Remove use of Sun internal APIs and algorithm identifiers (which are incomplete and non-standard) in Crypto. Also eliminates uncertainty about which signature scheme is being used (and therefore iterating through several to find the correct one).
* Add functions for:
* Retrieving nodes via their legal identity
* Filtering a set of public keys down to those the node has corresponding private keys for
* Modify contract upgrade flows to handle identifying participants after an anomymisation step
* Correct terminology: "party who" -> "party which"
* Modify CashIssueFlow and CashPaymentFlow to optionally use an anonymous identity for the recipient.
* Replace kotlin Pair with DataFeed data class
* remove unintended changes
* Replace Vault.PageAndUpdates with DataFeed data class
* Remove PageAndUpdates
* First stage of changing fields in NodeInfo.
Part of work related to NetworkMapService upgrade. Create slots for
multiple IP addresses and legalIdentities per node.
* NodeInfo stores HostAndPort.
Move information specific to messaging layer away from NodeInfo.
Only HostAndPort addresses are stored. Add peer name - peer handle
mapping to MockNetwork to reflect that change.
* Enforce that the identity service must always have a root CA specified, which all identities have
certificates signed by (or intermediaries of). Also adds a certificate store to the identity service
for help building/verifying certificate paths.
* Add a certificate store for the CA certificate and intermediaries
* Use the certificate factory directly to build paths rather than assembling them via an interim
API call. After reducing the complexity of the utility API, it's replacing two lines of code,
at which point it seems better to make the behaviour clearer rather than having a function
hide what's actually going on.
Added Kotlin extension functions for ease of use in simplest case.
Added missing Java contractType class (previously was forced cast of ContractState::class)
Fixed generic typing.
Addressed items raised in SA PR review.
Removed 2 blank lines.
Fixed generics typing.
Updates RST doc and grouped API helpers accordingly.
* Vault Query Service API implementation using JPA Hibernate
Added queryBy(QueryCriteria) Vault API and Junit tests.
Minor cosmetic API changes following rebase.
Fixes following rebase from master
Upgraded to requery 1.3.1
WIP - removed 'latestOnly' from LinearStateQueryCriteria
WIP - CommercialSchemas V2, V3, V4 testing
WIP - sort out generics handling.
WIP - most general queries completed.
WIP - join queries, contractStateType derivation
WIP - refactoring Requery
WIP - refactored VaultService to extract a VaultQueryService interface (and associated Requery implementation).
WIP - HibernateVaultQuery implementation
WIP - Re-structured all Schema definitions (requery/jpa) and make Hibernate Config reusable.
WIP - Multi-version schema testing, hibernate query testing.
WIP - Custom Criteria and Fungible Criteria impl & testing.
WIP - Kotlin Comparable Generics error
WIP - Party queries all working now
WIP - All VaultQueryTests now working (refactored for AND / OR composition)
WIP - added schema registration in CordaPluginRegistry to enable custom vault queries on arbitrary schemas.
WIP - added new default Sort NULL order to be NONE + added lots more tests for Logical Operator testing.
Mostly identity fixes following rebase from master.
Exception handling and public API cleanup in prep for PR.
Additional tests for Logical Operators; additional tests for NULLS sort ordering; additional logging;
Additional parser to handle Nullable attribute values; added Unary and Collection logical expression handlers
Lots of cleanup: participants; trackBy interfaces; additional fungible tests; parser cleanup and improved support for Java
Removed all traces of Requery implementation.
Further minor cleanup and Junit test fix.
Final identity and schema related identity clean-up.
Revert unrelated changes.
PR review updates: blank lines, isRelevant.
Fixed wiring of updatesPublisher for dynamic trackBy queries.
PR review changes: multi-versioned schema samples and associated dummy contracts moved to test packages.
Fixed problem with sorted queries (not specifying any filterable criteria).
PR review: minor updates to address RP comments.
Typesafe custom query criteria
Cleanup: remove redundant tests.
Further clean-up and make all Java test work successfully.
Remove debugging print statements.
Rebased from master - changes required due to DealState module change.
fixed broken assertion caused by DealState ordering change (different package)
Fixed transaction demarcation issue causing "java.lang.IllegalStateException: Was not expecting to find existing database transaction on current strand"
trackBy() now filters on ContractType and StateStatus (CONSUMED, UNCONSUMED, ALL)
Added tests to exercise RPCOps trackBy and queryBy (RPC smoke test and CordaRPCOps)
Added additional @CordaSerializable annotations.
Updated documentation and referenced sample code.
Added deprecation annotations.
Re-added missing deprecation annotation.
Hibernate debug logging is now configurable and disabled by default.
Introduced common Sort attributes based on the node schemas.
Completely removed NULL_HANDLING sort parameter as this is not supported in JPA.
Revisited and fixed usage of @CordaSerializable.
* Minor fix following rebase from master.
* Remove blank line as per RP PR feedback request.
* Minor Java documentation and example clean-up.
* Disable BFT Notary Service tests.
* The fancy classloader setup in Cordform.loadCordformDefinition is defeated by certificates in 2 ways
** Class cast when creating a cert (via TestConstants) in a CordformDefinition
** Some issue when persisting a cert in ServiceIdentityGenerator
* This PR is a quickfix to get the demos working again
* Proper fix (not this PR) is to work out why it's not enough for eddsa to be in the project runtime classpath - if it can be removed from the gradle environment that ought to properly fix the above problems
Use the certificate factory directly to build paths rather than assembling them via an interim
API call. After reducing the complexity of the utility API, it's replacing two lines of code,
at which point it seems better to make the behaviour clearer rather than having a function
hide what's actually going on.
Add extremely rough DER format encoding for CompositeKey so that they can be used in X.509 certificates,
and switch service identity generator to using the proper identity cert for signing.
* Fix BFT config that only worked with clusters of size 4
* Shutdown BFT properly so that tests can run back to back in theory
* Wait for initial connection between client and all replicas before touching it
* Add test for non-trivial BFT cluster
* Shutdown NodeBasedTest nodes in parallel, as BFT shutdown time is non-trivial
* Overlapping ports check no longer assumes all on localhost
* Fix overlapping ports test to actually check the messages
* Correct path composition in identity service tests
* Correct identity service certificate path verification to handle the owning certificate being anywhere in the path, rather than expecting it to be trust root
Correct construction of anonymous parties to use the first certificate (the target)
rather than the last (the trust root). Worked because early tests used single certificate
paths, but later work introducing multi-certificate paths reveal it's rather broken.
* Remove unused type param
* If we drop Runnable we can use conciser syntax
* Sometimes we need the fully-fledged object, so retire separate handle class
* Implement IntelliJ suggestion
Deterministic Key Derivation for ECDSA R1/K1 and EdDSA
* DKG description and comments
* Removing a (confusing) not-required comma in comments.
* rename deterministic and generate to derive
Matching can be done with case insensitive substrings in the identity service, RPC and shell. In future cleverer matching should be possible, e.g. using Lucene or RDBMS free text search features.
Modify generateExit to return full set of signing keys in preparation for anonymity work meaning
that owner and issuer keys are typically not the same.
All references to 'parties' now refer to the inherited 'participants' attribute from ContractState.
Samples: all duplicate references to `parties` now changed to `participants`.
Clean up cash tests ahead of anonymisation work. This simplifies some boiler plate setup/teardown
and ensures idenities and flows are correctly registered.
Fixed issue where Corda services installed in unit tests were not being marked as serialise as singleton. Also the driver now automatically picks up the scanning annotations. This required moving the NodeFactory used in smoke tests into a separate module.
Core corda publications and JARs now have cord or corda at the start (excluding gradle plugins). Removed an unnecessary dependency on test-utils in node-schemas to prevent an evaluation order bug in gradle.
* Increase max network map request size so the notary can register
* Suppress oracle service installation errors in non-oracle nodes
* Make demos automatically build capsule jars
* Fix how network visualiser displays node X500 names.
* Change locations of test nodes, so when used for explorer map visualisation not all of them are stacked one on another in London.
Change PartyAndCertificate to an aggregate class instead of a subclass of Party. This reduces the changes compared to M11, as well as avoiding risk of accidental serialization of a PartyAndCertificate (which may be very large) where a Party is expected.
Cleaned up initial nodes known to the identity service, in particular mock nodes now know about themselves; previously full nodes registered themselves but mock nodes did not.
* Specifically, DriverTests and WebserverDriverTests
* RPCDriver.startRpcBroker now waits for port to be unbound, as was probably intended
* Explicitly drop network map future while ensuring the error is logged
* Fix bug in demobench. Explorer didn't show correctly location of a node.
There was no nearestCity override in config.
* Remove nearestCity from node configuration. Now information about the location is always taken from
node's legal name. If not present - exception on node startup.
* Add X500Name.locationOrNull that soft fails when location is not in X500 name. Address PR comments.
* Remove unused imports.
* Construct standard flows using PartyAndCertificate, and add support for launching
flows that are constructed with PartyAndCertificate or just Party.
* Store PartyAndCertificate in network map service
* Expand identity service to store certificates along with all identities.
This removes the need to do manual registration using the PluginServiceHub. As a result CordaPluginRegistry.servicePlugins is no longer needed. For oracles and services there is a CorDappService annotation.
I've also fixed the InitiatingFlow annotation such that client flows can be customised (sub-typed) without it breaking the flow sessions.
Replace X509Certificate with X509CertificateHolder for consistency in implementation of how X.509 certificates
are managed. Using the Java standard class entails the actual implementing class being one of several options
depending how a certificate is built, which makes serialization/deserialization with Kryo inconsistent as some
of these forms cannot be directly built from outside restricted classes.
* De-anonymise parties in AbstractStateReplacementFlow flows
* Convert transaction key negotiation to a subflow instead of utility functions
* Add serialization support for CertPath
* Restructure cash flows so that a counterparty flow can be added later
* Rename raft-notary-demo project to notary-demo
* Refactor serialisation filtering to allow BFT SMaRt to work, it no longer relies on the jdk.serialFilter system property
* In NodeBasedTest remove whitespace in node directory names for consistency with cordform and driver
* Add "TLS" to createTlsServerCert() to differentiate it from future work to introduce a non-TLS variant.
*Change to using Java 8 time types for certificate validity - does introduce so unnecessary roundtrips, but makes the code significantly easier to read/follow. In particular avoids opaque integers in the code and replaces them with Duration.
Remove mock identity service and merge it with the in memory identity service. The two services
provide extremely similar functionality, and having two different version for production/test
risks subtle implementation differences. On that note, this patch includes changes to a number
of tests which worked only with mock identity service.
Fixup after rebase
Restore original key property names
Fixup after rebase
Undo extra import that IntelliJ keeps erroneously adding.
Add comments and fix docs for transaction signing.
Fixes after rebase
More fixes after rebase
Address PR requests
Address PR requests
* Raft notary demo now defined in one place that both IntelliJ/driver and gradle/runnodes can run
* New module cordform-common for code common to cordformation and corda
* Add single notary demo
Switch to using AbstractParty as the standard identifier for parties in
states, so that full parties can be used during construction of
transactions and anonymised parties when the transaction is being added
to the ledger.
* Fix: Add missing @StartableByRPC to fix the Raft notary demo
* Make loadConfig take a Config object, for cordformation Node
* Unduplicate User.toMap
* Unduplicate WHITESPACE regex, choose possessive form
* Use slash to make a Path
* Remove Companion where redundant
* Remove unused code
