Remove use of Sun internal APIs and algorithm identifiers (which are incomplete and non-standard) in Crypto. Also eliminates uncertainty about which signature scheme is being used (and therefore iterating through several to find the correct one).
* Add functions for:
* Retrieving nodes via their legal identity
* Filtering a set of public keys down to those the node has corresponding private keys for
* Modify contract upgrade flows to handle identifying participants after an anomymisation step
* Correct terminology: "party who" -> "party which"
* Modify CashIssueFlow and CashPaymentFlow to optionally use an anonymous identity for the recipient.
* Replace kotlin Pair with DataFeed data class
* remove unintended changes
* Replace Vault.PageAndUpdates with DataFeed data class
* Remove PageAndUpdates
* First stage of changing fields in NodeInfo.
Part of work related to NetworkMapService upgrade. Create slots for
multiple IP addresses and legalIdentities per node.
* NodeInfo stores HostAndPort.
Move information specific to messaging layer away from NodeInfo.
Only HostAndPort addresses are stored. Add peer name - peer handle
mapping to MockNetwork to reflect that change.
* Enforce that the identity service must always have a root CA specified, which all identities have
certificates signed by (or intermediaries of). Also adds a certificate store to the identity service
for help building/verifying certificate paths.
* Add a certificate store for the CA certificate and intermediaries
* Use the certificate factory directly to build paths rather than assembling them via an interim
API call. After reducing the complexity of the utility API, it's replacing two lines of code,
at which point it seems better to make the behaviour clearer rather than having a function
hide what's actually going on.
Added Kotlin extension functions for ease of use in simplest case.
Added missing Java contractType class (previously was forced cast of ContractState::class)
Fixed generic typing.
Addressed items raised in SA PR review.
Removed 2 blank lines.
Fixed generics typing.
Updates RST doc and grouped API helpers accordingly.
* Vault Query Service API implementation using JPA Hibernate
Added queryBy(QueryCriteria) Vault API and Junit tests.
Minor cosmetic API changes following rebase.
Fixes following rebase from master
Upgraded to requery 1.3.1
WIP - removed 'latestOnly' from LinearStateQueryCriteria
WIP - CommercialSchemas V2, V3, V4 testing
WIP - sort out generics handling.
WIP - most general queries completed.
WIP - join queries, contractStateType derivation
WIP - refactoring Requery
WIP - refactored VaultService to extract a VaultQueryService interface (and associated Requery implementation).
WIP - HibernateVaultQuery implementation
WIP - Re-structured all Schema definitions (requery/jpa) and make Hibernate Config reusable.
WIP - Multi-version schema testing, hibernate query testing.
WIP - Custom Criteria and Fungible Criteria impl & testing.
WIP - Kotlin Comparable Generics error
WIP - Party queries all working now
WIP - All VaultQueryTests now working (refactored for AND / OR composition)
WIP - added schema registration in CordaPluginRegistry to enable custom vault queries on arbitrary schemas.
WIP - added new default Sort NULL order to be NONE + added lots more tests for Logical Operator testing.
Mostly identity fixes following rebase from master.
Exception handling and public API cleanup in prep for PR.
Additional tests for Logical Operators; additional tests for NULLS sort ordering; additional logging;
Additional parser to handle Nullable attribute values; added Unary and Collection logical expression handlers
Lots of cleanup: participants; trackBy interfaces; additional fungible tests; parser cleanup and improved support for Java
Removed all traces of Requery implementation.
Further minor cleanup and Junit test fix.
Final identity and schema related identity clean-up.
Revert unrelated changes.
PR review updates: blank lines, isRelevant.
Fixed wiring of updatesPublisher for dynamic trackBy queries.
PR review changes: multi-versioned schema samples and associated dummy contracts moved to test packages.
Fixed problem with sorted queries (not specifying any filterable criteria).
PR review: minor updates to address RP comments.
Typesafe custom query criteria
Cleanup: remove redundant tests.
Further clean-up and make all Java test work successfully.
Remove debugging print statements.
Rebased from master - changes required due to DealState module change.
fixed broken assertion caused by DealState ordering change (different package)
Fixed transaction demarcation issue causing "java.lang.IllegalStateException: Was not expecting to find existing database transaction on current strand"
trackBy() now filters on ContractType and StateStatus (CONSUMED, UNCONSUMED, ALL)
Added tests to exercise RPCOps trackBy and queryBy (RPC smoke test and CordaRPCOps)
Added additional @CordaSerializable annotations.
Updated documentation and referenced sample code.
Added deprecation annotations.
Re-added missing deprecation annotation.
Hibernate debug logging is now configurable and disabled by default.
Introduced common Sort attributes based on the node schemas.
Completely removed NULL_HANDLING sort parameter as this is not supported in JPA.
Revisited and fixed usage of @CordaSerializable.
* Minor fix following rebase from master.
* Remove blank line as per RP PR feedback request.
* Minor Java documentation and example clean-up.
* Disable BFT Notary Service tests.
* The fancy classloader setup in Cordform.loadCordformDefinition is defeated by certificates in 2 ways
** Class cast when creating a cert (via TestConstants) in a CordformDefinition
** Some issue when persisting a cert in ServiceIdentityGenerator
* This PR is a quickfix to get the demos working again
* Proper fix (not this PR) is to work out why it's not enough for eddsa to be in the project runtime classpath - if it can be removed from the gradle environment that ought to properly fix the above problems
Use the certificate factory directly to build paths rather than assembling them via an interim
API call. After reducing the complexity of the utility API, it's replacing two lines of code,
at which point it seems better to make the behaviour clearer rather than having a function
hide what's actually going on.
Add extremely rough DER format encoding for CompositeKey so that they can be used in X.509 certificates,
and switch service identity generator to using the proper identity cert for signing.
* Fix BFT config that only worked with clusters of size 4
* Shutdown BFT properly so that tests can run back to back in theory
* Wait for initial connection between client and all replicas before touching it
* Add test for non-trivial BFT cluster
* Shutdown NodeBasedTest nodes in parallel, as BFT shutdown time is non-trivial
* Overlapping ports check no longer assumes all on localhost
* Fix overlapping ports test to actually check the messages
* Correct path composition in identity service tests
* Correct identity service certificate path verification to handle the owning certificate being anywhere in the path, rather than expecting it to be trust root
Correct construction of anonymous parties to use the first certificate (the target)
rather than the last (the trust root). Worked because early tests used single certificate
paths, but later work introducing multi-certificate paths reveal it's rather broken.
* Remove unused type param
* If we drop Runnable we can use conciser syntax
* Sometimes we need the fully-fledged object, so retire separate handle class
* Implement IntelliJ suggestion
Deterministic Key Derivation for ECDSA R1/K1 and EdDSA
* DKG description and comments
* Removing a (confusing) not-required comma in comments.
* rename deterministic and generate to derive
Matching can be done with case insensitive substrings in the identity service, RPC and shell. In future cleverer matching should be possible, e.g. using Lucene or RDBMS free text search features.
Modify generateExit to return full set of signing keys in preparation for anonymity work meaning
that owner and issuer keys are typically not the same.
All references to 'parties' now refer to the inherited 'participants' attribute from ContractState.
Samples: all duplicate references to `parties` now changed to `participants`.
Clean up cash tests ahead of anonymisation work. This simplifies some boiler plate setup/teardown
and ensures idenities and flows are correctly registered.
Fixed issue where Corda services installed in unit tests were not being marked as serialise as singleton. Also the driver now automatically picks up the scanning annotations. This required moving the NodeFactory used in smoke tests into a separate module.
* Increase max network map request size so the notary can register
* Suppress oracle service installation errors in non-oracle nodes
* Make demos automatically build capsule jars
* Fix how network visualiser displays node X500 names.
* Change locations of test nodes, so when used for explorer map visualisation not all of them are stacked one on another in London.
Change PartyAndCertificate to an aggregate class instead of a subclass of Party. This reduces the changes compared to M11, as well as avoiding risk of accidental serialization of a PartyAndCertificate (which may be very large) where a Party is expected.
Cleaned up initial nodes known to the identity service, in particular mock nodes now know about themselves; previously full nodes registered themselves but mock nodes did not.
* Specifically, DriverTests and WebserverDriverTests
* RPCDriver.startRpcBroker now waits for port to be unbound, as was probably intended
* Explicitly drop network map future while ensuring the error is logged
* Fix bug in demobench. Explorer didn't show correctly location of a node.
There was no nearestCity override in config.
* Remove nearestCity from node configuration. Now information about the location is always taken from
node's legal name. If not present - exception on node startup.
* Add X500Name.locationOrNull that soft fails when location is not in X500 name. Address PR comments.
* Remove unused imports.
* Construct standard flows using PartyAndCertificate, and add support for launching
flows that are constructed with PartyAndCertificate or just Party.
* Store PartyAndCertificate in network map service
* Expand identity service to store certificates along with all identities.
This removes the need to do manual registration using the PluginServiceHub. As a result CordaPluginRegistry.servicePlugins is no longer needed. For oracles and services there is a CorDappService annotation.
I've also fixed the InitiatingFlow annotation such that client flows can be customised (sub-typed) without it breaking the flow sessions.
Replace X509Certificate with X509CertificateHolder for consistency in implementation of how X.509 certificates
are managed. Using the Java standard class entails the actual implementing class being one of several options
depending how a certificate is built, which makes serialization/deserialization with Kryo inconsistent as some
of these forms cannot be directly built from outside restricted classes.
* De-anonymise parties in AbstractStateReplacementFlow flows
* Convert transaction key negotiation to a subflow instead of utility functions
* Add serialization support for CertPath
* Restructure cash flows so that a counterparty flow can be added later
* Rename raft-notary-demo project to notary-demo
* Refactor serialisation filtering to allow BFT SMaRt to work, it no longer relies on the jdk.serialFilter system property
* In NodeBasedTest remove whitespace in node directory names for consistency with cordform and driver
* Add "TLS" to createTlsServerCert() to differentiate it from future work to introduce a non-TLS variant.
*Change to using Java 8 time types for certificate validity - does introduce so unnecessary roundtrips, but makes the code significantly easier to read/follow. In particular avoids opaque integers in the code and replaces them with Duration.
Remove mock identity service and merge it with the in memory identity service. The two services
provide extremely similar functionality, and having two different version for production/test
risks subtle implementation differences. On that note, this patch includes changes to a number
of tests which worked only with mock identity service.
Fixup after rebase
Restore original key property names
Fixup after rebase
Undo extra import that IntelliJ keeps erroneously adding.
Add comments and fix docs for transaction signing.
Fixes after rebase
More fixes after rebase
Address PR requests
Address PR requests
* Raft notary demo now defined in one place that both IntelliJ/driver and gradle/runnodes can run
* New module cordform-common for code common to cordformation and corda
* Add single notary demo
Switch to using AbstractParty as the standard identifier for parties in
states, so that full parties can be used during construction of
transactions and anonymised parties when the transaction is being added
to the ledger.
* Fix: Add missing @StartableByRPC to fix the Raft notary demo
* Make loadConfig take a Config object, for cordformation Node
* Unduplicate User.toMap
* Unduplicate WHITESPACE regex, choose possessive form
* Use slash to make a Path
* Remove Companion where redundant
* Remove unused code
* Initial commit for CollectSignaturesFlow, some tests and associated documentation via a new "Flow Library" section of the docsite.
* Refactored the TwoPartyDealFlow to use the CollectSignaturesFlow.
* Added the subclassed CollectsigsFlow to the trader demo, whitelisted it and added a flow initiator for the responder.
* Minor edits to progress tracker.
* Amended as per Rick's comments.
* Generalised this flow, so it now works if more than one signatures have been collected, initially.
* Minor edits to the IRS demo so it uses the CollectSignaturesFlow.
* For debugging purposes...
* Adding CollectsigsFlow support to SIMM Demo.
* Removing debug logging.
* Amended top level comment: transactions can only have one notary.
* Added TODOs as checkTransaction logic is absent.
* Addressed Mike's review comments.
* Minor edit to flow-library docs.
* Updated flow based on Mike's review comments.
* Added two usage examples and updated the tests.
* Made changes to accommodate new CollectSignaturesFlow approach.
* Made changes to SIMM demo to accommodate new CollectSignaturesFlow approach.
* Added abstract check proposal method to two party deal flow.
* Added missing TODOs.
* Addressed Sham's comments.
* Rebased to M11.
Add functionality for generating certificate paths from identity
certificates to transaction certificates, validating, storing and
retrieving those certificate paths.
Move AbstractParty, AnonymousParty and Party into a new net.corda.core.identity package,
as they're not really cryptography tools, and in preparation for further code coming in
for identity.
Optimize imports on many files to clean up the resulting refactor.
Mark several functions in X509Utilities as @JvmStatic so they're readily accessible from Java.
Add functions for modifying common name of an X.500 name, either direct replacement or adding a postfix.
This removes the need for the shareParentSessions parameter of FlowLogic.subFlow. It also has the flow's version number so FlowVersion is now no longer needed.
Change the legal name of parties to be an X500 name. This ensures that we aren't converting between
common names and X500 names in various places, eliminating substantial scope for error in the conversion
process. As a result, all node names must now be full X500 names, which has impact on most configurations.
* Added queryBy(QueryCriteria) Vault API and Junit tests.
* Minor fix following rebase.
* Spit out Vault Query tests into separate source file.
* WIP
* Enable composition of QueryCriteria specifications.
Additional JUnit test cases to validate API.
* Added Deprecating annotations.
Added QueryCriteria for set of contractStateTypes
* Minor tweaks and additional JUnit test cases (chain of linear id)
* Added Java Junit tests and QueryCriteria builder support.
* Added API documentation (including coding snippets and examples).
* Added @JvmOverloads to QueryCriteria classes for easy of use from Java.
* Refactored QueryCriteria API to use composition via sealed data classes.
* Enable infix notation.
* Fixed typo.
* Clarified future work to enforce DB level permissioning.
* Moved PageSpec and Order from QueryCriteria to become parameters of Query itself.
* Moved PageSpec and Order from QueryCriteria to become parameters of Query itself.
* TokenType now specified as set of <Class> (was non extensible enum).
* Exposed new Vault Query API functions via RPC.
* Fixed compiler error in java test.
* Addressed a couple of minor PR review scomments from MH.
* Major updates following PR discussion and recommendations.
* All pagination and sorting arguments are optional (and constructed with sensible defaults).
Added Java helper functions for queryBy and trackBy interfaces.
Added Java trackBy unit tests.
Miscellaneous cleanup.
* Added Generic Index schema mapping and query support.
* Query criteria referencing Party now references a String (until Identity framework built out).
Added participants attribute to general query criteria.
* Fleshed our IndexCriteria including PR recommendation to define column aliases for index mappings.
* Removed all directly exposed API dependencies on requery.
* Updated documentation.
* Provide sensible defaults for all Query arguments.
Add RPC Java helpers and increase range of Vault Service helpers.
* Further improvements (upgrading notes) and updates to documentation.
* RST documentation updates.
* Updates to address RP latest set of review comments.
* Updates to address MH latest set of review comments.
* Updated to highlight use of VaultIndexQueryCriteria to directly reference a JPA-annotated entity (versus the indirect, explicitly mapped attribute to GenericIndexSchema approach)
* Aesthetic updates requested by MH
* Reverted Indexing approach: removed all references to VaultIndexedQueryCriteria and GenericVaultIndexSchemaV1 scheme.
* Final clean-up and minor updates prior to merge.
* Fixed compiler warnings (except deprecation warnings)
* Reverted all changes to Vault Schemas (except simple illustrative VaultLinearState used in VaultQueryTests)
* Reverted all changes to Vault Schemas (except simple illustrative VaultLinearState used in VaultQueryTests)
* Commented out @Deprecated annotations (as a hedge against us releasing M12 with the work half-done)
* Renamed RPC JavaHelper functions as RPCDispatcher does not allow more than one method with same name.
Clean up X500 names in Corda simulation, and ensure they're consistent with the standard test names.
This includes using the locations present in those test names, which requires updates to the node
config test.
* Fix /attachments endpoint on WebServer, and update demo to use it.
* Add @Throws statements to servlet methods.
* Ensure target entry is not a directory.
* Simplify, because JarInputStream verifies signatures by default.
* Move JarInputStream.extractFile() function into core.
* Don't close the output stream automatically as it commits our response.
This is an intermediary step to introducing X500Names in all Party instances, which adds:
* Party constructor which accepts X500Name and then converts it to string.
* startNode() function which takes in X500Name instead of String
* Numerous legal name fixes to use full distinguished names
Core flows, which are baked into the platform, are also versioned using the platform version of the node. Several core flows, such as the data vending ones, which were provided via plugins are now instead baked into the node.
* Add information on why state machine was removed from StateMachineManager.
There are two cases: normal end of flow or error.
Return flow result as part of state machine remove data.
Make Change a sealed class with Add and Remove.
fiber.actionOnEnd takes ErrorOr<R> parameter.
* Remove unnecessary fields from StateMachineManager.Change.