Commit Graph

117 Commits

Author SHA1 Message Date
Thomas Schroeter
b50ce0ab8d
HA-notary health check flow (#396)
* Add simple notary health check flow

* Move notary test to notary health check

* Rebase
2018-01-25 10:34:07 +00:00
Tudor Malene
cef1f9885c
ENT-1282: create standalone db migration tool (#356)
* ENT-1282: add standalone db migration tool that works with both the node and the doorman

* ENT-1282: remove cmd line args during node startup

* ENT-1282: more clear message

* ENT-1282: fix integration test

* ENT-1282: more fixes and cleanup code

* ENT-1282: address PR comments

* ENT-1282: more fixes and refactoring

* ENT-1282: more classloader fixes

* ENT-1282: changes after demo feedback

* ENT-1282: update API

* ENT-1282: update documentation

* ENT-1282: formatting

* ENT-1282: added CONSOLE option for dry-run and logging

* ENT-1282: documentation changes

* ENT-1282: remove getMigrationResource from the public API

* ENT-1282: removed dependency on network-manager, added release-lock

* ENT-1282: Update documentation
2018-01-24 11:55:43 +00:00
Michal Kit
789ce5d44a
Initial implementation of the certificate generation tool (#148)
* Initial implementation of the certificate generation tool

* Adding trust store persisting

* Addressing review comments

* Adding certificate type to the certificate generation process.

* Addressing review comments

* Fixing typos

* Changing keyOverride to 0 in examples and tests

* Addressing review comments + rebasing

* Adding CRL information to the certificate generation process

* Generation tool refactoring

* Addressing review comments
2018-01-23 11:50:03 +00:00
Katarzyna Streich
4e80a33dea Fixes after os -> ent merge to networkManagement (#214)
* Quick fixes

* Fix SignedNodeInfo

Introduce network-management schema changes to reflect that NodeInfos
can have multiple signatures.

* Address Shams comments

Store SignedNodeInfo as a blob for network management tool.
2017-12-19 21:36:30 +00:00
Andras Slemmer
4175593b18 remove :network-management 2017-12-18 16:40:54 +00:00
Andras Slemmer
107fcf82e3 Fixing stuff 2017-12-18 15:39:08 +00:00
josecoll
fc7445f714 Resolve compilation issues related to Network Map changes. 2017-12-18 11:30:32 +00:00
josecoll
e9fc6f7c8d Merge remote-tracking branch 'open/master' into colljos-os-merge-rc01 2017-12-18 10:24:38 +00:00
Shams Asari
00a5e3db6b CORDA-830 Introducing the network bootstrapper
Copying of the node-info files moved out of Cordform and into NetworkParametersGenerator (which is now called NetworkBootstrapper). This class becomes an external tool to enable deployment of nodes in a test setup on a single filesystem.
2017-12-17 23:49:57 +00:00
Christian Sailer
223737ebb8
Fix perftestcordapp unit tests (#198) 2017-12-15 08:13:28 +00:00
josecoll
c72b33841b Merge branch 'master' into colljos-os-hc02-merge-121217 2017-12-12 17:42:21 +00:00
josecoll
60b8be5df8 Removed 'perftestcordapp' due to continuous OS merge breakages. 2017-12-12 16:19:36 +00:00
Chris Rankin
2725f53ef5
ENT-1074 - Proof-of-concept ISV for SGX remote attestation (#161)
* Initial WIP.
* Configure IAS host via system properties.
* Create separate Gretty configurations for testing and for IAS.
* (WIP) Separate configuration values from WAR; Add msg3 -> msg4 handling.
* Check the IAS report's cryptographic signature.
* Accept CertPath from IAS instead of a Certificate.
* Validate the certificate chain for the IAS report.
* Refactor response handling, and add a secret to Message4.
* Append public DH keys to generated shared secret.
* Use DH secret to generate a 256 bit AES key.
* Fix runISV Gradle task so that it creates WAR file.
* Migrate MockIAS service into a separate package.
* Remove unused aesCMAC field from Message3.
* Configure HTTP sessions to expire after 10 idle minutes.
* Ensure we select the "isv" key for MTLS with Intel Attestation Service.
* Set key alias for Intel's public certificate.
* Implement GET /attest/provision endpoint.
* Use elliptic curves for Diffie-Hellman keys.
* Pass public keys as Little Endian byte arrays without ASN.1 encoding.
* Add AES-CMAC signature to Message2.
* Remove signature fields from QUOTE body for sending to IAS.
* Add a dummy AES-CMAC field to Message3 for later validation.
* Generate AEC-CMAC for Message 3, and refactor crypto functionality.
* Calculate AES-CMAC using AES/CBC/PKCS5Padding algorithm.
* Use BouncyCastle's AESCMAC algorithm for MAC calculation.
* Include standard crypto test vectors to the unit tests.
* Encrypt MSG3 secret using AES/GCM/NoPadding with 128 bit key.
* Hash shared key with Little Endian versions of public keys.
* Refactor so that hexToBytes() is a utility.
* Simplify signing of MocKIAS report.
* Separate AES/GCM authentication tag from the encrypted data.
* Create /ias/report endpoint for ISV which proxies IAS.
* Remove unnecessary @Throws from MockIAS handlers.
* Log HTTP error status from IAS.
* Replace runISV task with startISV and stopISV tasks.
* Refactor tests to use CryptoProvider @Rule instead of @Suite.
* Move Web server for integration tests to use non-production ports.
* Add proxy endpoint for IAS revocation list.
* Generate an ECDSA "service key" for signing (gb|ga).
* Generate a persistent key-pair for the ISV to sign with.
* Verify the (Gb|Ga) signature from Message2.
* Add debugging aids.
* Fix Gradle warning.
* Remove TLV header from Platform Info Body for MSG4.
* Small tidy-up.
* Use SPID "as-is" when calculating CMAC for MSG2.
* Add DEBUG messages for MSG2's KDK and SMK values (AES-CMAC).
* Add DEBUG logging for ECDH shared secret.
* More DEBUG logging.
* The ECDH shared secret *is* the x-coordinate: no need to subrange.
* Adjust MockIAS to return an empty revocationList for GID 0000000b.
* Fix ArrayOutOfBoundsException for "small" integer values.
* Test MSG1 with empty revocation list.
* Add extra logging for IAS report request.
* ReportResponse object cannot be null.
* Fix misreading of spec - don't remove quote's signature when requesting report from IAS.
* Log invalid contents of X-IAS-Report-Signing-Certificate HTTP header.
* Build CertPath for IAS from explicit list of Certificates.
* Rename quote fields on IAS ReportResponse to match Intel.
* Log report ID and quote status from IAS.
* Add a revocation list checker to the certificate path validator.
* Tweak revocation list options, depending on IAS vs MockIAS.
* Extract Intel's certificate specifically by alias for PKIX.
* Tune quote body returned by MockIAS.
* Add AES-CMAC field to Message4 for validation.
* Increase GCM authentication tag to 128 bits.
* Receive platformInfoBlob from IAS as hexadecimal string.
* Generate secret encryption key using KDK and SK values.
* Marshall platformInfoBlob between Base16 string and ByteArray.
* Interpret status results from IAS as enums.
* Use lateinit for HttpServletRequest field.
* Refactor ExceptionHandler out of messages package.
* Alias is for ISV, so rename it.
* Refactor classes into more correct packages.
* Use random 96 bit IV for GCM encryption.
* Parameterise HTTP/HTTPS ports via Gradle.
* Do not forward a securityManifest containing only zeros to IAS.
* Address review comments.
* Review comment: Use NativePRNGNonBlocking for SecureRandom.
* Rename isv.pfx to isv-svc.pfx
* Rename keystore to isv.pfx, for clarity.
* Update scripts so that they no longer require user input.
* Generate isv.pfx from the key and certificates.
* Remove private key from repository.
* Declare an empty PSE Manifest to be invalid.
* Generate keystores "on the fly".
* Rename integration tests to end in "IT" instead of "Test".
* Add README
* Turn remote-attestation into a separate Gradle project.
2017-12-12 13:34:26 +00:00
josecoll
cc770e1145 Re-enabled Doorman build and removed hard dependency on specific OS branch. 2017-12-12 11:31:52 +00:00
josecoll
26829b9202 Remove Doorman and its dependency on OS branch. 2017-12-11 12:49:34 +00:00
josecoll
d984b4722e Re-enable perftestcordapp and jmeter - fix compilation errors caused by MockServices and DriverDSL refactoring. 2017-12-11 11:42:53 +00:00
josecoll
da4d64048f Temporarily remove JMeter module. 2017-12-11 11:06:52 +00:00
josecoll
6456aec9ce Fixes following merge from OS for HC01.
Disabled "pertestcordapp" due to continuous conflict problem upon merge.
2017-12-11 09:56:44 +00:00
Andras Slemmer
63027a077d State machine rewrite 2017-12-05 11:36:20 +00:00
Clinton
bbe8fce686
Doorman and doorman HSM can now be published to artifactory and maven (#151)
Doorman and doorman HSM can now be published to artifactory and maven local.
2017-12-01 23:04:29 +00:00
Viktor Kolomeyko
c516a4b028
R3NET-546: Business Network PoC work (#101) 2017-11-24 09:59:35 +00:00
Rick Parker
3061678305
JMeter tooling for performance cluster (#110)
* First working version of RPC & JMeter

* Remote JMeter working from single JAR.

* Some clean up.  Remote slave via capsule is working.

* Full config of capsule launched JMeter server (was missing functions previously).

* SSH tunnelling utility.  Property files per remote host.

* Rename jar to make easier to deploy with wildcard filters.

* Easy all in one launch of UI + SSH tunnels.

* Comment out parties.

* Work around for notary.

* Clean up, renaming etc

* Add some comments and clean up.

* Add some comments and clean up.

* README and fixes.

* Redirect search_paths into a file since it so long and doesn't work on the command line in Windows.

* First working version of RPC & JMeter

* Remote JMeter working from single JAR.

* Some clean up.  Remote slave via capsule is working.

* Full config of capsule launched JMeter server (was missing functions previously).

* SSH tunnelling utility.  Property files per remote host.

* Easy all in one launch of UI + SSH tunnels.

* Comment out parties.

* Work around for notary.

* Clean up, renaming etc

* Add some comments and clean up.

* Add some comments and clean up.

* README and fixes.

* Reduce the dependencies of the JMeter project by copying (#118)

one function and listing required explicit dependencies
instead of depending on loadtest

* Tidy up

* Fix ssh for windows (#121)

* Make ssh tunnels work with Pageant on windows and allow specifying explicit
ssh remote user

* Update comments
2017-11-23 12:17:10 +00:00
josecoll
7a9364c8d5 Merge remote-tracking branch 'open/master' into colljos-merge-171117
# Conflicts:
#	.idea/compiler.xml
#	build.gradle
#	client/rpc/src/integration-test/kotlin/net/corda/client/rpc/CordaRPCClientTest.kt
#	docs/source/changelog.rst
#	node/src/integration-test/kotlin/net/corda/node/services/AttachmentLoadingTests.kt
#	node/src/main/kotlin/net/corda/node/internal/StartedNode.kt
#	node/src/main/kotlin/net/corda/node/utilities/registration/HTTPNetworkRegistrationService.kt
#	samples/network-visualiser/build.gradle
#	samples/simm-valuation-demo/src/integration-test/kotlin/net/corda/vega/SimmValuationTest.kt
#	testing/node-driver/src/integration-test/kotlin/net/corda/testing/driver/DriverTests.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/driver/Driver.kt
#	testing/node-driver/src/main/kotlin/net/corda/testing/node/MockNode.kt
2017-11-17 15:11:24 +00:00
mkit
12124bc0d9
Fixing failing build for the IntelliJ plugin (#100) 2017-11-13 10:25:11 +00:00
Chris Rankin
c7ec9ad8ac
Fix Gradle warning for example-code project. (#2013) 2017-11-08 12:30:23 +00:00
Chris Rankin
148152ba40
Fix Gradle warning for SGX hsm-tool project. (#95)
* Fix Gradle warning for SGX hsm-tool project.
* Prefix project name with "sgx-".
2017-11-08 12:29:38 +00:00
Christian Sailer
8b55f415bd Merge branch 'master' of https://github.com/corda/corda into christians_os_merge_20171106 2017-11-06 17:37:30 +00:00
Christian Sailer
3e61d13ffe Merge remote-tracking branch 'corda/master' into christians_os_merge_20171031 2017-11-02 14:41:18 +00:00
Maksymilian Pawlak
44a7d872d8 IRS Demo - split IRS Demo into two separate applications to showcase … (#1638)
* IRS Demo - split IRS Demo into two separate applications to showcase the separation and usage of RPC client
2017-10-25 16:40:21 +01:00
mkit
dfb226fbbb Merging signing service and doorman (#72)
* Merging signing service and doorman

* Addressing review comments

* Removing redundant package name space from method call

* Adding description field to gradle
2017-10-20 17:19:50 +01:00
Christian Sailer
1340b037c6 Merge branch 'master' of https://github.com/corda/enterprise into christians_perftestflows 2017-10-17 15:29:03 +01:00
Christian Sailer
f25c15b194 Rename the module/directory from perftestflows to perftestcordapp and clean up module settings 2017-10-17 12:27:08 +01:00
szymonsztuka
db0969ebda Merge from Corda master 2017-10-16 18:03:07 +01:00
Andras Slemmer
c2cda569e1 Add kryo-hook to settings.gradle 2017-10-11 10:06:52 +01:00
Christian Sailer
8ae92850c9 State and Contract for Cash and CommercialPaper copied to perftestflows 2017-10-10 13:10:21 +01:00
mkit
e22570a81d Adding a new service for CSR signing (#49)
* Adding a new service for CSR signing

* Adding a new service for CSR signing

* Removing rejection option

* Adding CSR log and removing rejection option

* Addressing review comments
2017-10-09 11:34:42 +01:00
sollecitom
9284e731c0 Merge remote-tracking branch 'remotes/open/master' into enterprise-merge-september-26
# Conflicts:
#	core/src/main/kotlin/net/corda/core/crypto/CryptoUtils.kt
#	node-api/src/main/kotlin/net/corda/nodeapi/internal/serialization/Kryo.kt
#	settings.gradle
2017-09-26 18:08:47 +01:00
Ross Nicoll
8f86068807 Move SwapIdentitiesFlow to confidential-identities module (#1531)
* Move SwapIdentitiesFlow to confidential-identities module

* Clean up confidential-identities build.gradle

* Change description to include Experimental

* Move confidential-identities to a dependency of node rather than node-api
2017-09-18 14:19:20 +01:00
Clinton
8415a01a47 Cordform common is now a part of the gradle plugin suite (#1474)
Cordform common is now a full gradle plugin and all related gradle hacks are removed.
2017-09-12 19:18:09 +01:00
Andras Slemmer
c9e9242ff4 Merge remote-tracking branch 'open/master' into aslemmer-enterprise-merge-september-8 2017-09-08 11:14:40 +01:00
Andrzej Cichocki
579abda044 Group test scope modules in testing dir (#1419) 2017-09-05 18:27:26 +01:00
Andrzej Cichocki
15f741f315 Spinoff driver into own project with demorun (#1401) 2017-09-05 09:50:51 +01:00
Andras Slemmer
a4ba8e4f2f Merge open master 2017-08-30 11:41:30 +01:00
josecoll
a2ede0fc73 Requery removal (#1276)
* Removed Requery object relational mapping usage (and associated schemas including node-schemas module)

* Fixed issues with NodeAttachmentService tests.
Cannot use JPA custom converters with Primary Key fields.
Hibernate entities require explicit call to flush() to persist to disk.

* Removed redundant requery converters (equivalents not even required in Hibernate).

* Removed remaining gradle requery dependency definitions.

* Fixed broken tests.

* Fixes for failing NodeVaultService tests:
- Dynamic SQL updates (in soft locking code)
- Explicit request by session to participate in transaction (causing "TransactionRequiredException" Executing an update/delete query)
- Explicit flush() required to persist to disk

* Updated changelog.
Fixed compiler warning.

* Fixed WHERE clause AND/OR condition.
Enforced immediate data visibility through transaction commit.

* Final fixes to address failing tests.

* Deferred all hibernate session/txn management to DatabaseTransactionManager.

* Fixed transaction boundaries in failing Cash tests.

* Fixes to address failing tests (transaction boundaries, merge detached object, config clean-up).

* Final adjustment to transaction boundaries in JUnit tests.

* Refactored AttachmentSchemaV1 into NodeAttachmentService itself and referenced from NodeServicesV1.

* Refactored HSQL UPDATE statements to use CriteriaUpdate API.

* Updated all criteria API getters to reference attribute names by type.

* Remove redundant VaultSchema entity name (required when previously using HSQL UPDATE syntax)

* Fix compiler warnings.

* Minor changes following rebase from master.

* Fixed suppress warning type.
2017-08-21 10:42:59 +01:00
Michal Kit
b6fd5ede58 Merge community-master 2017-08-15 12:04:09 +01:00
Andrzej Cichocki
39e7c25627 Add graphviz-based module-module compile dependency graphs (#1081) 2017-07-26 14:05:38 +01:00
Clinton
0ccfae252f POMs generated by publishing are now correct. (#1055)
* POMs generated by publishing are now correct. The publish extension now requires an explicit call to configure the publishing instead of waiting until after evaluation. This prevents evaluation order issues with the artifact renaming code that causes the POM to have the original, incorrect, artifact names.

* Fixed new test compile issues caused by removal of some dependencies in test utils that caused webserver code to be automatically included in any project also compiling test utils.
2017-07-18 12:34:56 +01:00
Andras Slemmer
eac7db295c Merge remote-tracking branch 'open/master' into aslemmer-enterprise-merge-july-13 2017-07-13 12:35:20 +01:00
Andrzej Cichocki
0aadc037ef Make logging available in IntelliJ between gradle clean and assemble (#929)
* Enforce absence of node from client rpc smokeTest classpath
2017-06-28 09:54:09 +01:00
Mike Hearn
ca8f5050cf Merge branch 'master' into mike-enterprise-merge-june-20th 2017-06-21 19:49:33 +02:00