Commit Graph

10724 Commits

Author SHA1 Message Date
Adel El-Beik
9ab1b36128
ENT-11106: Upgrade dependencies Part 1, (jackson, caffeine, guava, je… (#7708)
* ENT-11106: Upgrade dependencies Part 1, (jackson, caffeine, guava, jetty.

* ENT-11106: removed unused import.

* ENT-11106: Fixed the deprecation and null check.
2024-04-03 12:59:34 +01:00
Adel El-Beik
6c4b8fdf23
ENT-11657: Upgrade artemis. (#7707)
* ENT-11657: Upgraded artemis.

* ENT-11657: Reverted dependencies task leftin.

* ENT-11657: Upgraded log4j and slf4j.
2024-04-03 11:15:00 +01:00
Adel El-Beik
72778b7fb0
ENT-11728: Switched to LTS version of BC. Also removed PQC algos as n… (#7706)
* ENT-11728: Switched to LTS version of BC. Also removed PQC algos as not supported in LTS.
* ENT-11728: Removed the SPHINCS PQC algorithm.
* ENT-11728: Added dependency on bcutil to fix missing class error.
2024-04-03 11:14:19 +01:00
Shams Asari
af62c36986
ENT-11458: Make sure external verifier is involved when verifying transactions in collect signatures flow (#7703)
* ENT-11458: Make sure external verifier is involved when verifying transactions in collect signatures flow

* Using SignedTransaction.verify(checkSufficientSignatures = false) after the observation that the current check for notSigned is effectively the same as just calling with checkSufficientSignatures = false.
2024-04-02 16:56:09 +01:00
Adel El-Beik
50b65c0183
Merge pull request #7705 from corda/ES-1919/Update-Github-Workflows
ES-1919/Update-Github-Workflows
2024-04-02 10:45:34 +01:00
LukeBrowne-R3
764b47ad18 ES-1919/Update-Github-Workflows 2024-03-29 12:09:56 +00:00
Adel El-Beik
3ffd77add3
Merge pull request #7702 from corda/shams-enable-warnings-as-errors
ENT-11717: Re-enable warnings as errors on Jenkins
2024-03-28 09:58:21 +00:00
Adel El-Beik
c5cb005eb1
Merge pull request #7701 from corda/shams-fix-byteman-test
ENT-11301: Fixed StateMachineFinalityErrorHandlingTest
2024-03-28 09:56:22 +00:00
Shams Asari
d576588676 ENT-11717: Re-enable warnings as errors on Jenkins 2024-03-27 11:21:43 +00:00
Shams Asari
abed48f0ba ENT-11301: Fixed StateMachineFinalityErrorHandlingTest
Switched to a instrumenting a normal class method since something about interface methods are not working.
2024-03-27 10:48:29 +00:00
Adel El-Beik
a400b210be
Merge pull request #7700 from corda/shams-unix-domain-socket-verifier
ENT-11126: Use UNIX domain sockets for communication with the external verifier
2024-03-26 14:21:20 +00:00
Shams Asari
62819f27f0 ENT-11126: Use UNIX domain socket for communication with external verifier
These have the advantage of being more secure as only the current user has access to them and faster than local TCP as it avoids the entire TCP stack.
2024-03-26 11:04:04 +00:00
Adel El-Beik
ea1aec1267
Merge pull request #7699 from corda/shams-unverifiable-compat-tx
ENT-11448: Better error message if transaction has missing legacy attachments
2024-03-25 15:19:55 +00:00
Shams Asari
9955dcd6af ENT-11448: Better error message if transaction has missing legacy attachments
Especially if the transaction has multiple contracts and one of them doesn't have a legacy attachment whilst the others do.
2024-03-21 15:08:43 +00:00
Adel El-Beik
7fdf89332e
Merge pull request #7698 from corda/shams-legacy-tokens-compat
ENT-11679: Reverted changes to internal APIs used by legacy token SDK contracts
2024-03-21 08:21:18 +00:00
Shams Asari
2d83ff27b3 ENT-11679: Reverted changes to internal APIs used by legacy token SDK contracts 2024-03-20 17:11:05 +00:00
Adel El-Beik
a2ab283f4f
Merge pull request #7697 from corda/shams-thread-safe-random
ENT-11678: Mark Corda `SecureRandom` as thread safe
2024-03-20 14:58:49 +00:00
Adel El-Beik
6e3374c2c8
Merge pull request #7686 from corda/shams-legacy-contract-deps
ENT-11445: Support legacy contract CorDapp dependencies
2024-03-20 12:10:35 +00:00
Adel El-Beik
0849f91d45
Merge pull request #7695 from corda/shams-eddsa-service-keys
ENT-11662: Use EdDSA when generating notary service identities
2024-03-20 12:10:10 +00:00
Adel El-Beik
17bab482ad
Merge pull request #7696 from corda/shams-unused-test-jars
ENT-11095: Delete test resources which are no longer used
2024-03-20 12:09:40 +00:00
Shams Asari
1356cbf10e ENT-11678: Mark Corda SecureRandom as thread safe
This avoids a mutex contention as the JDK assumes it’s not thread safe.
2024-03-20 10:49:08 +00:00
Adel El-Beik
4f4a6fbcf0
Merge pull request #7690 from corda/merge-release/os/4.11-release/os/4.12-2024-03-14-174
ENT-11620: Merging forward updates from release/os/4.11 to release/os/4.12 - 2024-03-14
2024-03-19 14:35:43 +00:00
Shams Asari
1c5b216ed8 ENT-11095: Delete test resource jars which are no longer used 2024-03-19 11:28:03 +00:00
Adel El-Beik
b114b39ca6
Merge pull request #7694 from corda/shams-bc-eddsa
ENT-11661: Replaced SunEC Ed25519 implementation with Bouncy Castle
2024-03-19 11:25:26 +00:00
Shams Asari
e860c67086 ENT-11662: Using EdDSA keys when generating notary servive identities
It was previously generating TLS keys, which seems to have been an oversight.

Using EdDSA also has a slight performance edge, as there's some mutex contention when ECDSA keys are used.
2024-03-19 10:12:10 +00:00
Shams Asari
9d57caebed ENT-11661: Replaced SunEC Ed25519 implementation with Bouncy Castle
It turns out the JDK implementation (`SunEC` provider) of Ed25519 signature verification is quite slow, slower than the abandoned library (i2p) it replaced. This has been replaced by Bouncy Castle, whereby the `EDDSA_ED25519_SHA512` signature scheme uses it. `SunEC` still remains the default implementation. `Crypto.toSupportedPublicKey` (and `toSupportedPrivateKey`) were tweaked to make sure any `SunEC` keys are converted to Bouncy Castle. The presence of two different `EdECPublicKey` implementations for the same key causes cache misses in `BasicHSMKeyManagementService`, resulting in another performance degradation.
2024-03-19 07:48:22 +00:00
Adel El-Beik
d478decc6f
Merge pull request #7692 from corda/adel/ENT-11523
ENT-11523: Dont instrument due to the synchronization. Quasar was thr…
2024-03-15 13:43:43 +00:00
Adel El-Beik
8c90524fdf ENT-11620: Removed unused import. 2024-03-15 11:29:18 +00:00
Adel El-Beik
2bcb2ba945 ENT-11620: Fixed to work with 4.12 class heirarchy. 2024-03-15 11:10:19 +00:00
Adel El-Beik
d4829df687 ENT-11523: Dont instrument due to the synchronization. Quasar was throwing unable to instrument exception. 2024-03-14 13:55:28 +00:00
r3-build
352931179a Merging forward updates from release/os/4.11 to release/os/4.12 - 2024-03-14 2024-03-14 11:45:48 +00:00
Adel El-Beik
6107f800fd
Merge pull request #7689 from corda/merge-release/os/4.10-release/os/4.11-2024-03-13-131
ENT-11620: Merging forward updates from release/os/4.10 to release/os/4.11 - 2024-03-13
2024-03-14 11:44:43 +00:00
r3-build
121ec42d6c Merging forward updates from release/os/4.10 to release/os/4.11 - 2024-03-13 2024-03-13 17:23:47 +00:00
Adel El-Beik
a6ee0e940a
Merge pull request #7688 from corda/adel/ENT-11620
ENT-11620: Set the thread context class loader so all fibres involved…
2024-03-13 17:22:49 +00:00
Adel El-Beik
7946958804
Merge pull request #7687 from corda/cc/dev/os/4.12/ent-11514/add_opens
ENT-11514 - More --add-opens JVM args
2024-03-13 11:06:51 +00:00
Adel El-Beik
769aac11f2
Merge pull request #7683 from racerole/release/os/4.12
ENT-11581: fix some typos
2024-03-13 11:05:41 +00:00
Adel El-Beik
99faeaf667 ENT-11620: Set the thread context class loader so all fibres involved in a flow has the thread context class loader set to the app class loader. 2024-03-13 11:01:41 +00:00
Shams Asari
b3265314ce ENT-11445: Support legacy contract CorDapp dependencies
The `TransactionBuilder` has been updated to look for any missing dependencies to legacy contract attachments, in the same way it does for missing dependencies for CorDapps in the "cordapps" directory,

Since `TransactionBuilder` does verification on the `WireTransaction` and not a `SignedTransaction`, much of the verification logic in `SignedTransaction` had to moved to `WireTransaction` to allow the external verifier to be involved. The external verifier receives a `CoreTransaction` to verify instead of a `SignedTransaction`. `SignedTransaction.verify` does the signature checks first in-process, before then delegating the reset of the verification to the `CoreTransaction`.

A legacy contract dependency is defined as an attachment containing the missing class which isn't also a non-legacy Cordapp (i.e. a CorDapp which isn't in the "cordapp" directory).
2024-03-13 10:58:11 +00:00
Chris Cochrane
ea93a5f560
Extra add-opens to support corda-shell 2024-03-12 15:45:19 +00:00
Adel El-Beik
5b8fc6f503
Merge pull request #7685 from corda/shams-signers-component-group
ENT-9659: Using signers component group for `WireTransaction.requiredSigningKeys`
2024-03-07 20:03:47 +00:00
Adel El-Beik
54135a26c9
Merge pull request #7680 from corda/shams-cleanup-jdk-8-11
ENT-11090: Removed all JDK 8/11 conditional code
2024-03-07 20:03:20 +00:00
Adel El-Beik
89a998892d
Merge pull request #7684 from corda/paulmoloneyr3/DOC-6379/broken-links
DOC-6379 - fixed broken links on github
2024-03-07 13:53:31 +00:00
Shams Asari
47a57285fb ENT-9659: Using signers component group for WireTransaction.requiredSigningKeys
The previous solution of using `Command.signers` has the risk of not being deserialisable if the correct CorDapp is not installed on the node.
2024-03-07 10:24:38 +00:00
Adel El-Beik
7019ea8e47
Merge pull request #7682 from corda/adel/ENT-11501
ENT-11501: Re initialise the logging, after system property set.
2024-03-06 17:39:46 +00:00
Paul Moloney
73c98e6c2c DOC-6379 - fixed broken links on github 2024-03-06 10:56:24 +00:00
racerole
4d1d1b0c9c fix some typos
Signed-off-by: racerole <jiangyifeng@outlook.com>
2024-03-06 11:06:13 +08:00
Adel El-Beik
5c9164c94a ENT-11501: Re initialise the logging, after system property set. 2024-03-05 19:40:14 +00:00
Shams Asari
900809b3d7 ENT-11090: Removed all JDK 8/11 conditional code 2024-03-05 17:10:26 +00:00
Adel El-Beik
6bdad94236
Merge pull request #7675 from corda/shams-remove-i2p
ENT-11101: Fix all crypto issues introduced by Java 17 upgrade
2024-03-05 14:32:34 +00:00
Shams Asari
0091807c2f ENT-11101: Fix all crypto issues introduced by Java 17 upgrade
The various crypto tests that were previously ignored have been re-enabled.

The abandoned i2p EdDSA library has been replaced with native support that was added in Java 15.

Java 17 (via the `SunEC` provider) does not support the secp256k1 curve (one of the two ECDSA curves supported in Corda). This would not normally have been an issue as secp256k1 is already taken care of by Bouncy Castle. However, this only works if the `Crypto` API is used or if `”BC”` is explicitly specified as the provider (e.g. `Signature.getInstance(“SHA256withECDSA”, “BC”)`). If no provider is specified, which is what is more common, and actually what the Java docs recommend, then this doesn’t work as the `SunEC` provider is selected. To resolve this, a custom provider was created, installed just in front of `SunEC`, which “augments” `SunEC` by delegating to Bouncy Castle if keys or parameters for secp256k1 are encountered.

`X509Utilities.createCertificate` now calls `X509Certificate.verify()` to verify the created certificate, rather than using the Bouncy Castle API. This is more representative of how certificates will be verified (e.g. during SSL handshake) and weeds out other issues (such as unsupported curve error for secp256k1).

`BCCryptoService` has been renamed to `DefaultCryptoService` as it no longer explicitly uses Bouncy Castle but rather uses the installed security providers. This was done to fix a failing test. Further, `BCCryptoService` was already relying on the installed providers in some places.

The hack to get Corda `SecureRandom` working was also resolved. Also, as an added bonus, tests which ignored `SPHINCS256_SHA256` have been reinstated.

Note, there is a slightly inconsistency between how EdDSA and ECDSA keys are handled (and also RSA). For the later, Bouncy Castle is preferred, and methods such as `toSupportedKey*` will convert any JDK class to Bouncy Castle. For EdDSA the preference is the JDK (`SunEC`). However, this is simply a continuation of the previous preference of the i2p library over Bouncy Castle.
2024-03-04 13:29:49 +00:00