Commit Graph

1659 Commits

Author SHA1 Message Date
Viktor Kolomeyko
88f368134f
ENT-2610: Separate passwords for store and for private keys in Corda OS. (#4090)
* ENT-2610: Separate passwords for store and for private keys in Corda OS.

When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.

Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.

Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.

Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.

* ENT-2610: Address PR input from @kchalkias

* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/

* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/

In the implementation of `CertificateStoreSupplier`
2018-10-22 07:11:27 +01:00
Roger Willis
dd60ae27f2
FungibleState and design document for tokens (#4049) 2018-10-20 10:52:24 +01:00
Konstantinos Chalkias
72cab90577
[CORDA-738] Ensure encumbrances are bi-directional (#4089) 2018-10-19 18:34:32 +01:00
Thomas Schroeter
f685df46b5
[ENT-1774] FlowAsyncOperation deduplication ID (#4068) 2018-10-19 11:40:59 +01:00
Rick Parker
55731ef816
ENT-2431 Tidy up buildNamed and CacheFactory 2018-10-18 10:38:43 +01:00
Stefano Franz
456c9a85e1
remove requirement to override default progress tracker for interacti… (#3985)
* remove requirement to override default progress tracker for interactive shell - this is no longer needed

* fix failing tests
2018-10-17 11:27:14 +01:00
Andrius Dagys
715c38766d CORDA-2109: Fix a bug that prevents consecutive multiparty contract upgrades
The contract upgrade handler assumes that the state to be upgraded is
created by a WireTransaction. This breaks the upgrade process if it was
in fact issued by a ContractUpgradeWireTransactions or a NotaryChangeWireTransaction.
2018-10-17 10:20:27 +01:00
Konstantinos Chalkias
68d736dd81
Doorman can sign TLS certs directly. (#4078) 2018-10-16 11:16:28 +01:00
Shams Asari
6d4bdb84b9
Code cleanup, mostly shortening long lines (#4070) 2018-10-15 12:01:15 +01:00
szymonsztuka
b769ad80bd
CORDA-195 When collecting JAR Signatures allow META-INF/*.EC block signature to follow jarsinger tool capabilities (#4065)
jarsigner can produce META-INF/*.EC block signature for EC algorithm (https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jarsigner.html) even if this is contrary to JAR File spec (https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html). Allow block signature be also in *.EC file.
2018-10-12 16:54:39 +01:00
Konstantinos Chalkias
554b1fa371
[CORDA-2084] EdDSA, SPHINCS-256 and RSA PKCS#1 are deterministic, no RNG required. (#4051) 2018-10-10 10:35:18 +01:00
Andrius Dagys
9ebeac1ad8
CORDA-535: Extract notary implementations into CorDapps (#3978)
* Move Raft and BFT notaries into separate modules

* Move schemas

* Fix tests & demos

* Modified logic for creating notary services:

Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.

For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.

* Move test namedcache factory to test utils
2018-10-10 10:04:22 +01:00
Dominic Fox
b6f2532ce6
Corda 1922 serialize states with calculated values (#3938)
* Introduce SerializeForCarpenter annotation

* Apply SerializableComputedProperty annotation to Cash.exitKeys, fix bugs

* info -> trace

* Remove annotation from FungibleAsset, as we do not know whether all implementing classes will provide the property as a calculated value

* Remove redundant import

* Explicit lambda params

* Restore explicit import for Enum valueOf

* Moving and rescoping

* More meaningful error message

* Add java test and documentation

* Fix accidentally broken unit test

* Ignore superclass annotation if property not calculated in implementing class

* Exclude calculated properties from Jackson serialisation

* Fix broken test
2018-10-09 14:54:31 +01:00
Konstantinos Chalkias
5d84640d1f
Add missing validation in the OpaqueBytesSubSequence.init (#4047) 2018-10-09 09:48:54 +01:00
Dominic Fox
d9ea19855f
CORDA-2006: Simplify checkpoint serialization (#4042)
* CORDA-2006: Simplify checkpoint serialization

* Supply rule to KryoTest
2018-10-08 13:39:28 +01:00
Chris Rankin
c88d3d8c1b
CORDA-2030: Resolve build warnings about kotlin-stdlib-jre8 in unit tests too. (#4043) 2018-10-08 12:49:05 +01:00
Shams Asari
39434dcbec
Assorted set of clean ups (#4039) 2018-10-05 18:05:10 +01:00
Konstantinos Chalkias
0621efe7c6
Do not remove entropyToKeyPair from DJVM (it is deterministic anyway and we might use it in tests) (#4036) 2018-10-05 14:11:56 +01:00
Konstantinos Chalkias
fa4c54a080
[CORDA-2063] Ensure signatures and BC operations always use newSecureRandom (#4020)
* special handling for Sphincs due a BC implementation issue

* delete all sign operations from DJVM and stub out BC's default RNG

* copy Crypto signing functions to deterministic.crypto.CryptoSignUtils as they are required for testing transaction signatures.
2018-10-05 12:01:16 +01:00
Shams Asari
bffac331a3
Moved the PLATFORM_VERSION constant to core and added some missing usages (#4026) 2018-10-05 09:28:00 +01:00
Shams Asari
85d2a85e85
Safe parsing of min platform version and target version from CorDapp MANIFEST files (#4031)
Also includes some cleanup
2018-10-04 16:00:07 +01:00
josecoll
7edc18f85d
CORDA-1997 Added constraint type information to vault states table. (#3975)
* Added constraint type information to vault states table.

* Added Vault Query criteria support for constraint data.

* Added documentation and changelog entry.

* Added missing @CordaSerializable.

* Fix minor bug in test setup and parsing code.

* Use binary encoding data types instead of serialize/deserialize.

* Optimized storage of constraints data.
Additional assertions on Vault Query constraint data contents (to validate encoding/decoding).
Tested with CompositeKey containing 10 keys.

* Addressing PR review feedback.

* Query by constraints type and data.

* Revert back accidentally removed code for contractStateType filtering.

* Incorporating final PR review feedback. Use @JvmOverloads on constructor.

* Make sure constraintInfo is class evolution friendly.
2018-10-03 13:41:25 +01:00
Florian Friemel
df4936c1fa
[CORDA-1926] Make CordappInfoResolver.withCordappInfoResolution @VisibleForTesting. (#4011)
Make CordappInfoResolver.withCordappInfoResolution and CordappInfoResolver.clear @VisibleForTesting.
2018-10-02 15:48:22 +01:00
Florian Friemel
842eac5c43
[CORDA-1926] Implement target version and min platform version (#3899)
https://r3-cev.atlassian.net/browse/CORDA-1926
2018-09-28 09:46:06 +01:00
Konstantinos Chalkias
e92ad538cf
CORDA-2031 put "AlgorithmParameters.SHA256WITHECDSA" to BC (#3997) 2018-09-27 15:21:12 +01:00
Rick Parker
965f9ce528
ENT-2431 Lay foundations for caching metrics (#3955) 2018-09-24 09:55:56 +01:00
Roger Willis
c4d86b1b26
CORDA-1999 Changed isRelevant to relevancyStatus. (#3966)
* Changed isRelevant to relevancyStatus.

* Fix cash selection from breaking.

* Fixed non-backwards compatible API change.

* Updated schema migration changelog.

* Updated comment.
2018-09-19 15:50:39 +01:00
Michal Kit
492c25fedd
CORDA-1995 removing DigitalSignatureWithCertPath (#3953)
* CORDA-1995 removing DigitalSignatureWithCertPath

* Fixing unit tests

* Addressing review comments
2018-09-19 14:30:21 +01:00
Dominic Fox
98c92ef16f
CORDA-1391: Separate out Checkpoint serialization (#3922)
* Separate out Checkpoint serialization

* Update kdocs

* Rename checkpoint serialization extension methods

* Fix bungled rename

* Limit API changes

* Simplify CheckpointSerializationFactory

* Add CheckpointSerializationScheme to API checker

* CheckpointSerializationScheme should not be implemented

* Move checkpoint serialisation to internal package

* Remove CheckpointSerializationScheme from api-current

* Quarantine internal classes

* Remove checkpoint context from public API

* Remove checkpoint context from public API

* Fix test failures

* Completely decouple SerializationTestHelpers and CheckpointSerializationTestHelpers

* Remove CHECKPOINT use case

* Remove stray reference to checkpoint use case

* Fix broken test
2018-09-19 14:23:29 +01:00
Konstantinos Chalkias
7b4c4803b9
isRelevant didn't work for composite ownership, it's now fixed (under certain assumptions). (#3967) 2018-09-19 10:03:16 +01:00
Michele Sollecito
5113f4c8c1
[CORDA-1941]: Server-side draining node shutdown. (#3909) 2018-09-18 13:04:26 +02:00
Shams Asari
c79dd8017d
CORDA-1264: Mask internal errors if devMode is false (#3942) 2018-09-17 15:44:51 +01:00
Thomas Schroeter
057ee74611
Single node notary thread safety (#3924) 2018-09-12 13:36:04 +01:00
Viktor Kolomeyko
90a7dd2bf4
ENT-2489: Fix serialization for some of the CordaExceptions. (#3925)
Also add a unit test that exposes the problem.

Without these changes AMQP serialization fails with the following:
```
 net.corda.serialization.internal.amqp.AMQPNotSerializableException: Constructor parameter - "reason" -  doesn't refer to a property of "class net.corda.node.services.statemachine.SessionRejectException"
	at net.corda.serialization.internal.amqp.SerializationHelperKt.toPropertyAccessorConstructor(SerializationHelper.kt:120) ~[corda-serialization-4.0-SNAPSHOT.jar:?]
	at net.corda.serialization.internal.amqp.SerializationHelperKt.propertiesForSerializationFromConstructor(SerializationHelper.kt:107) ~[corda-serialization-4.0-SNAPSHOT.jar:?]
	at net.corda.serialization.internal.amqp.custom.ThrowableSerializer.toProxy(ThrowableSerializer.kt:28) [corda-serialization-4.0-SNAPSHOT.jar:?]
	at net.corda.serialization.internal.amqp.custom.ThrowableSerializer.toProxy(ThrowableSerializer.kt:12) [corda-serialization-4.0-SNAPSHOT.jar:?]
	at net.corda.serialization.internal.amqp.CustomSerializer$Proxy.writeDescribedObject(CustomSerializer.kt:159) [corda-serialization-4.0-SNAPSHOT.jar:?]
```
2018-09-12 11:29:36 +01:00
Shams Asari
ca5d88e65a
Minor changes made in ENT which should have been ported over (#3932) 2018-09-12 11:26:37 +01:00
Shams Asari
83e66d542d
Syncing Cordapp info code from ENT so that ENT-1731 is fully ported (#3914)
Also, Cordapp.Info has been made internal as it's not used in the public API
2018-09-10 10:43:00 +01:00
Dan Newton
db6c7f38a5 Support for case insensitive vault queries (#3853)
* Make the criteria builder functions case insensitive

Add IGNORE_CASE versions of the comparison operator enums
Add exactMatch argument to criteria builder functions where strings can be passed in and set its default value to true
Use JvmOverrides to provide the default true version to java without needing to specify a value manually
If exactMatch is true then the original enums will be used, if false the IGNORE_CASE enums will be used instead
HibernateQueryCriteriaParser.columnPredicateToPredicate now takes into account the IGNORE_CASE versions of the enums

* Tidy up QueryCriteriaUtils and HibernateQueryCriteriaParser

Split HibernateQueryCriteriaParser.columnPredicateToPredicate into smaller functions
Reduce duplicated code in QueryCriteriaUtils

* Tidy up QueryCriteriaUtils and HibernateQueryCriteriaParser

Split HibernateQueryCriteriaParser.columnPredicateToPredicate into smaller functions
Reduce duplicated code in QueryCriteriaUtils (missed some code here)

* update changelog and api-vault-query docs with new API functions

* reorder Operator enums so that the ignore case enums are at the end

In case anyone is depending on the order of the enums, to keep compatibility with existing CorDapps the enums should be added at the end to prevent ordinals from breaking.
2018-09-07 10:20:21 +01:00
Michele Sollecito
584387d5ec
Fixed some problem I discovered while working on another story (#3901)
* - Fixed some problems with error handling for Observables.
- Eliminated incorrect double `stop()` call for RpcBroker.
- Added `Schedulers.shutdown()` call in `stop()` implementation for Node and Driver, to avoid stuck processes when observable pipelines go wrong.

* Fixed a missing import.

* Removed `Schedulers.shutdown()` for now.

* Fixed an issue with `pendingFlowsCount()` function.
2018-09-06 13:11:41 +01:00
Shams Asari
be45096082
CORDA-1864: Added getter for network parameters to RPC (#3892) 2018-09-05 11:17:13 +01:00
Michele Sollecito
d01dd22419
[CORDA-1937]: Refactor NodeConfiguration hierarchy. (#3856) 2018-09-04 10:26:10 +01:00
Mike Hearn
33f5aa4190 RPC: make the client library require the platform version it is built for.
Remove an unnecessary override on the CordaRPCOps interface.
2018-09-03 19:05:47 +02:00
Shams Asari
9544fac2c0
Clean up of MerkleTransaction.kt (#3880)
Primarily making the deserialiseComponentGroup method simpler.
2018-08-31 12:44:53 +01:00
Michal Kit
8e6a9818b7
CORDA-1932 Fixing network map certificate path verification (#3843)
* CORDA-1932 Fixing network map certificate path verification to be certificate hierarchy agnostic

* Addressing review comments
2018-08-31 09:35:36 +01:00
Michal Kit
d7b85b4928
CORDA-1934 Renaming INTERMEDIATE_CA certificate role to DOORMAN_CA certificate role (#3844) 2018-08-31 09:35:06 +01:00
josecoll
36bfe268af
Revert back to using "relevancy" as "modifiable" states are not permissible by definition on an immutable ledger. (#3847) 2018-08-28 11:04:40 +02:00
Dominic Fox
f81428eb53
Corda 1916: signature attachment constraints (#3839)
* Create constraint, extract Jar signature collection

* Extract JarSignatureCollector into its own file

* Jar signature collection throws exception if signatures are inconsistent

* Focus testing in Jar signature collection

* Extract some helper functions in test

* Patch tests with mock attachment storage

* Assert that generated constraint is satisfied by signed attachment

* Clarify constraint selection logic

* Explicit return types on extension methods

* Link to docsite Signature Contrainsts documentation

* Fix issue with shared JAR reading buffer
2018-08-24 17:21:54 +01:00
Christian Sailer
bc330bd989
ENT-2414 Named caches (#3848)
* Add named caches and apply to NonInvalidingUnboundCache and all usages.

* Add named caches and apply to NonInvalidingCache and all usages.

* Add named caches and apply to NonInvalidingWeightBasedCache and all usages.

* Move NamedCache to core/internal

* Remove type `NamedCache` and `NamedLoadingCache`

* Suppressed 'name not used' warning, added comment, and fixed generic parameters on the buildNamed functions.

* Use `buildNamed` in all caffeine instances in production code. Not using it for caches that are created in test code.

* Add checks for the cache name

* Formatting

* Minor code review revisions
2018-08-24 17:17:22 +01:00
szymonsztuka
487cad7d06
CORDA-1471 Database schema setup for internal tables via Liquibase (#3815)
Internal tables (the tables from node and finance modules) are now tracked /created by Liquibase script.
Tables backing MappedSchemma in Cordapps are created by Hibernate (as before). 
The PR scope added Liquibase library, setup code SchemaMigration and XML scripts and from Enterprise.
For existing database installation - the node will auto-upgrade to use Liquibase.
Method migrateOlderDatabaseToUseLiquibase checks for any 3.X existing Corda database to upgrade database to use Liquibase. When the existing database without Liquibase integral tables is detected, the node (at startup) will create Liquibase tracking tables and fill them with all migration scripts (marked as done), this ensure the database will look as it would use Liquibase from the beginning.
The database changes gradually introduced by the subsequent 3.X releases (3.1, 3.2) are conditionally run by Liquibase.
2018-08-23 16:30:02 +01:00
Mike Hearn
785bae9e48 Minor: add a missing kdoc for InsufficientBalanceException 2018-08-23 13:12:18 +02:00
Chris Rankin
040de41e27
CORDA-1925: Include Requirements object in core-deterministic. (#3841) 2018-08-23 10:08:20 +01:00