128 Commits

Author SHA1 Message Date
tudor.malene@gmail.com
81932b4e88 Merge branch 'open_master' into corda/tudor-os-merge
# Conflicts:
#	settings.gradle
#	verifier/build.gradle
#	verifier/src/integration-test/kotlin/net/corda/verifier/GeneratedLedger.kt
#	verifier/src/integration-test/kotlin/net/corda/verifier/VerifierDriver.kt
#	verifier/src/integration-test/kotlin/net/corda/verifier/VerifierTests.kt
#	verifier/src/main/kotlin/net/corda/verifier/Verifier.kt
2018-03-15 10:21:35 +00:00
Tudor Malene
88c5ab8870 Feature/corda 1219/remove out of process verifier () 2018-03-15 09:57:59 +00:00
Matthew Nesbit
d592fb5c49 Create basic bridge module and capsule build
Basic pieces of bridge, still very rough

Work in progress

Fixes after rebase

Primitive float tunnel implementation

Put explanatory comments on the interfaces. Add support for different SSL KeyStores for the different connections to/from the bridge and float.

Add a couple more comments

Cleanup

Fix some issues

Use a new custom header to relay the login identity from bridges. (Will add more security to this shortly)

Make key protection logic a bit clearer in the comments

Create some basic test and integrationTests

Add a couple of tests of the BridgeAMQPListenerService

Add some basic tests

Correct comment

Fixup after rebase

Fixup after rebase

Fixup after rebase

Explicit parameter types to work on build box.

Address PR comments

Address some of Mike's PR comments.

Re-enable test on enterprise.

Don't sweep up node default config

Remove obsolete config entry

Correct merge mistake

Configurable whitelist headers on bridge

Don't access primary artemis session from different threads used by inbound packet pathway.

Fix unit test
2018-03-14 11:08:09 +00:00
szymonsztuka
3733e7d715 Merge remote-tracking branch 'remotes/open/master' into merges/CORDA-792
# Conflicts:
#	.idea/compiler.xml
#	build.gradle
#	node/src/integration-test/kotlin/net/corda/node/services/rpc/RpcSslTest.kt
#	node/src/main/kotlin/net/corda/node/internal/NodeStartup.kt
#	node/src/main/kotlin/net/corda/node/shell/CordaAuthenticationPlugin.kt
#	node/src/main/kotlin/net/corda/node/shell/CordaSSHAuthInfo.kt
#	node/src/main/kotlin/net/corda/node/shell/RPCOpsWithContext.kt
#	node/src/test/kotlin/net/corda/node/services/config/NodeConfigurationImplTest.kt
#	settings.gradle
#	testing/test-common/src/main/kotlin/net/corda/testing/common/internal/UnsafeCertificatesFactory.kt
#	tools/shell/src/integration-test/kotlin/net/corda/tools/shell/SSHServerTest.kt
#	tools/shell/src/main/java/net/corda/tools/shell/FlowShellCommand.java
#	tools/shell/src/main/java/net/corda/tools/shell/RunShellCommand.java
#	tools/shell/src/main/java/net/corda/tools/shell/StartShellCommand.java
#	tools/shell/src/main/kotlin/net/corda/tools/shell/FlowWatchPrintingSubscriber.kt
#	tools/shell/src/main/kotlin/net/corda/tools/shell/InteractiveShell.kt
#	tools/shell/src/main/kotlin/net/corda/tools/shell/InteractiveShellCommand.kt
#	tools/shell/src/main/kotlin/net/corda/tools/shell/utlities/ANSIProgressRenderer.kt
#	tools/shell/src/main/resources/net/corda/tools/shell/base/login.groovy
#	tools/shell/src/test/kotlin/net/corda/tools/shell/CustomTypeJsonParsingTests.kt
#	tools/shell/src/test/kotlin/net/corda/tools/shell/InteractiveShellTest.kt
2018-03-07 16:49:00 +00:00
szymonsztuka
72074c76c7
[CORDA-792] Standalone Shell ()
- Existing embedded Shell connects via RPC including checking RPC user credentials (before was a direct use of CordaRPCOps):  in dev mode when console terminal is enabled, node created `shell` user.
- New Standalone Shell app with the same functionalities as Shell: connects to a node via RPC Client,  can use SSL and run SSH server.
2018-03-07 09:57:32 +00:00
Michele Sollecito
da1afd9c55
Introduced copyright in all source files. () 2018-03-06 17:29:21 +00:00
Andras Slemmer
f5167e207f Merge remote-tracking branch 'origin/master' into aslemmer-merge-19-Feb 2018-02-23 11:18:16 +00:00
Patrick Kuo
94f73920cc
ENT-1443 Add cert role to CSR and doorman issue cert according to the cert role ()
* Doorman and HSM create certificate base on requested cert role specified in the certificate signing request.
2018-02-23 10:57:59 +00:00
Andras Slemmer
25263c20c7 Merge remote-tracking branch 'open/master' into aslemmer-merge-19-Feb 2018-02-20 15:52:09 +00:00
Clinton
174ed3c64b
CORDA-556: Added Cordapp Config and a sample ()
* Added per-cordapp configuration 
* Added new API for Cordformation cordapp declarations to support per-cordapp configuration
* Added a cordapp configuration sample
2018-02-14 14:49:59 +00:00
Tommy Lillehagen
f3d2a7674c Add module for end-to-end testing library 2018-02-02 12:20:14 +00:00
Thomas Schroeter
b50ce0ab8d
HA-notary health check flow ()
* Add simple notary health check flow

* Move notary test to notary health check

* Rebase
2018-01-25 10:34:07 +00:00
Tudor Malene
cef1f9885c
ENT-1282: create standalone db migration tool ()
* ENT-1282: add standalone db migration tool that works with both the node and the doorman

* ENT-1282: remove cmd line args during node startup

* ENT-1282: more clear message

* ENT-1282: fix integration test

* ENT-1282: more fixes and cleanup code

* ENT-1282: address PR comments

* ENT-1282: more fixes and refactoring

* ENT-1282: more classloader fixes

* ENT-1282: changes after demo feedback

* ENT-1282: update API

* ENT-1282: update documentation

* ENT-1282: formatting

* ENT-1282: added CONSOLE option for dry-run and logging

* ENT-1282: documentation changes

* ENT-1282: remove getMigrationResource from the public API

* ENT-1282: removed dependency on network-manager, added release-lock

* ENT-1282: Update documentation
2018-01-24 11:55:43 +00:00
Michal Kit
789ce5d44a
Initial implementation of the certificate generation tool ()
* Initial implementation of the certificate generation tool

* Adding trust store persisting

* Addressing review comments

* Adding certificate type to the certificate generation process.

* Addressing review comments

* Fixing typos

* Changing keyOverride to 0 in examples and tests

* Addressing review comments + rebasing

* Adding CRL information to the certificate generation process

* Generation tool refactoring

* Addressing review comments
2018-01-23 11:50:03 +00:00
Katarzyna Streich
4e80a33dea Fixes after os -> ent merge to networkManagement ()
* Quick fixes

* Fix SignedNodeInfo

Introduce network-management schema changes to reflect that NodeInfos
can have multiple signatures.

* Address Shams comments

Store SignedNodeInfo as a blob for network management tool.
2017-12-19 21:36:30 +00:00
Andras Slemmer
4175593b18 remove :network-management 2017-12-18 16:40:54 +00:00
Andras Slemmer
107fcf82e3 Fixing stuff 2017-12-18 15:39:08 +00:00
josecoll
fc7445f714 Resolve compilation issues related to Network Map changes. 2017-12-18 11:30:32 +00:00
josecoll
e9fc6f7c8d Merge remote-tracking branch 'open/master' into colljos-os-merge-rc01 2017-12-18 10:24:38 +00:00
Shams Asari
00a5e3db6b CORDA-830 Introducing the network bootstrapper
Copying of the node-info files moved out of Cordform and into NetworkParametersGenerator (which is now called NetworkBootstrapper). This class becomes an external tool to enable deployment of nodes in a test setup on a single filesystem.
2017-12-17 23:49:57 +00:00
Christian Sailer
223737ebb8
Fix perftestcordapp unit tests () 2017-12-15 08:13:28 +00:00
josecoll
c72b33841b Merge branch 'master' into colljos-os-hc02-merge-121217 2017-12-12 17:42:21 +00:00
josecoll
60b8be5df8 Removed 'perftestcordapp' due to continuous OS merge breakages. 2017-12-12 16:19:36 +00:00
Chris Rankin
2725f53ef5
ENT-1074 - Proof-of-concept ISV for SGX remote attestation ()
* Initial WIP.
* Configure IAS host via system properties.
* Create separate Gretty configurations for testing and for IAS.
* (WIP) Separate configuration values from WAR; Add msg3 -> msg4 handling.
* Check the IAS report's cryptographic signature.
* Accept CertPath from IAS instead of a Certificate.
* Validate the certificate chain for the IAS report.
* Refactor response handling, and add a secret to Message4.
* Append public DH keys to generated shared secret.
* Use DH secret to generate a 256 bit AES key.
* Fix runISV Gradle task so that it creates WAR file.
* Migrate MockIAS service into a separate package.
* Remove unused aesCMAC field from Message3.
* Configure HTTP sessions to expire after 10 idle minutes.
* Ensure we select the "isv" key for MTLS with Intel Attestation Service.
* Set key alias for Intel's public certificate.
* Implement GET /attest/provision endpoint.
* Use elliptic curves for Diffie-Hellman keys.
* Pass public keys as Little Endian byte arrays without ASN.1 encoding.
* Add AES-CMAC signature to Message2.
* Remove signature fields from QUOTE body for sending to IAS.
* Add a dummy AES-CMAC field to Message3 for later validation.
* Generate AEC-CMAC for Message 3, and refactor crypto functionality.
* Calculate AES-CMAC using AES/CBC/PKCS5Padding algorithm.
* Use BouncyCastle's AESCMAC algorithm for MAC calculation.
* Include standard crypto test vectors to the unit tests.
* Encrypt MSG3 secret using AES/GCM/NoPadding with 128 bit key.
* Hash shared key with Little Endian versions of public keys.
* Refactor so that hexToBytes() is a utility.
* Simplify signing of MocKIAS report.
* Separate AES/GCM authentication tag from the encrypted data.
* Create /ias/report endpoint for ISV which proxies IAS.
* Remove unnecessary @Throws from MockIAS handlers.
* Log HTTP error status from IAS.
* Replace runISV task with startISV and stopISV tasks.
* Refactor tests to use CryptoProvider @Rule instead of @Suite.
* Move Web server for integration tests to use non-production ports.
* Add proxy endpoint for IAS revocation list.
* Generate an ECDSA "service key" for signing (gb|ga).
* Generate a persistent key-pair for the ISV to sign with.
* Verify the (Gb|Ga) signature from Message2.
* Add debugging aids.
* Fix Gradle warning.
* Remove TLV header from Platform Info Body for MSG4.
* Small tidy-up.
* Use SPID "as-is" when calculating CMAC for MSG2.
* Add DEBUG messages for MSG2's KDK and SMK values (AES-CMAC).
* Add DEBUG logging for ECDH shared secret.
* More DEBUG logging.
* The ECDH shared secret *is* the x-coordinate: no need to subrange.
* Adjust MockIAS to return an empty revocationList for GID 0000000b.
* Fix ArrayOutOfBoundsException for "small" integer values.
* Test MSG1 with empty revocation list.
* Add extra logging for IAS report request.
* ReportResponse object cannot be null.
* Fix misreading of spec - don't remove quote's signature when requesting report from IAS.
* Log invalid contents of X-IAS-Report-Signing-Certificate HTTP header.
* Build CertPath for IAS from explicit list of Certificates.
* Rename quote fields on IAS ReportResponse to match Intel.
* Log report ID and quote status from IAS.
* Add a revocation list checker to the certificate path validator.
* Tweak revocation list options, depending on IAS vs MockIAS.
* Extract Intel's certificate specifically by alias for PKIX.
* Tune quote body returned by MockIAS.
* Add AES-CMAC field to Message4 for validation.
* Increase GCM authentication tag to 128 bits.
* Receive platformInfoBlob from IAS as hexadecimal string.
* Generate secret encryption key using KDK and SK values.
* Marshall platformInfoBlob between Base16 string and ByteArray.
* Interpret status results from IAS as enums.
* Use lateinit for HttpServletRequest field.
* Refactor ExceptionHandler out of messages package.
* Alias is for ISV, so rename it.
* Refactor classes into more correct packages.
* Use random 96 bit IV for GCM encryption.
* Parameterise HTTP/HTTPS ports via Gradle.
* Do not forward a securityManifest containing only zeros to IAS.
* Address review comments.
* Review comment: Use NativePRNGNonBlocking for SecureRandom.
* Rename isv.pfx to isv-svc.pfx
* Rename keystore to isv.pfx, for clarity.
* Update scripts so that they no longer require user input.
* Generate isv.pfx from the key and certificates.
* Remove private key from repository.
* Declare an empty PSE Manifest to be invalid.
* Generate keystores "on the fly".
* Rename integration tests to end in "IT" instead of "Test".
* Add README
* Turn remote-attestation into a separate Gradle project.
2017-12-12 13:34:26 +00:00
josecoll
cc770e1145 Re-enabled Doorman build and removed hard dependency on specific OS branch. 2017-12-12 11:31:52 +00:00
josecoll
26829b9202 Remove Doorman and its dependency on OS branch. 2017-12-11 12:49:34 +00:00
josecoll
d984b4722e Re-enable perftestcordapp and jmeter - fix compilation errors caused by MockServices and DriverDSL refactoring. 2017-12-11 11:42:53 +00:00
josecoll
da4d64048f Temporarily remove JMeter module. 2017-12-11 11:06:52 +00:00
josecoll
6456aec9ce Fixes following merge from OS for HC01.
Disabled "pertestcordapp" due to continuous conflict problem upon merge.
2017-12-11 09:56:44 +00:00
Andras Slemmer
63027a077d State machine rewrite 2017-12-05 11:36:20 +00:00
Clinton
bbe8fce686
Doorman and doorman HSM can now be published to artifactory and maven ()
Doorman and doorman HSM can now be published to artifactory and maven local.
2017-12-01 23:04:29 +00:00
Viktor Kolomeyko
c516a4b028
R3NET-546: Business Network PoC work () 2017-11-24 09:59:35 +00:00
Rick Parker
3061678305
JMeter tooling for performance cluster ()
* First working version of RPC & JMeter

* Remote JMeter working from single JAR.

* Some clean up.  Remote slave via capsule is working.

* Full config of capsule launched JMeter server (was missing functions previously).

* SSH tunnelling utility.  Property files per remote host.

* Rename jar to make easier to deploy with wildcard filters.

* Easy all in one launch of UI + SSH tunnels.

* Comment out parties.

* Work around for notary.

* Clean up, renaming etc

* Add some comments and clean up.

* Add some comments and clean up.

* README and fixes.

* Redirect search_paths into a file since it so long and doesn't work on the command line in Windows.

* First working version of RPC & JMeter

* Remote JMeter working from single JAR.

* Some clean up.  Remote slave via capsule is working.

* Full config of capsule launched JMeter server (was missing functions previously).

* SSH tunnelling utility.  Property files per remote host.

* Easy all in one launch of UI + SSH tunnels.

* Comment out parties.

* Work around for notary.

* Clean up, renaming etc

* Add some comments and clean up.

* Add some comments and clean up.

* README and fixes.

* Reduce the dependencies of the JMeter project by copying ()

one function and listing required explicit dependencies
instead of depending on loadtest

* Tidy up

* Fix ssh for windows ()

* Make ssh tunnels work with Pageant on windows and allow specifying explicit
ssh remote user

* Update comments
2017-11-23 12:17:10 +00:00
josecoll
7a9364c8d5 Merge remote-tracking branch 'open/master' into colljos-merge-171117
# Conflicts:
#	.idea/compiler.xml
#	build.gradle
#	client/rpc/src/integration-test/kotlin/net/corda/client/rpc/CordaRPCClientTest.kt
#	docs/source/changelog.rst
#	node/src/integration-test/kotlin/net/corda/node/services/AttachmentLoadingTests.kt
#	node/src/main/kotlin/net/corda/node/internal/StartedNode.kt
#	node/src/main/kotlin/net/corda/node/utilities/registration/HTTPNetworkRegistrationService.kt
#	samples/network-visualiser/build.gradle
#	samples/simm-valuation-demo/src/integration-test/kotlin/net/corda/vega/SimmValuationTest.kt
#	testing/node-driver/src/integration-test/kotlin/net/corda/testing/driver/DriverTests.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/node/MockNode.kt
2017-11-17 15:11:24 +00:00
mkit
12124bc0d9
Fixing failing build for the IntelliJ plugin () 2017-11-13 10:25:11 +00:00
Chris Rankin
c7ec9ad8ac
Fix Gradle warning for example-code project. () 2017-11-08 12:30:23 +00:00
Chris Rankin
148152ba40
Fix Gradle warning for SGX hsm-tool project. ()
* Fix Gradle warning for SGX hsm-tool project.
* Prefix project name with "sgx-".
2017-11-08 12:29:38 +00:00
Christian Sailer
8b55f415bd Merge branch 'master' of https://github.com/corda/corda into christians_os_merge_20171106 2017-11-06 17:37:30 +00:00
Christian Sailer
3e61d13ffe Merge remote-tracking branch 'corda/master' into christians_os_merge_20171031 2017-11-02 14:41:18 +00:00
Maksymilian Pawlak
44a7d872d8 IRS Demo - split IRS Demo into two separate applications to showcase … ()
* IRS Demo - split IRS Demo into two separate applications to showcase the separation and usage of RPC client
2017-10-25 16:40:21 +01:00
mkit
dfb226fbbb Merging signing service and doorman ()
* Merging signing service and doorman

* Addressing review comments

* Removing redundant package name space from method call

* Adding description field to gradle
2017-10-20 17:19:50 +01:00
Christian Sailer
1340b037c6 Merge branch 'master' of https://github.com/corda/enterprise into christians_perftestflows 2017-10-17 15:29:03 +01:00
Christian Sailer
f25c15b194 Rename the module/directory from perftestflows to perftestcordapp and clean up module settings 2017-10-17 12:27:08 +01:00
szymonsztuka
db0969ebda Merge from Corda master 2017-10-16 18:03:07 +01:00
Andras Slemmer
c2cda569e1 Add kryo-hook to settings.gradle 2017-10-11 10:06:52 +01:00
Christian Sailer
8ae92850c9 State and Contract for Cash and CommercialPaper copied to perftestflows 2017-10-10 13:10:21 +01:00
mkit
e22570a81d Adding a new service for CSR signing ()
* Adding a new service for CSR signing

* Adding a new service for CSR signing

* Removing rejection option

* Adding CSR log and removing rejection option

* Addressing review comments
2017-10-09 11:34:42 +01:00
sollecitom
9284e731c0 Merge remote-tracking branch 'remotes/open/master' into enterprise-merge-september-26
# Conflicts:
#	core/src/main/kotlin/net/corda/core/crypto/CryptoUtils.kt
#	node-api/src/main/kotlin/net/corda/nodeapi/internal/serialization/Kryo.kt
#	settings.gradle
2017-09-26 18:08:47 +01:00
Ross Nicoll
8f86068807 Move SwapIdentitiesFlow to confidential-identities module ()
* Move SwapIdentitiesFlow to confidential-identities module

* Clean up confidential-identities build.gradle

* Change description to include Experimental

* Move confidential-identities to a dependency of node rather than node-api
2017-09-18 14:19:20 +01:00
Clinton
8415a01a47 Cordform common is now a part of the gradle plugin suite ()
Cordform common is now a full gradle plugin and all related gradle hacks are removed.
2017-09-12 19:18:09 +01:00