Commit Graph

295 Commits

Author SHA1 Message Date
igor nitto
00b570df29
Improve RPC security test coverage [CORDA-827] (#2320)
* Added test cases covering encrypted password usage
 * Renamed UserAuthServiceTests as AuthDBTests: the integration tests checking user credentials loaded from external database (still limited to H2 in-memory for now).
 * Some internal renamings
2018-01-05 11:50:21 +00:00
Shams Asari
d84105b60e
Using X509Certificate consistently throughout, rather than BC's X509CertificateHolder. (#2305)
The later is now only used where needed. This has reduced the amount of converting we have to do back and forth.
2018-01-03 22:00:39 +00:00
Shams Asari
730fec2eb4
Internal driver now also does the registration for the notaries. (#2304)
Using the --just-generate-node-info flag for the notary nodes so that their identities can be submitted to the network map server, which does the network parameters generation.
2018-01-02 15:12:30 +00:00
Shams Asari
07258c0a16
Moved configureTestSSL out of testing API and made it internal. (#2297) 2018-01-02 09:15:26 +00:00
Shams Asari
4a2f157118
Validating the entire cert path in node registration, rather just checking the root cert. (#2298)
Also reduced duplicate code when creating the node CA cert path for testing, and renamed IdentityGenerator to DevIdentityGenerator.
2017-12-29 14:38:30 +00:00
Alberto Arri
6db0490750
Fix node integration tests. (#2233)
* Add tests for node registration and communication
2017-12-21 11:48:00 +00:00
szymonsztuka
ad23bb8754
BFTNotaryServiceTests - instantiate MockServices before each test, not at the class level. (#2281)
* change to align with enterprise repo
2017-12-21 09:50:21 +00:00
Shams Asari
e1e715ee81 Removed all remaining special treatment of the X500 common name.
With network parameters the CN is no longer needed to identify notaries. This frees it up to be used in the node's name alongside the other attributes.

Also, the identity generation logic has been simplified, removing the need to have magic string values for storing distributed identities in the keystore. Now there are just two alias prefixes: "identity" as it was previously, and "distributed-notary".
2017-12-18 21:39:11 +00:00
Shams Asari
00a5e3db6b CORDA-830 Introducing the network bootstrapper
Copying of the node-info files moved out of Cordform and into NetworkParametersGenerator (which is now called NetworkBootstrapper). This class becomes an external tool to enable deployment of nodes in a test setup on a single filesystem.
2017-12-17 23:49:57 +00:00
Shams Asari
e9cead9055 CORDA-833: SignedNodeInfo object for holding a list of signatures, one for each identity in the NodeInfo. This forms part of the network map. 2017-12-17 19:45:58 +00:00
Andrzej Cichocki
8114a20abd
CORDA-716 Move non-API things to internal (#2256) 2017-12-17 18:44:35 +00:00
Andrzej Cichocki
2652ae111a
CORDA-716 Devrel feedback (#2266)
* * Document TestIdentity entropy and enforce that it actually works
* Ledger/transaction DSL default notary with fresh key
* MockServices default identity with fresh key
* makeTestIdentityService now takes vararg
* Require cordappPackages for MockServices
* DSL automatic serialization init
* Improve error when two MockNetworks used

* * Make cordappPackages required by MockNetwork
* Default identity service in MockServices
* Make notarySpecs Java-friendly
2017-12-15 19:18:31 +00:00
Matthew Nesbit
595d41af04
AMQP Bridging between nodes (#2181)
* Able to send hand coded messages to an Artemis node inbox

Get startup race condition fixed. Start cleanup work.

Fixup after rebase

Remove SASL hack for now

Minor tweaks. Enable AMQP mode manually.

Add configuration control

Slight clean up

Stop timeouts that don't work with AMQP

Rename class

Get TLS constants from :node-api

Primitive integration test

Put back commented line

Session per bridge to alow rollback on remote rejects.

Add more tests and handle multiple IP adddresses

Reduce logging

Fixup after rebase

Add a test to verify the remote end AMQP rejection logic works and does cause message replay.

Allow Artemis to duplicate after session rollback

Reduce number of threads

Move legacy bridge related code over to CoreBridgeManager

Shared threadpool for bridges

Add a test to confirm that no side effects when using a shared thread pool.

Address PR comments and remove dead lines

Rebase and add some comments

Remove a couple of blank lines

Ensure AMQP bridges are used in tests

Fixup after removal of testNodeConfiguration

Add a couple of doc comments

Add a couple of doc comments

Make things internal and use CordaFuture

Address some PR comments

Change comment type

* Use Artemis 2.2 to fix AMQP problems. Add explicit test of legacy core bridges, as marking the factory class private had silently broken them.

* Fix change due to using Artemis 2.2
2017-12-15 17:48:33 +00:00
Katarzyna Streich
550469ea38
Wire part of network parameters (#2187)
* Take maximum message size from network parameters

* Add epoch handling

* Add handling of network parameters mismatch

Change NetworkMapClient and updater, add handle in
AbstractNode that results in node shutdown on parameters mismatch. Later
on we should implement proper handling of parameters updates.
Add tests of NetworkParameters wiring.

When node starts with compatibilityZone url configured it takes
networkParameters from the networkMap.

* Permit only one network parameters file

On node startup network parameters are read from node's base directory,
we permit only zero or one files to be there. If network map server is
configured the parameters can be downloaded at startup (if not present
in the directory already).

* Update docs on network map endpoints
2017-12-15 11:13:15 +00:00
Andrzej Cichocki
05bc05a936
CORDA-716 Retire withTestSerialization (#2240) 2017-12-14 12:42:18 +00:00
Shams Asari
2319bf396c Renamed TestIdentity.key to keyPair and pubkey to publicKey (#2249) 2017-12-14 11:30:55 +00:00
Andrzej Cichocki
c3b9955344
CORDA-716 Fix split packages in testing (#2232) 2017-12-12 19:37:01 +00:00
Andrzej Cichocki
905c8252a6
CORDA-654 Remaining key constants (#2226) 2017-12-12 18:03:06 +00:00
Alberto Arri
2dc73ecf3b
Changed logic to check for initial certificate, now using the truststore instead of the .cer file (#2213) 2017-12-12 10:39:52 +00:00
Shams Asari
d6054e4b4f Merge branch 'master' into shams-master-merge-081217
# Conflicts:
#	node/src/main/kotlin/net/corda/node/services/config/NodeConfiguration.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/DriverDSLImpl.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/RPCDriver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/demorun/DemoRunner.kt
#	verifier/src/integration-test/kotlin/net/corda/verifier/VerifierDriver.kt
2017-12-11 10:23:16 +00:00
igor nitto
da38e6f673
Configurable authorization/authentication data sources [CORDA-827] (#2145)
* Add support for external data source of access control data (RPC/Shell users credential and permissions), with optional in-memory caching.
* Support password encoded with Apache Shiro fully reversible Modular Crypt Format.
* Introduce 'security' field in Node configuration and related docsite page.
2017-12-11 08:39:09 +00:00
Shams Asari
41bfd7a971 Merge fixes 2017-12-10 20:15:33 +00:00
Patrick Kuo
92efd82fab
Fix broken test (#2218) 2017-12-08 17:27:23 +00:00
Shams Asari
65ff931f53 Merge branch 'master' into shams-master-merge-081217
# Conflicts:
#	node-api/src/main/kotlin/net/corda/nodeapi/internal/crypto/KeyStoreWrapper.kt
#	node/src/main/kotlin/net/corda/node/internal/AbstractNode.kt
#	node/src/main/kotlin/net/corda/node/services/config/ConfigUtilities.kt
#	node/src/test/kotlin/net/corda/node/services/identity/InMemoryIdentityServiceTests.kt
#	node/src/test/kotlin/net/corda/node/services/identity/PersistentIdentityServiceTests.kt
#	samples/irs-demo/src/integration-test/kotlin/net/corda/test/spring/SpringDriver.kt
#	testing/node-driver/src/integration-test/kotlin/net/corda/testing/driver/DriverTests.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/DriverDSL.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/DriverDSLImpl.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/NodeBasedTest.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/RPCDriver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/demorun/DemoRunner.kt
#	testing/test-utils/src/main/kotlin/net/corda/testing/CoreTestUtils.kt
#	verifier/src/integration-test/kotlin/net/corda/verifier/VerifierDriver.kt
2017-12-08 16:03:16 +00:00
Patrick Kuo
9b097aa988
CORDA-819 Add checks to ensure TLS and Client CA cert chains to the same trusted root (#2149)
* testnet bad node info bug fix

* address PR issues

* fix PR issues

* remove TODO for checking validation logic
2017-12-08 14:35:49 +00:00
Shams Asari
db9eb8a63f Preliminary work to make merge with master manageable 2017-12-08 13:39:05 +00:00
Shams Asari
cb11379d98 Addressing some of the technical debt 2017-12-06 22:01:41 +00:00
Shams Asari
89256a7f16 Moved the CZ URL and node registration logic of the driver to be more internal, not available through the standard driver call, as these are not testing features for an app dev.
Also cleanup up some of the related tests.
2017-12-06 12:32:41 +00:00
Shams Asari
8461837f1a Cleaned up Driver.kt so that only the relevant bits are exposed as public API 2017-12-05 23:52:15 +00:00
Andrzej Cichocki
b0ebf3d7e0
CORDA-654 Various MockServices refactorings (#2167)
* Remove MockServices.stateMachineRecordedTransactionMapping which does nothing
* Inline StateLoaderImpl
* Remove unused MockServices
* MockServices well-known identities not needed in a place
* A few things don't need a full-blown ServiceHub
2017-12-05 16:22:53 +00:00
Andrzej Cichocki
e4d76204c1
Pass some key constants into MockServices. (#2173) 2017-12-05 14:50:56 +00:00
Shams Asari
6a1aa59e3e Merge branch 'master' into shams-merge-master-041217
# Conflicts:
#	node/src/integration-test/kotlin/net/corda/node/services/DistributedServiceTests.kt
#	samples/bank-of-corda-demo/src/main/kotlin/net/corda/bank/BankOfCordaCordform.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/NodeTestUtils.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/NodeBasedTest.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/node/MockNode.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/node/NotarySpec.kt
#	verifier/src/integration-test/kotlin/net/corda/verifier/VerifierDriver.kt
2017-12-04 13:39:32 +00:00
Alberto Arri
acd2281b20
ENT-1125 bootstrap root certificate (#2151)
* ENT-1125 make nodes check that the returned signed certificate from Doorman has the expected root
2017-12-04 12:53:22 +00:00
Andrzej Cichocki
d2f66acff7
Use non-static Rx pool when testing. (#2165) 2017-12-04 12:41:43 +00:00
Shams Asari
5264072752 Renamed n.c.nodeapi.config to n.c.nodeapi.internal.config as that config code is not public API. For the same reason, also moved User into the same internal package. 2017-12-03 17:20:30 +00:00
Katarzyna Streich
6958cbbc44
Fix demobench as part of network parameters work (#2148)
* Fix demobench - network parameters

Demobench uses ServiceIdentityGenerator to pregenerate notary identity
for network parameters.
2017-12-01 16:14:03 +00:00
Shams Asari
c2731c6797 More merge fixes and moved NodesInfoFilesCopier into internal package 2017-11-30 16:46:32 +00:00
Andrzej Cichocki
10e686bc82
Inline DriverConstants. (#2156) 2017-11-30 16:28:58 +00:00
Shams Asari
fdc31091a6 Merge branch 'feature-network-parameters' into shams-master-merge-291117
# Conflicts:
#	constants.properties
#	gradle-plugins/cordformation/src/main/kotlin/net/corda/plugins/Cordform.kt
#	gradle-plugins/cordformation/src/main/kotlin/net/corda/plugins/Node.kt
2017-11-30 12:05:42 +00:00
Katarzyna Streich
c9f3e98795
Another approach to fixing deployNodes task and network parameters generation (#2066)
* Generate networkParameteres for Cordformation.

Fix deployNodes task in Cordformation to generate NetworkParameters before running the nodes.
Add TestNetworkParametersGenerator utility loaded after node infos generation step.

* Get rid of bouncy castle provider dependency
For cordform-common. It caused problems with loading our custom
X509EdDSAEngine for generation of network parameters in deployNodes
task.
2017-11-30 10:39:29 +00:00
Shams Asari
71763ff1d3 Merge branch 'master' into shams-master-merge-291117
# Conflicts:
#	node/src/main/kotlin/net/corda/node/internal/AbstractNode.kt
#	node/src/main/kotlin/net/corda/node/services/network/PersistentNetworkMapCache.kt
#	node/src/test/kotlin/net/corda/node/services/messaging/ArtemisMessagingTests.kt
#	samples/notary-demo/src/main/kotlin/net/corda/notarydemo/BFTNotaryCordform.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/internal/demorun/DemoRunner.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/node/MockNode.kt
2017-11-29 18:00:16 +00:00
Patrick Kuo
572c4af40c
Use NetworkMap and SignedNetworkMap in NetworkMapClient, and enable signature verification. (#2054)
* new network map object for network map, and verify signature and root in Signed network map and node info

* fixup after rebase

* * added certificate and key to network map server
* move DigitalSignature.WithCert back to NetworkMap.kt, as its breaking API test, will raise another PR to move it back.
* Make DigitalSignature.WithCert not extend WithKey, as per PR discussion.
* various fixes after rebase.

* move Network map back to core/node, as its breaking API test

* revert unintended changes

* move network map objects to node-api
2017-11-29 15:55:13 +00:00
Michele Sollecito
cb1fa2e017
Corda now works with H2 without the need to allow Hibernate to create the database automatically. (#2124)
[CORDA-815]: Corda now instructs Hibernate to either adjust or validate the schema based on `devMode` property.

Also renamed property `database.initDatabase` to `database.createSchemaAutomatically`.

* [CORDA-815]: Renamed database.initDatabase to database.adjustSchemas.

* Code review changes: removed property `database.initDatabase` altogether.

* Code review changes: removed property `database.initDatabase` altogether.

* Code review changes: removed property `database.initDatabase` altogether.

* Code review changes: removed property `database.initDatabase` altogether.
2017-11-28 17:33:02 +00:00
Patrick Kuo
cc1fba641e
Integration test for http network map service (#2078)
* make node info file copying optional by setting "compatabilityZoneURL" in driver
integration test for node using http network map using driver
some bug fixes

* rebase to feature branch and fixup

* add initialRegistration flag to driver

* remove useFileBaseNetworkMap flag, add network map server to DriverTest

* remove useFileBaseNetworkMap flag, add network map server to DriverTest

* use PortAllocation.Incremental instead of random

* * use PortAllocation.Incremental instead of random
* fix NodeInfoWatcher thread leak issue

* reset scheduler before create notary

* move port allocation out of companion object

* move port allocation out of companion object

* make node info file copier lateinit to avoid observable thread pool get created on init
2017-11-28 13:58:48 +00:00
Andrzej Cichocki
4bd6fef0f9
StateMachineManager is no longer lateinit. (#2123) 2017-11-27 17:55:08 +00:00
Shams Asari
9fefabbb88 Merge branch 'master' into shams-master-merge-271117 2017-11-27 17:08:13 +00:00
Shams Asari
4ca54b73fe Added tests to make sure the platform version is correctly available 2017-11-27 17:04:19 +00:00
Shams Asari
2ceb6283af Moved X509Utilities, and some other crypto utilities in node, into node-api so that they can be used by services outside of the node.
There's also some cleanup as well.
2017-11-27 15:49:33 +00:00
Maksymilian Pawlak
ce9b6c1f18
CORDA-311-post PR merged fixes (#2106)
* SSH server integration
2017-11-23 16:34:57 +00:00
Shams Asari
9097107d2e Revert "Revert "Introducing network parameters.""
This reverts commit 953a4a3790.
2017-11-21 15:05:24 +00:00