Commit Graph

6 Commits

Author SHA1 Message Date
Andrius Dagys
e0d8ea8a58
CORDA-535: Move implementation specific configuration values out of n… (#4058)
The configuration objects for specific notary implementations have been replaced
by a single untyped "extraConfig" Config object that is left to the notary service
itself to parse.

* Remove the raft bootstrapping command from node, we'll need a different
mechanism for that.

* Remove pre-generated identity config value.

* Split up obtainIdentity() in AbstractNode to make it easier to read.

* A temporary workaround for the bootstrapper tool to support BFT notaries.

* Update docs

* Add upgrade notes

* Fix rebase issue

* Add a config diff for the bft notary as well
2018-10-22 10:26:10 +01:00
Viktor Kolomeyko
88f368134f
ENT-2610: Separate passwords for store and for private keys in Corda OS. (#4090)
* ENT-2610: Separate passwords for store and for private keys in Corda OS.

When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.

Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.

Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.

Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.

* ENT-2610: Address PR input from @kchalkias

* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/

* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/

In the implementation of `CertificateStoreSupplier`
2018-10-22 07:11:27 +01:00
Andrius Dagys
4c3b9a067c CORDA-535: Make notary implementations publishable 2018-10-18 11:07:31 +01:00
Rick Parker
55731ef816
ENT-2431 Tidy up buildNamed and CacheFactory 2018-10-18 10:38:43 +01:00
Florian Friemel
47068e6b7a [CORDA-2077] Use latest gradle plugin version (4.0.32), set target version in core and sample CorDapps (#4038)
* Upgrade gradle plugin; add target version attribute to finance and sample cordapps.
* Remove '-SNAPSHOT' from gradlePluginsVersion.
* Fix naming.
* Update docs.
* Respond to feedback.
* Fix irs demo
* Fix more samples
* Fix more samples
* Fix deployNodes
* Fix deployNodes
* more fixes
* fix simm valuation
* more fixes
* more fixes
* more fixes
* more fixes
* Publication should have *nothing* to do with cordformation and deployNodes.
Remove it! And if this exposes a bug then "so be it".
* Disable CorDapp signing for Cordapp Configuration and Network Verifier.
* Disable CorDapp signing for SIMM Valuation Demo.
* Remove remaining publishing nonsense from samples.
* Workarounds fpr cordapp-configuration, network-verifier and simm-valuation-demo:
JarSigner rejects jars with duplicates inside, so remove them.
* Upgrade to Gradle plugin 4.0.32 and reenable CorDapp signing for samples.
2018-10-15 21:11:52 +01:00
Andrius Dagys
9ebeac1ad8
CORDA-535: Extract notary implementations into CorDapps (#3978)
* Move Raft and BFT notaries into separate modules

* Move schemas

* Fix tests & demos

* Modified logic for creating notary services:

Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.

For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.

* Move test namedcache factory to test utils
2018-10-10 10:04:22 +01:00