diff --git a/network-management/registration-tool/README.md b/network-management/registration-tool/README.md index 67f0eb6a28..b6837abc35 100644 --- a/network-management/registration-tool/README.md +++ b/network-management/registration-tool/README.md @@ -1,6 +1,6 @@ -#Network Registration Tool +#Distributed Notary Registration Tool -The network registration tool creates a CSR (Certificate Signing Request) and sent to compatibility zone doorman for approval. +The notary registration tool creates a CSR (Certificate Signing Request) with ``SERVICE_IDENTITY`` certificate role and sent to compatibility zone doorman for approval. A keystore and a trust store will be created once the request is approved. ##Configuration file @@ -20,8 +20,6 @@ compatibilityZoneURL Compatibility zone URL. networkRootTrustStorePath Path to the network root trust store. -certRole Requested cert role, it should be one of [NODE_CA, SERVICE_IDENTITY]. - networkRootTrustStorePassword Network root trust store password, to be provided by the network operator. Optional, the tool will prompt for password input if not provided. keyStorePassword Generated keystore's password. Optional, the tool will prompt for password input if not provided. @@ -41,7 +39,6 @@ legalName { email = "test@email.com" compatibilityZoneURL = "http://doorman.url.com" networkRootTrustStorePath = "networkRootTrustStore.jks" -certRole = "NODE_CA" networkRootTrustStorePassword = "password" keyStorePassword = "password" diff --git a/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/KeyCopyTool.kt b/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/KeyCopyTool.kt index e4b28fd93e..4a75570891 100644 --- a/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/KeyCopyTool.kt +++ b/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/KeyCopyTool.kt @@ -24,9 +24,9 @@ fun KeyCopierOption.copyKeystore() { val srcPrivateKey = srcKeystore.getPrivateKey(sourceAlias) val srcCertChain = srcKeystore.getCertificateChain(sourceAlias) - X509KeyStore.fromFile(desinationFile, destinationPassword ?: readPassword("Destination key store password:")).update { + X509KeyStore.fromFile(destinationFile, destinationPassword ?: readPassword("Destination key store password:")).update { val keyAlias = destinationAlias ?: sourceAlias setPrivateKey(keyAlias, srcPrivateKey, srcCertChain) - println("Added '$keyAlias' to keystore : $desinationFile") + println("Added '$keyAlias' to keystore : $destinationFile") } } diff --git a/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/Main.kt b/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/Main.kt index c5e6032302..df2702eb13 100644 --- a/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/Main.kt +++ b/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/Main.kt @@ -88,7 +88,7 @@ private fun OptionSpecBuilder.requireOnlyIf(option: OptionSpecBuilder): OptionSp sealed class ToolOption { data class RegistrationOption(val configFile: Path) : ToolOption() data class KeyCopierOption(val sourceFile: Path, - val desinationFile: Path, + val destinationFile: Path, val sourcePassword: String?, val destinationPassword: String?, val sourceAlias: String, diff --git a/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/RegistrationTool.kt b/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/NotaryRegistrationTool.kt similarity index 61% rename from network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/RegistrationTool.kt rename to network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/NotaryRegistrationTool.kt index 2f43346f94..7acf37cdd8 100644 --- a/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/RegistrationTool.kt +++ b/network-management/registration-tool/src/main/kotlin/com/r3/corda/networkmanage/registration/NotaryRegistrationTool.kt @@ -25,16 +25,24 @@ import java.nio.file.Path import java.nio.file.Paths fun RegistrationOption.runRegistration() { + println("**********************************************************") + println("* *") + println("* Notary identity registration tool *") + println("* *") + println("**********************************************************") + println() + println("This tool will create a notary identity certificate signing request using information found in '$configFile'") + println() + val config = ConfigFactory.parseFile(configFile.toFile(), ConfigParseOptions.defaults().setAllowMissing(false)) .resolve() - .parseAs() + .parseAs() val sslConfig = object : SSLConfiguration { override val keyStorePassword: String by lazy { config.keyStorePassword ?: readPassword("Node Keystore password:") } override val trustStorePassword: String by lazy { config.trustStorePassword ?: readPassword("Node TrustStore password:") } val parent = configFile.parent - override val certificatesDirectory: Path = if (parent != null) parent / "certificates" - else Paths.get("certificates") + override val certificatesDirectory: Path = if (parent != null) parent / "certificates" else Paths.get("certificates") } NetworkRegistrationHelper(sslConfig, @@ -42,14 +50,13 @@ fun RegistrationOption.runRegistration() { config.email, HTTPNetworkRegistrationService(config.compatibilityZoneURL), config.networkRootTrustStorePath, - config.networkRootTrustStorePassword ?: readPassword("Network trust root password:"), config.certRole).buildKeystore() + config.networkRootTrustStorePassword ?: readPassword("Network trust root password:"), CertRole.SERVICE_IDENTITY).buildKeystore() } -data class RegistrationConfig(val legalName: CordaX500Name, - val email: String, - val compatibilityZoneURL: URL, - val networkRootTrustStorePath: Path, - val certRole: CertRole, - val keyStorePassword: String?, - val networkRootTrustStorePassword: String?, - val trustStorePassword: String?) +data class NotaryRegistrationConfig(val legalName: CordaX500Name, + val email: String, + val compatibilityZoneURL: URL, + val networkRootTrustStorePath: Path, + val keyStorePassword: String?, + val networkRootTrustStorePassword: String?, + val trustStorePassword: String?) diff --git a/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/KeyCopyToolTest.kt b/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/KeyCopyToolTest.kt index 7e58632730..b4c184ab17 100644 --- a/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/KeyCopyToolTest.kt +++ b/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/KeyCopyToolTest.kt @@ -21,7 +21,7 @@ class KeyCopyToolTest { fun `key copy correctly`() { val keyCopyOption = ToolOption.KeyCopierOption( sourceFile = tempDir / "srcKeystore.jks", - desinationFile = tempDir / "destKeystore.jks", + destinationFile = tempDir / "destKeystore.jks", sourcePassword = "srctestpass", destinationPassword = "desttestpass", sourceAlias = "TestKeyAlias", @@ -34,13 +34,13 @@ class KeyCopyToolTest { X509KeyStore.fromFile(keyCopyOption.sourceFile, keyCopyOption.sourcePassword!!, createNew = true).update { setPrivateKey(keyCopyOption.sourceAlias, keyPair.private, listOf(cert)) } - X509KeyStore.fromFile(keyCopyOption.desinationFile, keyCopyOption.destinationPassword!!, createNew = true) + X509KeyStore.fromFile(keyCopyOption.destinationFile, keyCopyOption.destinationPassword!!, createNew = true) // Copy private key from src keystore to dest keystore using the tool keyCopyOption.copyKeystore() // Verify key copied correctly - val destKeystore = X509KeyStore.fromFile(keyCopyOption.desinationFile, keyCopyOption.destinationPassword!!) + val destKeystore = X509KeyStore.fromFile(keyCopyOption.destinationFile, keyCopyOption.destinationPassword!!) assertEquals(keyPair.private, destKeystore.getPrivateKey(keyCopyOption.sourceAlias, keyCopyOption.destinationPassword!!)) assertEquals(cert, destKeystore.getCertificate(keyCopyOption.sourceAlias)) } diff --git a/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/OptionParserTest.kt b/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/OptionParserTest.kt index 15d4cc0e45..669c1220d9 100644 --- a/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/OptionParserTest.kt +++ b/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/OptionParserTest.kt @@ -65,7 +65,7 @@ class OptionParserTest { "--destalias", "testalias2") assertThat(parseOptions(*keyCopyArgs)).isEqualTo(ToolOption.KeyCopierOption( sourceFile = tempDir / "source.jks", - desinationFile = tempDir / "target.jks", + destinationFile = tempDir / "target.jks", sourcePassword = "password1", destinationPassword = "password2", sourceAlias = "testalias", @@ -82,7 +82,7 @@ class OptionParserTest { "--srcalias", "testalias") assertThat(parseOptions(*keyCopyArgs)).isEqualTo(ToolOption.KeyCopierOption( sourceFile = tempDir / "source.jks", - desinationFile = tempDir / "target.jks", + destinationFile = tempDir / "target.jks", sourcePassword = null, destinationPassword = null, sourceAlias = "testalias", diff --git a/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/RegistrationConfigTest.kt b/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/RegistrationConfigTest.kt index 70a1ec32ed..3979db6f02 100644 --- a/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/RegistrationConfigTest.kt +++ b/network-management/registration-tool/src/test/kotlin/com/r3/corda/networkmanage/registration/RegistrationConfigTest.kt @@ -20,7 +20,6 @@ import org.junit.Test import java.nio.file.Paths class RegistrationConfigTest { - @Test fun `parse config file correctly`() { val testConfig = """ @@ -33,7 +32,6 @@ legalName { email = "test@email.com" compatibilityZoneURL = "http://doorman.url.com" networkRootTrustStorePath = "networkRootTrustStore.jks" -certRole = "NODE_CA" networkRootTrustStorePassword = "password" keyStorePassword = "password" @@ -42,9 +40,8 @@ trustStorePassword = "password" val config = ConfigFactory.parseString(testConfig, ConfigParseOptions.defaults().setAllowMissing(false)) .resolve() - .parseAs() + .parseAs() - assertEquals(CertRole.NODE_CA, config.certRole) assertEquals(CordaX500Name.parse("OU=R3 Corda, O=R3 LTD, L=London, C=GB"), config.legalName) assertEquals("http://doorman.url.com", config.compatibilityZoneURL.toString()) assertEquals("test@email.com", config.email)