parentId] return keyToParties[parentId]
} }
@ -140,7 +144,7 @@ class PersistentIdentityService(identities: Iterable<PartyAndCertificate> = empt
override fun certificateFromParty(party: Party): PartyAndCertificate = certificateFromX500Name(party.name) ?: throw IllegalArgumentException("Unknown identity ${party.name}") override fun certificateFromParty(party: Party): PartyAndCertificate = certificateFromX500Name(party.name) ?: throw IllegalArgumentException("Unknown identity ${party.name}")
// We give the caller a copy of the data set to avoid any locking problems // We give the caller a copy of the data set to avoid any locking problems
override fun getAllIdentities(): Iterable<PartyAndCertificate> = ArrayList(keyToParties.values) override fun getAllIdentities(): Iterable<PartyAndCertificate> = keyToParties.allPersisted().map { it.second }.asIterable()
override fun partyFromKey(key: PublicKey): Party? = certificateFromKey(key)?.party override fun partyFromKey(key: PublicKey): Party? = certificateFromKey(key)?.party
override fun partyFromX500Name(principal: X500Name): Party? = certificateFromX500Name(principal)?.party override fun partyFromX500Name(principal: X500Name): Party? = certificateFromX500Name(principal)?.party
@ -166,7 +170,7 @@ class PersistentIdentityService(identities: Iterable<PartyAndCertificate> = empt
override fun partiesFromName(query: String, exactMatch: Boolean): Set<Party> { override fun partiesFromName(query: String, exactMatch: Boolean): Set<Party> {
val results = LinkedHashSet<Party>() val results = LinkedHashSet<Party>()
for ((x500name, partyId) in principalToParties) { for ((x500name, partyId) in principalToParties.allPersisted()) {
val party = keyToParties[partyId]!!.party val party = keyToParties[partyId]!!.party
for (rdn in x500name.rdNs) { for (rdn in x500name.rdNs) {
val component = rdn.first.value.toString() val component = rdn.first.value.toString()