* CORDA-2254: JmxPolicy fixed so that it turns on monitoring via the jmxMonitoringHttpPort config
To make the API easier to use, httpPort was introduced and both startJmxHttpServer and jmxHttpServerPortAllocation deprecated.
* Add dependencies for Azure KeyVault.
* CryptoService implementation for Azure KeyVault.
* Exclude transitive dependencies from azure keyvault client in other modules.
* Integrate Azure KeyVault CryptoService into NodeConfiguration and AbstractNode.
* Improve ContentSigner for Azure KeyVault CryptoService.
* Fix missing import.
* Improve tests.
* Fix rebase error.
* Respond to feedback: Remove duplicate entry.
* Respond to feedback.
* Add better explanation for hard vs. soft keys.
* az keyvault alias validation.
* Respond to feedback.
* CORDA-2089 - network parameters tags - part
Data structures changes, storage and notarisation.
Tag transactions with network parameters hash that was in force when tx
was created. Add component group on all core transactions and resolved
parameters on full transactions. The hash should be always visible on
the filtered versions of transactions. Add
notarisation check that the parameters are current.
Implement network parameters storage on services for resolution.
This is only part of the work, next PR will include changes to
ResolveTransactionsFlow to make sure that parameters in the transaction
graph are ordered (this is to prevent the downgrade attack, when the
malicious notary and participants sign transaction that shouldn't be
notarised otherwise).
Probably on network services side we need the default parameters
endpoint for the
transactions that were created before this change - for now it's default
to the current ones.
* Make parameters storage agnostic to cert hierarchy
Test fixes
* Address most PR comments
* Fixes after rebase
* Fixes. Add epoch column to parameters storage.
* Address part of review comments
* Some more comments
* Hopefully fixing what I broke doing rebse
* Address Kostas comments
* Further fixes
* Save all parameters from updates to storage
* Fix integration test
* Address comments
* Fixes after rebase
* Fix test
* Fixes
* Add wrapper for filtering around parameters hash
* API stability fixes
* Add NetworkParametersStorageInternal
* Rename
* Temp commit
* Print the error message first by default, makes error output more natural.
* Polishing
* Further modifications after testing
* Documentation updates
* Couple of fixes after review
* Removing unnecessary tests
* Fix broken test
* Add interface to bootstrapper for testign
* Added unit tests
* Remove unused class
* Fix up bootstrapper unit tests and add a couple more
* Refactor the tests slightly
* Review comments
* Couple of minor tweaks
* Enforce state/contract agreement validation
* Fix some broken tests
* Ascertain targetVersion by inspecting the jar source of the ContractState
* Docs added and rebased against master
* contextLogger doesn't work here
* Java examples in docs
* Label IRSState with owning contract
* Fix rst formatting
* Add @BelongsToContract annotation to PortfolioState
This is preliminary addition to test "Implementation-Version" entry from META-INF/MANIFEST.MF in TestDSL.kt. MockCordappProvider was creating JAR without manifest file. Added the manifest file with the obligatory (by JAR spec) attribute "Manifest-Version", other attributes can be added.
* Sign later to make sure the notary service constructs the same serialized bytes
* Add non validating notary tests
* Revert "Sign later to make sure the notary service constructs the same serialized bytes"
This reverts commit cefba5c350622df44227e89feacb12a7f12e1f7e.
* Dereference SecureHashes before creating the notarisation request signature
* Update comment
* Address comments
* Undo accidental renaming
LedgerTransaction is not meant to be created directly from client code, but it being a data class means we will expose new copy methods as new properties are added. The existing copy methods that we've exposed since V3 are deprecated, and equals and hashCode have been updated to be based just on id.
The primary c'tor has been clearly marked as the class' wire format, and so the internal stuff has been moved out. The references property cannot be made nullable and so DeprecatedConstructorForDeserialization is used instead.
* Add dependencies for Utimaco HSM.
The CryptoServerJCE.jar was added in node/lib.
The node/capsule/build.gradle excludes this jar from
the final corda.jar.
* Copy the HSM Simulator utility from Network Services.
HsmSimulator.kt uses the spotify docker client to pull an
image with a pre-configured hsm simulator from our docker
registry and run it in integration tests.
* Implementation of the CryptoService interface for Utimaco HSM.
* Integration test for Utimaco CryptoService.
* Unit tests for UtimacoCryptoService (only config parsing).
* Integrate Utimaco CryptoService in AbstractNode and NodeConfiguration.
* Respond to Feedback: Remove copyright notice.
* Respond to PR Feedback: Improve integration test.
* Use custom overrides in DriverDSLImpl.startNodeRegistration
* Make Utimaco dependencies compileOnly and testCompile.
* Add integration test for registering a node that is backed by utimaco HSM.
* Respond to feedback: move HsmSimulator to different package.
* Make NodeConfiguration.cryptoServiceConf a Path instead of String.
* Add Keyfile-based login.
* Respond to feedback -- default signing algorithm.
* Respond to feedback: naming.
* UtimacoNodeRegistrationTest: explicitly verify that tx signature is valid.
* Respond to feedback: Static import assertThat.
* Rename key file for test login so it's not ignored.
This is preliminary addition to test "Implementation-Version" entry from META-INF/MANIFEST.MF in TestDSL.kt. MockCordappProvider was creating JAR without manifest file. Added the manifest file with the obligatory (by JAR spec) attribute "Manifest-Version", other attributes can be added.
* Sign later to make sure the notary service constructs the same serialized bytes
* Add non validating notary tests
* Revert "Sign later to make sure the notary service constructs the same serialized bytes"
This reverts commit cefba5c350622df44227e89feacb12a7f12e1f7e.
* Dereference SecureHashes before creating the notarisation request signature
* Update comment
* Address comments
* Undo accidental renaming
* add auto acceptance of certain network parameters
* Remove incorrect nullification of newNetworkParameters object within NetworkMapUpdater
* Automatically update network parameters if update accepted and flag day occured
* Comment cleanup
* Add node configuration for auto accepting network parameter changes
* Remove hot swapping of network parameters
* Add docs for auto accept config flag
* Minor change to log line
* Remove unrelated fix that was corrected on master
* Minor name change within NetworkParameters class
* Minor doc rewording
* Fix typo in docs
* Address PR comments
* Add node config option to turn off network param auto-accept on a per param basis
* Address PR comments
* Fix failing Network Map update integration test
FinalityHandler is insecure in that it is open to receive any transaction from any party.
Any CorDapp targeting platform version 4 or above is required use the new c'tors which take in FlowSession objects to the counterpart flow. This flow must subcall ReceiveFinalityFlow to receive and record the finalised transaction.
Old CorDapps (with target platform version < 4) will continue to work as previously. However if there are no old CorDapps loaded then the node will disable FinalityHandler.
* First pass
* Update test.
* Address review comments.
* Added docs and kdocs.
* Clean-up.
* Add extra test.
* Changes to docsite.
* Added try/catch block as recommended by Andras.
* Removed try catch block. It's not required as the checkpoint serialiser deals with this.
* Re-used existing DB session instead of creating a new session.
* Entity manager auto flushes.
* Added java friendly api.
* Addressed review comments.
* Replace error code generation technique with custom event re-writer.
Switch to RandomAccessFile appenders because they supposedly give higher throughput.
* Review feedback