Commit Graph

77 Commits

Author SHA1 Message Date
jakub.zadroga
bb91f46fee Add add-opens to fix ENT-11847 2024-06-18 16:42:45 +01:00
jakub.zadroga
a2a89d3f96 Add support for multiple add-opens CLI args to CordaCaplet 2024-06-18 15:32:53 +01:00
jakub.zadroga
1cd62347f3 Add missing add-opens for sun.security.ec 2024-05-22 14:54:13 +01:00
Adel El-Beik
ba71b8606b ENT-11802: Resolved messages regarding execution optimisations have been disabled. 2024-04-23 11:51:08 +01:00
Chris Cochrane
ea93a5f560
Extra add-opens to support corda-shell 2024-03-12 15:45:19 +00:00
Shams Asari
0091807c2f ENT-11101: Fix all crypto issues introduced by Java 17 upgrade
The various crypto tests that were previously ignored have been re-enabled.

The abandoned i2p EdDSA library has been replaced with native support that was added in Java 15.

Java 17 (via the `SunEC` provider) does not support the secp256k1 curve (one of the two ECDSA curves supported in Corda). This would not normally have been an issue as secp256k1 is already taken care of by Bouncy Castle. However, this only works if the `Crypto` API is used or if `”BC”` is explicitly specified as the provider (e.g. `Signature.getInstance(“SHA256withECDSA”, “BC”)`). If no provider is specified, which is what is more common, and actually what the Java docs recommend, then this doesn’t work as the `SunEC` provider is selected. To resolve this, a custom provider was created, installed just in front of `SunEC`, which “augments” `SunEC` by delegating to Bouncy Castle if keys or parameters for secp256k1 are encountered.

`X509Utilities.createCertificate` now calls `X509Certificate.verify()` to verify the created certificate, rather than using the Bouncy Castle API. This is more representative of how certificates will be verified (e.g. during SSL handshake) and weeds out other issues (such as unsupported curve error for secp256k1).

`BCCryptoService` has been renamed to `DefaultCryptoService` as it no longer explicitly uses Bouncy Castle but rather uses the installed security providers. This was done to fix a failing test. Further, `BCCryptoService` was already relying on the installed providers in some places.

The hack to get Corda `SecureRandom` working was also resolved. Also, as an added bonus, tests which ignored `SPHINCS256_SHA256` have been reinstated.

Note, there is a slightly inconsistency between how EdDSA and ECDSA keys are handled (and also RSA). For the later, Bouncy Castle is preferred, and methods such as `toSupportedKey*` will convert any JDK class to Bouncy Castle. For EdDSA the preference is the JDK (`SunEC`). However, this is simply a continuation of the previous preference of the i2p library over Bouncy Castle.
2024-03-04 13:29:49 +00:00
Arshad Mahmood
4ea42c4d75 ENT-6914 Disabled module metadata generation for the node capsule as it was generating invalid json 2024-01-25 12:11:47 +00:00
Arshad Mahmood
e5355d9e75 ENT-6914 Fix generated pom 2024-01-22 10:22:08 +00:00
Shams Asari
2e63ca6264
ENT-11065: Remove the need for JVM flags in client code (#7635) 2024-01-03 11:22:03 +00:00
Arshad Mahmood
c94f1d730c ENT-11271 Publish dependencies in the maven pom.xml 2023-12-12 13:24:15 +00:00
Shams Asari
4cf5fe55dd
ENT-11099: Update Java compile source & target to 17 (#7594)
And removed unused `jdkClassifier` in build files.
2023-12-06 09:46:29 +00:00
Arshad Mahmood
6dd33fb8f7 Upgrade to gradle 7.6, kotlin 1.8 and jdk 17
Major changes due to JDK 17:
1. JDK17 JCE Provider now has built-in support for eddsas, corda uses
   the bouncycastle (i2p) implementation. This PR removes the conflicting
   algorithms from the built-in JCE provider.

2. JavaScript scripting has been removed from the JDK, the corda log4j config was using
   scripting to conditionally output additional diagnostic info if the MDC
   was populated. This PR has removed the scripting.

3. The artifactory plug-ins used are now deprecated, this PR has removed them
   and uses the same code as Corda 5 for publishing to artifactory.

4. Javadoc generation has been modified to use the latest dokka plug-ins.

5. Gradle 7.6 has implemented an incredibly annoying change where transitive
   dependencies are not put on the compile classpath, so that they have to be
   explicitly added as dependencies to projects.

6. Mockito has been updated, which sadly meant that quite a few source files
   have to changes to use the new (org.mockito.kotlin) package name. This makes
   this PR appear much larger than it is.

7. A number of tests have been marked as ignored to get a green, broadly they fall
   into 3 classes.

   The first is related to crypto keypair tests, it appears some logic
   in the JDK prefers to use the SunJCE implementation and we prefer to use
   bouncycastle. I believe this issue can be fixed with better test setup.

   The second group is related to our use of a method called "uncheckedCast(..)",
   the purpose of this method was to get rid of the annoying unchecked cast compiler
   warning that would otherwise exist. It looks like the Kotlin 1.9 compiler type
   inference differs and at runtime sometimes the type it infers is "Void" which causes
   an exception at runtime. The simplest solution is to use an explicit cast instead of
   unchecked cast, Corda 5 have removed unchecked cast from their codebase.

   The third class are a number of ActiveMQ tests which appear to have a memory leak somewhere.
2023-11-06 10:24:17 +00:00
Shams Asari
e0e4f51ba2
ENT-10285: Remove experimental DJVM support (#7442) 2023-08-09 08:44:32 +01:00
Adel El-Beik
7a133f687c
ENT-6893: First cut of telemetry integration. (#7247)
First cut of telemetry integration.

Open telemetry can be enabled in two ways, first is via an opentelemetry java agent specified on the command line. With this way you get the advantage of spans created from other libraries, like hibernate. The java agent does byte code rewriting to insert spans.
The second way is with the open telemetry driver (that links with the opentelemetry sdk). This is a fat jar provided with this project and needs to go into the node drivers directory.
2022-10-28 14:41:39 +01:00
filipesoliveira
8eaf237a27 Refactored the previous bug fix to minimize duplication by reusing an existing function.
Bear in mind that the condition in the previous code was (config == null) and now is (config == null || config.equals("")).
2020-08-06 11:15:19 +01:00
filipesoliveira
80d279a70e Fixed a bug which would make the "-f" flag to be ignored. 2020-08-06 10:51:23 +01:00
Chris Rankin
e684cfd1e6
NOTICK: Avoid configuring more tasks in the deterministic modules. (#6452) 2020-07-13 10:33:23 +01:00
Chris Rankin
16eb9dfc08
NOTICK: Fix some Gradle technical debt. (#6430) 2020-07-07 09:08:58 +01:00
Tamas Veingartner
26d4bfb89f
CORDA-3578 add corda prefix to conf file names as original issue was … (#6322)
* CORDA-3578 add corda prefix to conf file names as original issue was having non-corda reference.conf files on classpath causes DriverDSLImp failure

it is better to have this naming convention and avoid further conflicts of conf files.

* fixed weird duplicates

* revert renaming changes for web-reference.conf and loadtest-reference.conf
2020-06-16 09:15:51 +01:00
Adel El-Beik
27ea570fbb
CORDA-3696: JDK 11 Testing branch (#6131)
* CORDA-3696: Temporary update to enable JDK11 build and test. Will eventually be switchable.

* CORDA-3696: Filter out the Nashorn warning.

* CORDA-3696: Add JDK11 classifier.

* CORDA-3696: Updated match string to cope with JDK11.

* CORDA-3696: Filtering out SPHINCS256_SHA256 where failing due to JDK11.

* CORDA-3696: Now remove SPHINCS256_SHA256 only if JDK11.

* CORDA-3696: Fix test failure - switch to regex matching.

* CORDA-3696: Hide the illegal access warnings.

* CORDA-3696: Check for Java11 when disabling Java11 warnings.

* CORDA-3696: Fix unneccessary non null check.

* CORDA-3696: Reverting build env to JDK8

* CORDA-3696: Revert hiding of illegal access warnings via Unsafe class.

* CORDA-3696: Remove internal access warnings and new JDK11 version checker.

* CORDA-3696: Updated build file for OS

* CORDA-3696: Removed typo

* CORDA-3696: Fixed space typo.

* CORDA-3696: Open modules to remove the illegal access warnings.

Co-authored-by: Adel El-Beik <adelel-beik@19LDN-MAC108.local>
2020-04-16 10:20:30 +01:00
Chris Rankin
0771a22d5b
ENT-4967: Allow quasar_classifier to be either null or an empty string. (#6119) 2020-03-31 15:32:36 +01:00
Chris Rankin
29a36c6b4f
Prevent Quasar from instrumenting classes that belong to AttachmentsClassLoader. (#6077) 2020-03-18 13:59:10 +00:00
James Higgs
da192bcf0d
[EG-140] Allow system property paths with multiple keys to be specified in node.conf (#5963)
* [EG-140] Allow system property paths with multiple keys to be specified in node.conf

* [EG-140] Split property paths to remove quotes

* [EG-140] Quote system properties in docs

* [EG-140] Rename path to key
2020-02-14 11:18:21 +00:00
Chris Rankin
f226ddc4f2 CORDA-2876: Integrate the DJVM with the Corda Node. (#5633)
* * CORDA-2876: Migrate DJVM serialization modules into Corda.
* Pre-generate Corda classes for DJVM sandbox when node boots in production mode.
* Ensure that all DJVM test contract CorDapps are signed.
* Test examining attachments within DJVM sandbox.
* Test Contract.verify() using cryptographic verify function.
* Add test cases for more non-determinism in Contract.verify().
* Update node-driver to support testing nodes with DJVM support.
* Modify Node to allow alternative DJVM configurations for testing.
* Refactor DeterministicVerifierFactoryService for default use-case.
* Small whitespace and code-style refactors.
* Create and activate a DJVM execution profile for the Node.
* Revert making Verifier implement AutoCloseable.
* Allow the node to cache sandboxed Corda byte-code for reuse.
* Use updated Quasar agent that knows not to touch DJVM classloaders.
* Fix Quasar's package exclusions globs for DJVM.
* Deserialise LedgerTransaction into the sandbox for Contract.verify().
* Add the DJVM's serialisation modules to the Corda node.
* Update the node for the latest DJVM API, and preserve the ConstructorForDeserialization annotation on user contract classes.
* Add corda-dev to repositories while DJVM is SNAPSHOT.
* Migrate DJVM specialisation into AbstractNode's ServiceHubInternalImpl.
* Exclude sandbox.** and shaded djvm.** classes from Quasar agent.
* Add the corda-dev repository to :node for the deterministic runtime.
* Turn Verifier into an abstract base class that is specialised by BasicVerifier and DeterministicVerifier.
* Add the Corda deterministic libraries to the Node, and split the DJVM sandbox across two SandboxClassLoader instances.
* Add DJVM to contract verification path inside Corda Node.
* Minor lambda simplifications and removing unused import.
* CORDA-2871: Remove @CordaSerializable from LedgerTransaction.
* CORDA-2871: Add a callback to ServicesForResolution to allow the Node to modify a LedgerTransaction object.
* CORDA-2871: Refactor the contract verification code into a separate class,
 and allow LedgerTransaction to choose different Verifier objects.
* Update DJVM to use Corda 4.4-SNAPSHOT. (#95)
* CORDA-3330: Allow DJVM to preload / pregenerate classes from selected jars. (#92)
* Add support for SourceClassLoader.getResources() to DJVM.
* Allow a SandboxConfiguration to preload sandbox byte-code for all classes inside jars containing META-INF/DJVM-preload.
* CORDA-3309: Remove explicit try-catch in favour of UncaughtExceptionHandler. (#91)
* CORDA-3309: Install UncaughtExceptionHandler for DJVM tasks. (#88)
* Fix tests broken by Windows line endings. (#82)
* CORDA-3292: Reimplement ExecutionProfile as a data class. (#80)
* CORDA-2877: Refactor how we create child SandboxConfiguration objects. (#76)
* CORDA-2877: Load bytecode from a persistent cache to prevent repeated rewriting. (#75)
* Refactor byte-code cache to SandboxConfiguration instead of AnalysisConfiguration. We cannot "mix and match" byte-code generated by different sets of rules.
* CORDA-3137: Enhance annotation handling so that we can allow some annotations to be mapped into the sandbox without also needing to be stitched. (#72)
* CORDA-2871: Minor cosmetic fixes. (#69)
* CORDA-3218: Align DJVM with internal Corda Serialisation API. (#68)
* Ensure we get the latest SNAPSHOT of the serialisation code.
* CORDA-2871: Refactor SourceClassLoader to define source classes. (#66)
* Rewrite SourceClassLoader to support parent/child relationships.
* Revert catching TypNotPresebtException - it was a symptom of a bigger problem.
* Remove AutoCloseable from AnalysisConfiguration and SourceClassLoader.
* SourceClassLoader.getResource() must delegate to its parent first.
* CORDA-2871: Ensure ClassLoader.loadClass() throws ClassNotFoundException for all cases where the class cannot be found. (#64)
* CORDA-2871: Modify sandbox tasks to implement both java.Function and sandbox.Function (#62)
* Make TaskExecutors implement BiFunction to make them composable.
* Create ImportTask to wrap a java.Function inside a sandbox.Function.
* Add createExecutor() and createRawExecutor() APIs to SandboxClassLoader.
* Update serialization to use SandboxClassLoader.toSandboxClass().
* Remove a layer of lambdas from the serialisation code.
* Update SandboxExecutor and SandboxRawExecutor.
* Rename Executor to TaskFactory.
* Rename dangling executor -> taskFactory.
* CORDA-2871: Sanity fixes! (#63)
* Improve message for SandboxClassLoadingException.
* Fix serialisation API for using sandboxed environment.
* CORDA-3174: Extend serialisation to include InputStream and OpaqueBytesSubSequence. (#60)
* Update DJVM Example project for serialisation.
* Add serializers for InputStream and OpaqueBytesSubSequence.
* Support ZIP Inflater and CRC32 inside the sandbox.
* Allow the DJVM to wrap java.io.InputStream as sandbox.java.io.InputStream.
* Configure tests also to preserve @DeprecatedConstructorForDeserialization.
* CORDA-3174: Implement Corda serialization modules. (#59)
* Create DJVM serialization modules.
* Create test cases for Array<T>, List<T> and List<Array<T>>.
* Refactor SandboxPrimiveSerializer for all primitive types.
* Implement SandboxCollectionSerializer to support Collection types.
* Implement SandboxMapSerializer to support Map types.
* Attempt to fix infinite loop when computing Collection and Map fingerprints.
* Apply special handling when deserialising sandbox.java.lang.Character.
* Remap Java primitive types to sandbox Java object types to deter evolution.
* Use Class.getPackage().getName() to determine sandbox package name.
* Implement SandboxEnumSerializer to support Enum types.
* Implement SandboxPublicKeySerializer to support Java security keys.
* Add serialization projects to the composite example project.
* Implement serializers for BigInteger, BigDecimal, Currency and StringBuffer.
* Test that deserialising does not instantiate the untrusted user classes.
* Implement serializers for java.time.* types.
* Add serialiser for BitSet - currently disabled until BitSet itself is supported.
* Add serialisers for EnumSet and Class.
* Include support for EnumMap in the SandboxMapSerializer.
* Ensure the DJVM Example project's tests preserve @CordaSerializable.
* Add support for UUID as a primitive type.
* Use common abortReadOnly() method for declaring serialization as unsupported.
* Streamline the API for deserialising into the sandbox.
* Add preliminary support for deserialising X.509 certificates.
* Implement serializer for java.util.Optional.
* Refactor configuration of the sandbox serialization scheme.
* Add tests for deserialising arrays of basic types.
* Include method annotations in annotation stitching. This ensures that `@ConstructorForDeserialization` is not dropped.
* Enable test for SandboxBitSetSerializer.
* Enable tests for X.509 serializers.
* Implement serializers for ProtonJ primitive types.
* Serialize java.util.Date as a primitive type.
* Add the bintray Gradle plugin to the serialisation modules.
* Do not publish serialisation modules - they will become part of Corda itself.

* CORDA-2876: Only apply DJVM sources to Node Driver when devMode=true.

* Resolve DeteKT warnings.

* Require Node's JVM to set -Dnet.corda.djvm=true in order to enable DJVM.

* Enable DJVM for DemoBench nodes.

* Disable Quasar instrumentation verification for DemoBench nodes.

* Upgrade to DJVM 1.0-RC01.

* Try to modify DriverParameters in a more "ABI friendly" way.

* Refactor and simplify sandbox deserialisation of primitive objects.

* Review fixes.

* Update EvolutionSerializerFactory to handle sandboxed primitive boxed types.
2019-11-05 13:44:18 +00:00
josecoll
246ec8766e
CORDA-3224 JDK11 built and published artifacts to include classifier. (#5488)
* JDK11 built and published artifacts to include classifier.

* Added additional non-intuitive gradle dust sprinkled recommended by CR.

* Added additional non-intuitive gradle dust sprinkled recommended by CR.

* Bump corda gradle plugins version.

* Incorporating PR review feedback.

* jdk11Classifier
2019-10-08 10:45:10 +01:00
josecoll
3fafbe551c
CORDA-2050 Upgrade Corda to Java 11 (compatibility mode) (#5356)
Upgrade Corda to run with Java 11 (compatibility mode) - see https://github.com/corda/corda/pull/5356
2019-09-18 10:26:26 +01:00
Stefan Iliev
81a6a9ecba [CORDA-3079] Load drivers directory automatically (#5454) 2019-09-12 10:29:38 +01:00
Denis Rekalov
a4650b2bb3 CORDA-3187: Add -XX:+HeapDumpOnOutOfMemoryError -XX:+CrashOnOutOfMemoryError to default JVM args for node (#5432) 2019-09-06 13:49:52 +01:00
josecoll
603da3eeff
CORDA-2984 Re-instate CordaCaplet tests and move CordaCaplet code into :node:cap… (#5197)
* Re-instate CordaCaplet tests and move CordaCaplet code into :node:capsule module.

* Clean-up verbose IntelliJ refactoring.

* Updated buildCordaJAR task references to resolve CordaCaplet from :node:capsule project.

* Incorporating feedback from PR review.
2019-06-07 08:55:19 +01:00
josecoll
0263650a5f
Revert "Merge pull request #5145 from corda/jdk11-migration-gradle5-upgrade" (#5146)
This reverts commit f46377556c, reversing
changes made to ba675e73b9.
2019-05-20 16:16:49 +01:00
josecoll
6d99e0fec4 Upgrade quasar to JDK11 supported version (0.8.0) - dependent on Corda "quasar-utils" gradle plugin upgrade. 2019-05-20 15:08:27 +01:00
Bernd Stoeger
254d1b1631 Include ch package in quasar instrumentation 2019-02-24 16:40:34 +01:00
Tudor Malene
d1575b4031
Exclude more packages from quasar instrumentation. (#4563) 2019-01-14 16:58:04 +00:00
Michele Sollecito
33ce00e8b1
[CORDA-2244]: Specified unique applicationId for Capsule manifest. (#4283) 2018-11-22 13:53:14 +00:00
Chris Rankin
df4699c69a
CORDA-1985: Configure Gradle capsule plugin to use Capsule 1.0.3. (#3949) 2018-09-17 13:55:31 +01:00
Anthony Keenan
046b104fee
CORDA-1764: Make shell use picocli for parsing command line options (#3923)
* Fix link in shell documentation

* The TypeSafe config parser wants extensions.sshd to be present in the config even though extensions is nullable

* Temp commit

* Make Standalone Shell use picocli

* Simplify gradle config for bootstrapper

* Fix logging dependency issues

* Revert "Temp commit"

This reverts commit f4efafcc9d.

* Fix quasarExcludeExpression

* Correct bootstrapper configuration

* Correct CRaSH capitalisation in docs

* Fix unit tests

* Fix help text typo

* Make logging level case insensitive

* Fix CRaSH capitalisation in help text

* Fix unit tests
2018-09-13 11:14:31 +01:00
Chris Rankin
ca9649ec0f
CORDA-1964: Upgrade to Gradle 4.10 (#3903) 2018-09-06 12:48:31 +01:00
Mike Hearn
626b3e6bd3 Minor: make the :node:capsule:build task depend on buildCordaJAR 2018-08-23 13:12:18 +02:00
Tudor Malene
7978910e0b
ENT-1633 increase node max heap size to 512m (#2851) 2018-03-26 13:41:37 +01:00
Clinton
174ed3c64b
CORDA-556: Added Cordapp Config and a sample (#2469)
* Added per-cordapp configuration 
* Added new API for Cordformation cordapp declarations to support per-cordapp configuration
* Added a cordapp configuration sample
2018-02-14 14:49:59 +00:00
James Brown
8de2c78dd2 Remove jolokia war reference from webserver 2018-01-22 16:21:28 +00:00
josecoll
a2d14bd20d
Exclude jolokia packages from Quasar instrumentation. (#2279) 2017-12-21 11:06:44 +00:00
josecoll
4762569200
CORDA-822 - JMX Jolokia instrumentation (#2197)
* JMX Jolokia instrumentation WIP (driverDSL, webserver, cordformation, hibernate statistics, access policy config file hardening)

* Cordformation changes to support jolokia agent instrumentation at JVM startup.

* Minor updates to reflect usage of Jolokia 1.3.7 (which uses slightly different .war naming)

* Use relative path reference in -javaagent to prevent problem with long path names with spaces.

* Fixed incorrect regex pattern and added assertion to test.

* Enable JMX monitoring.

* Reporting of Hibernate JMX statistics is configurable (by default, only switched on in devMode)

* Make Artemis JMX enablement configurable.

* Re-instate banning of java serialization.

* Improve JUnit.

* Fixes following rebase from master.

* Re-instated correct regex for picking up Jolokia agent jar.

* Fixed broken integration test.

* Updated documentation

* Updated following PR review feedback.

* Fixed compilation error caused by change in DriverDSL argument type.

* Fixed compilation error caused by change in DriverDSL argument type.

* Fail fast if jolokia-agent-jvm.jar is not located.

* Applied changes in cordformation following review feedback from CA.
2017-12-08 16:27:12 +00:00
Rick Parker
7337996e08
Add config library and default config to webserver JAR (#2047)
* Add config library and default config to webserver JAR

* Applied Clinton's feedback to create a config rather than do filtering.
2017-11-15 15:03:15 +00:00
Rick Parker
4b8590ef41 CORDA-736 Add some new features to corda.jar via node.conf for testing (#1926) 2017-10-24 16:49:47 +01:00
Andras Slemmer
e9f3b92e97 Add alwaysExcluded flag to quasar-hook, run config for generating exclude pattern 2017-08-30 17:14:01 +01:00
Andras Slemmer
605d142738 Add quasar exclude pattern to the agent 2017-08-29 16:50:46 +01:00
Clinton Alexander
ce7ce6c8b7 Used a more robust location for the caplet classes now that gradle 4 has changed the classes directory structure. 2017-08-24 15:58:41 +01:00
Clinton
0ccfae252f POMs generated by publishing are now correct. (#1055)
* POMs generated by publishing are now correct. The publish extension now requires an explicit call to configure the publishing instead of waiting until after evaluation. This prevents evaluation order issues with the artifact renaming code that causes the POM to have the original, incorrect, artifact names.

* Fixed new test compile issues caused by removal of some dependencies in test utils that caused webserver code to be automatically included in any project also compiling test utils.
2017-07-18 12:34:56 +01:00
Clinton Alexander
b4e7d7ca1b Can now publish to artifactory. 2017-07-03 18:12:56 +01:00