Commit Graph

147 Commits

Author SHA1 Message Date
rick.parker
778661181a ENT-12366 ExternalVerifier no longer needs legacy contracts folder, and can derive everything it needs from attachments. 2024-11-01 10:50:32 +00:00
Adel El-Beik
33cf48e04b
ENT-12366: External verifier now sets appclassloader to legacy contra… (#7855)
* ENT-12366: External verifier now sets appclassloader to legacy contracts directory instead of the cordapps directory.
* ENT-12366: Now check legacy-contracts exists before start external verifier.
2024-10-28 15:28:50 +00:00
rick.parker
38d7d71a63 ENT-12248 Support for a new legacy-jars directory of 3rd party JARs for the external verifier 2024-10-08 10:09:39 +01:00
Adel El-Beik
6f4ec5d9e5
ENT-11975: Contract key rotation (#7806)
ENT-11975: Contract key rotation implementation.
2024-10-02 12:53:11 +01:00
r3-build
5a94803222 Merging forward updates from release/os/4.11 to release/os/4.12 - 2024-08-15 2024-08-15 06:08:14 +00:00
Rick Parker
cc44c77ed4
ENT-12108 ReceiveFinalityFlow returns a transaction that is not signed by the notary (#7804) 2024-08-15 07:06:58 +01:00
Shams Asari
18e5f7d68f
ENT-11676: Support for testing backwards compatible transactions in the node driver (#7704)
* ENT-11676: Support for testing backwards compatible transactions in the node driver

* Introduction of a new way to reference CorDapps for the node driver: `TestCordapp.of(URI)`
* New `TestCordapp.asSigned()` method which creates a copy of the CorDapp jar but signed by a dev key.
* Added `NodeParameters.legacyContracts` for specifying legacy contract CorDapps for the node

`TransactionBuilderDriverTest` has been updated to use these new APIs.

* ENT-11676: Support for testing backwards compatible transactions in the node driver

* Introduction of a new way to reference CorDapps for the node driver: `TestCordapp.of(URI)`
* New `TestCordapp.asSigned()` method which creates a copy of the CorDapp jar but signed by a dev key.
* Added `NodeParameters.legacyContracts` for specifying legacy contract CorDapps for the node

`TransactionBuilderDriverTest` has been updated to use these new APIs.

* ENT-11676: Added removed api and fixed alias issue.



---------

Co-authored-by: Adel El-Beik <adel.el-beik@r3.com>
2024-04-18 09:41:26 +01:00
Adel El-Beik
0f713aaa44
ENT-11003: Upgraded Jetty and Jersey. (#7715)
* ENT-11003: Upgraded jetty and jersey. Fixed up simm valuation demo.
2024-04-18 09:40:42 +01:00
Adel El-Beik
72778b7fb0
ENT-11728: Switched to LTS version of BC. Also removed PQC algos as n… (#7706)
* ENT-11728: Switched to LTS version of BC. Also removed PQC algos as not supported in LTS.
* ENT-11728: Removed the SPHINCS PQC algorithm.
* ENT-11728: Added dependency on bcutil to fix missing class error.
2024-04-03 11:14:19 +01:00
Shams Asari
62819f27f0 ENT-11126: Use UNIX domain socket for communication with external verifier
These have the advantage of being more secure as only the current user has access to them and faster than local TCP as it avoids the entire TCP stack.
2024-03-26 11:04:04 +00:00
Shams Asari
9955dcd6af ENT-11448: Better error message if transaction has missing legacy attachments
Especially if the transaction has multiple contracts and one of them doesn't have a legacy attachment whilst the others do.
2024-03-21 15:08:43 +00:00
Shams Asari
b3265314ce ENT-11445: Support legacy contract CorDapp dependencies
The `TransactionBuilder` has been updated to look for any missing dependencies to legacy contract attachments, in the same way it does for missing dependencies for CorDapps in the "cordapps" directory,

Since `TransactionBuilder` does verification on the `WireTransaction` and not a `SignedTransaction`, much of the verification logic in `SignedTransaction` had to moved to `WireTransaction` to allow the external verifier to be involved. The external verifier receives a `CoreTransaction` to verify instead of a `SignedTransaction`. `SignedTransaction.verify` does the signature checks first in-process, before then delegating the reset of the verification to the `CoreTransaction`.

A legacy contract dependency is defined as an attachment containing the missing class which isn't also a non-legacy Cordapp (i.e. a CorDapp which isn't in the "cordapp" directory).
2024-03-13 10:58:11 +00:00
Shams Asari
0091807c2f ENT-11101: Fix all crypto issues introduced by Java 17 upgrade
The various crypto tests that were previously ignored have been re-enabled.

The abandoned i2p EdDSA library has been replaced with native support that was added in Java 15.

Java 17 (via the `SunEC` provider) does not support the secp256k1 curve (one of the two ECDSA curves supported in Corda). This would not normally have been an issue as secp256k1 is already taken care of by Bouncy Castle. However, this only works if the `Crypto` API is used or if `”BC”` is explicitly specified as the provider (e.g. `Signature.getInstance(“SHA256withECDSA”, “BC”)`). If no provider is specified, which is what is more common, and actually what the Java docs recommend, then this doesn’t work as the `SunEC` provider is selected. To resolve this, a custom provider was created, installed just in front of `SunEC`, which “augments” `SunEC` by delegating to Bouncy Castle if keys or parameters for secp256k1 are encountered.

`X509Utilities.createCertificate` now calls `X509Certificate.verify()` to verify the created certificate, rather than using the Bouncy Castle API. This is more representative of how certificates will be verified (e.g. during SSL handshake) and weeds out other issues (such as unsupported curve error for secp256k1).

`BCCryptoService` has been renamed to `DefaultCryptoService` as it no longer explicitly uses Bouncy Castle but rather uses the installed security providers. This was done to fix a failing test. Further, `BCCryptoService` was already relying on the installed providers in some places.

The hack to get Corda `SecureRandom` working was also resolved. Also, as an added bonus, tests which ignored `SPHINCS256_SHA256` have been reinstated.

Note, there is a slightly inconsistency between how EdDSA and ECDSA keys are handled (and also RSA). For the later, Bouncy Castle is preferred, and methods such as `toSupportedKey*` will convert any JDK class to Bouncy Castle. For EdDSA the preference is the JDK (`SunEC`). However, this is simply a continuation of the previous preference of the i2p library over Bouncy Castle.
2024-03-04 13:29:49 +00:00
Shams Asari
200333b198 ENT-11355: Backwards compatibility with older nodes via new attachments component group 2024-02-19 17:19:49 +00:00
Shams Asari
8fd3139df1 ENT-11355: Cleanup of TransactionBuilder and CorDapp loading
This is code refactoring and cleanup that is required to add a new WireTransaction component group for 4.12+ attachments, and for supporting legacy (4.11 or older) contract CorDapps in the node.
2024-02-12 14:27:07 +00:00
Chris Cochrane
9b794795a0
ENT-11351 - Compiler warnings pass 4 (#7663)
* Compiler warnings

* Resolve detekt errors

* Reverted code change; added warning suppression

* Address PR review comments
2024-01-29 13:49:00 +00:00
Shams Asari
a7d0684fe7
ENT-11384: Cleanup JarScanningCordappLoader (#7664)
* It uses URLs when in fact CorDapps are jar files, and so should being Path. It also does URL equality, which is not recommended
* Address (very old) TODO of removing RestrictedURL, which is not needed

Also, back-ported some minor changes from https://github.com/corda/enterprise/pull/5057.
2024-01-29 13:44:14 +00:00
Chris Cochrane
975500d878
ENT-11351 - Compiler warnings pass 3 (#7659)
* More compiler warnings fixed

* Amended deprecation suppression annotations, as per review comments
2024-01-25 10:18:58 +00:00
Adel El-Beik
3abb218bca
Merge pull request #7654 from corda/shams-external-verifier-analyse-txs
ENT-11255: Scan attachments to determine if they are Kotlin 1.2 or later
2024-01-23 16:56:47 +00:00
Balwant Kothari
5c193ce47f
ENT-11113 Uncommented ignored test cases (#7648)
ENT-11113 Uncommented ignored test cases
ENT-11113 Updated time for Flow Speed Test
2024-01-23 15:11:50 +00:00
Chris Cochrane
f15e6ec56a
ENT-11351 - Compiler warnings pass 2 (#7655)
* Addressed compiler warnings

* Removed unchecked cast fixes - not for this PR

* Sorted out detekt issues
2024-01-23 10:19:03 +00:00
Shams Asari
f30ba33929 ENT-11255: Scan attachments to determine if they are Kotlin 1.2 or later
The node now sends a transaction to the verifier if any of its attachments were compiled with Kotlin 1.2 (the net.corda.node.verification.external system property has been removed). It uses kotlinx-metadata to read the Kotlin metadata in the attachment to determine this. For now this scanning is done each time the attachment is loaded from the database.

The existing external verification integration tests were converted into smoke tests so that 4.11 nodes could be involved. This required various improvements to NodeProcess.Factory. A new JAVA_8_HOME environment variable, pointing to JDK 8, is required to run these tests.

There is still some follow-up work that needs to be done:

Sending transactions from a 4.11 node to a 4.12 node works, but not the other way round. A new WireTransaction component group needs to be introduced for storing 4.12 attachments so that they can be safely ignored by 4.11 nodes, and the 4.12 node needs to be able to load both 4.11 and 4.12 versions of the same contracts CorDapp so that they can be both attached to the transaction.
Even though attachments are cached when retrieved from the database, the Kotlin metadata version should be stored in the attachments db table, rather than being scanned each time.
Finally, VerificationService was refactored into NodeVerificationSupport and can be passed into SignedTransaction.verifyInternal, instead of needing the much heavier VerifyingServiceHub. This makes it easier for internal tools to verify transactions and spawn the verifier if necessary.
2024-01-22 11:31:51 +00:00
Shams Asari
2e63ca6264
ENT-11065: Remove the need for JVM flags in client code (#7635) 2024-01-03 11:22:03 +00:00
Adel El-Beik
dce725ff4b
Merge pull request #7609 from corda/arshadm/ent-11264-serizlized-lambda
ENT-11264  Fix initialization of field serializer
2023-12-18 15:54:15 +00:00
Shams Asari
61a05a90eb
ENT-11155: Remove internal Kotlin utilities which have since been added after 1.2 (#7585)
This is mostly the `Path` extension functions in `PathUtils.kt`.
2023-12-18 12:05:08 +00:00
Arshad Mahmood
91d4c33513 ENT-11264 Fixed initialization of field serializer 2023-12-13 16:34:44 +00:00
Adel El-Beik
b375c7da21
Merge pull request #7601 from corda/arshadm/ent-11261-fix-class-cast-test-failures
ENT-11261 Re-enabled a number of ignored tests due to class cast exception
2023-12-08 10:52:29 +00:00
Arshad Mahmood
d4dc6127b1 ENT-11261 Re-enabled tests ignore due to class cast exception 2023-12-08 07:49:16 +00:00
Shams Asari
e2bcd0499e ENT-11263: Remove TooGenericExceptionCaught detekt rule 2023-12-07 13:36:21 +00:00
Shams Asari
11d0054fcc
ENT-11055: Basic external verification (#7545)
* ENT-11055: Basic external verification

Introduction of the external transaction verifier, a separate JVM process for verifying `SignedTransaction`s. The end goal is for this verifier to be built with Kotlin 1.2 so that it creates a compatible verification environment for transactions with 4.11 contracts. For now however the verifier is built against Kotlin 1.8, same as the node.

External verification is enabled when the the system property `net.corda.node.verification.external` is set to `true`. When enabled, all verification requests made via `SignedTransaction.verify` are sent to the external verifier, regardless of the transaction content. It will do the vast bulk of the verification and then send the result back, namely if an exception occurred. If it did, then it's re-thrown in the node.

The external verifier is a stateless process, with no connection to the node's database. All transaction resolution information needed to create the relevant ledger transaction object are made to the node, which waits in a loop servicing these requests until it receives the result. The verifier Jar is embedded in the Corda node Jar, and is extracted and run when needed for the first time. The node opens up a local port for the verifier to communicate with, which is specified to the verifier in the process command line. This all means there is no extra configuration or deployment required to support external verification.

The existing code had some initial attempts and abstractions to support a future external verification feature. However,
they were either incorrect or didn't quite fit. One such example was `TransactionVerifierService`. It incorrectly operated on the `LedgerTransaction` level, which doesn't work since the transaction needs to be first serialised. Instead a new abstraction, `VerificationSupport` has been introduced, which represents all the operations needed to resolve and verify a `SignedTransaction`, essentially replacing `ServicesForResolution` (a lot of the changes are due to this). The external verifier implements this with a simple RPC mechanism, whilst the node needed a new (internal) `ServiceHub` abstraction, `VerifyingServiceHub`. `ServicesForResolution` hasn't been deleted since it's public API, however all classes implementing it must also implement `VerifyingServiceHub`. This is possible to do without breaking compatibility since `ServicesForResolution` is annotated with  `@DoNotImplement`.

Changes to `api-current.txt` were made due to the removal of `TransactionVerifierService`, which was clearly indicated as an internal class, and returning `TransactionBuilder.toLedgerTransactionWithContext` back to an internal method.

* Address review comments

* One bulk load states method

* Merge fix
2023-12-07 11:29:27 +00:00
Shams Asari
199e167639
ENT-11192: Migrate usage of @Test.expected annotation parameter (#7593)
Replaced usage of `@Test.expected` annotation parameter with more specific exception assertions. This is also needed to migrate away from the explicit timeouts in every tests.
2023-12-06 16:45:51 +00:00
Arshad Mahmood
6dd33fb8f7 Upgrade to gradle 7.6, kotlin 1.8 and jdk 17
Major changes due to JDK 17:
1. JDK17 JCE Provider now has built-in support for eddsas, corda uses
   the bouncycastle (i2p) implementation. This PR removes the conflicting
   algorithms from the built-in JCE provider.

2. JavaScript scripting has been removed from the JDK, the corda log4j config was using
   scripting to conditionally output additional diagnostic info if the MDC
   was populated. This PR has removed the scripting.

3. The artifactory plug-ins used are now deprecated, this PR has removed them
   and uses the same code as Corda 5 for publishing to artifactory.

4. Javadoc generation has been modified to use the latest dokka plug-ins.

5. Gradle 7.6 has implemented an incredibly annoying change where transitive
   dependencies are not put on the compile classpath, so that they have to be
   explicitly added as dependencies to projects.

6. Mockito has been updated, which sadly meant that quite a few source files
   have to changes to use the new (org.mockito.kotlin) package name. This makes
   this PR appear much larger than it is.

7. A number of tests have been marked as ignored to get a green, broadly they fall
   into 3 classes.

   The first is related to crypto keypair tests, it appears some logic
   in the JDK prefers to use the SunJCE implementation and we prefer to use
   bouncycastle. I believe this issue can be fixed with better test setup.

   The second group is related to our use of a method called "uncheckedCast(..)",
   the purpose of this method was to get rid of the annoying unchecked cast compiler
   warning that would otherwise exist. It looks like the Kotlin 1.9 compiler type
   inference differs and at runtime sometimes the type it infers is "Void" which causes
   an exception at runtime. The simplest solution is to use an explicit cast instead of
   unchecked cast, Corda 5 have removed unchecked cast from their codebase.

   The third class are a number of ActiveMQ tests which appear to have a memory leak somewhere.
2023-11-06 10:24:17 +00:00
Jose Coll
be433c1fd0
ENT-10100 Filter out UNVERIFIED txns + move TransactionStatus package. (#7543) 2023-10-24 17:01:37 +01:00
Jose Coll
bc718088fe
ENT-10100 Changes required to support recovery of IN_FLIGHT transactions. (#7541) 2023-10-24 10:38:46 +01:00
Jose Coll
6a2bad8077
ENT-10110 Back-port changes from ENT + additional clean-up (#7532) 2023-10-17 07:03:49 +01:00
Jose Coll
a66042ec09
ENT-10110 Ledger Recovery database table tweaks (#7528) 2023-10-10 17:41:49 +01:00
Adel El-Beik
3a23f60199
ENT-9943: Now use SecureHash to represent CordaX500Name in distributi… (#7501) 2023-09-29 09:03:00 +01:00
Jose Coll
3b78b46619 Merge remote-tracking branch 'origin/release/os/4.11' into colljos/encryption_receiver_self_recovery 2023-08-23 11:20:16 +01:00
Rick Parker
ec261cb0c3
ENT-10306 Swap logic from receive finality to receive transaction flows (#7451)
* Swap logic from receive finality to receive transaction flows

* Remote TPV check

* Make finality check more robust

* Make emulation of finality in tests compliant with changes

* Improve deferring of ack when issue transaction

* Remove API checking of SignedTransactionWithDistributionList as added it 4.11 so cannot be incompatible, yet.

* Regenerated API file from 4.10 to check only compatibility with 4.10

* Move function to private

* Revert "Regenerated API file from 4.10 to check only compatibility with 4.10"

This reverts commit 6428f957e1.

* Reset ReceiveTransactionFlow and ReceiveFinalityFlow APIs
2023-08-23 10:09:42 +01:00
Jose Coll
1aaff8e6ae Clean-up. 2023-08-22 16:08:00 +01:00
Jose Coll
4fef01a5b0 Clean-up. 2023-08-22 16:03:13 +01:00
Jose Coll
32c3b0c517 Merge remote-tracking branch 'origin/release/os/4.11' into colljos/encryption_receiver_self_recovery 2023-08-22 12:31:29 +01:00
Shams Asari
4a7a4eb5bb
ENT-9876: Encrypting the ledger recovery participant distribution list (#7423) 2023-08-22 11:14:37 +01:00
Jose Coll
3f067d9002 Check sender and receiver timestamps are same. 2023-08-21 12:28:23 +01:00
Jose Coll
a6786769e5
ENT-10306 Determine whether to use 2PF based on the execution CorDapp TPV. (#7447) 2023-08-21 09:11:00 +01:00
Jose Coll
4a6e99556b Incorporating PR review feedback. 2023-08-18 17:22:42 +01:00
Jose Coll
9b7affa6b3 Fix compilation errors following merge. 2023-08-16 17:40:33 +01:00
Jose Coll
daea257214 Merge remote-tracking branch 'origin/release/os/4.11' into colljos/encryption_receiver_self_recovery 2023-08-16 17:38:34 +01:00
Jose Coll
0130914c89
ENT-9927 Ledger Recovery: synchronise changes from ENT -> OS. (#7445) 2023-08-15 15:32:00 +01:00
Shams Asari
32af6f5c2d
ENT-10416: Rename ledger recovery tx_id columns to transaction_id (#7444)
This is so that the node archiving service, which scans for tables containing "transaction_id" column, can automatically archive the sender and receiver distribution record information with the transaction.
2023-08-09 08:43:21 +01:00