* ENT-2610: Separate passwords for store and for private keys in Corda OS.
When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.
Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.
Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.
Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.
* ENT-2610: Address PR input from @kchalkias
* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/
* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/
In the implementation of `CertificateStoreSupplier`
* CORDA-2113 - Include PNM ID in CSR
If Compatibility Zone operator is using private networks and the node
should be joining one, optionally the ID (a UUID) of that network can be
included as part of the node's CSR to to the Doorman.
* fix broken test
The entry point to the API has been simplified to just requireing a list of packages to scan, with sensible defaults provided for the metadata. Because of the wither methods, having parameters for the metadata (with default values) seems unnecessary. Also the ability to scan just individual classes has been made internal, as it seems unlikely app developers would need that level of control when testing their apps.
TestCordappImpl is a data class and thus acts as a natural key for the Jar caching, where previously the key was the package names. This fixes an issue where it was not possible to create two CorDapp Jars of the same package but different metadata.
* Move Raft and BFT notaries into separate modules
* Move schemas
* Fix tests & demos
* Modified logic for creating notary services:
Added a new field 'className' to the notary configuration. The node now
loads the specified implementation via reflection. The default className
value points to the simple notary implementation for backwards compatibility.
Relevant schemas are loaded in a similar fashion.
For backwards compatibility purposes the default SimpleNotaryService will
remain built-in to node, but its cordapp will be generated on startup – so
the loading of notary services is streamlined.
* Move test namedcache factory to test utils
Fix Liquibase quoting strategy for PostgreSQL to follow Corda convention.
In Liquibase for Postgres if schema name has uppercase or lowercase characters only then Liquibase would send it without double quotes and effectively make them lowercase.
Alter Postgres Liquibase dialect to wrap schema names in double quotes. This allows e.g. schemaName=ALICE be send as "ALICE" by Liquibase.
Corda persistence was already wrapping with double quotes, but certain cases in Liquibase were not following this. The result was that SQL run by Liquibase couldn't find schema (e.g. select ALICE.tablename ... in Postgres matched alice schema name not ALICE one).
The fix enables one integration test to be run now against standalone databases.
* CORDA-1726 Make sure test frameworks and nodes refuse to start on anything except the right Java versions
Move isValidJavaVersion(), hasMinimumJavaVersion() to Node as it can be use for check in DriverDSL for starting in-process node,
in-process node doesn't go via NodeStartup class where the correct Java version is checked.
Added safeguard to hasMinimumJavaVersion as some JDKs distributions may not have the update version number (e.g. AdoptOpenJDK) which causes unintended parse exception.
* CORDA-1726 Make sure test frameworks and nodes refuse to start on anything except the right Java versions - remove new test, for proper testing this would use reflection and field setting visibility modifiers which easly can has side effects on the subsequent tests
* Addressing PR comments.
Add SQL setup in new test classes which were missing it.
Ignoring H2 tests when running against standalone database.
Revert datasource Enterprise specific configuration for RaftTransactionCommitLogTests.kt test, and mark it as required for test in database mode.
* ENT-2489: Trivial change to prep for multiple RpcWorkerServiceHubs (i.e. identities)
* ENT-2489: Allow passing `targetLegalIdentity` from Client RPC call.
* ENT-2489: Starting RpcWorker with multiple RpcWorkerServiceHubs (unfinished)
* ENT-2489: Starting RpcWorker with single (for now) RpcWorkerServiceHub
* ENT-2489: Tighten-up integration tests assertions
* ENT-2489: Introduce RPCOpsRouting
* ENT-2489: Output configs for reference
* ENT-2489: Extend test for RpcWorker to operate with multiple identities.
* ENT-2489: Remove un-necessary P2P address
* ENT-2489: New test for RpcWorker getting paid.
* ENT-2489: Make RpcWorkerMultiIdentityTest work
* ENT-2489: Use MAX_RPC_MESSAGE_SIZE when configuring RPC broker.
* ENT-2489: Add exception clause when client attempts to use the wrong identity.
* ENT-2489: Fixes post merge from `master`.
* ENT-2489: Fixes post merge from `master`.
* ENT-2489: Explicitly specify X500 name in test.
* ENT-2489: Use single flow worker and switch anonymity off when making payment.
* ENT-2489: Fix for RpcWorkerTest.
Add `NetworkMapUpdater` to `FlowWorkerServiceHub` or else no-one will ever send a signal on `networkMapCache.nodeReady` future.
Not having `networkMapCache.nodeReady` in completed state, will prevent SMM from operating properly.
* ENT-2489: Handle gracefully the fact that session might be already closed.
* ENT-2489: Fix incorrect merge from `master`.
* ENT-2489: Make `RPCOpsRouting` generic with regard to `RPCOps` following discussion with @mnesbit
* ENT-2489: Make `methodTable` uniform for all the legal names.
* ENT-2489: Make `ObservableContext` non-generic.
* ENT-2489: Tidy-up shutdown sequence post merge from `master`
* ENT-2489: Correct exception type thrown
* ENT-2489: Generics test compilation fix.
* use constant for default platform version value when tests with out of process nodes are run from Intellij.
* node will use constant for platform version instead of manifest file(RPC already uses the constant, no sense in having 2 sources for it)
* fix issues caused by merge
* - Fixed some problems with error handling for Observables.
- Eliminated incorrect double `stop()` call for RpcBroker.
- Added `Schedulers.shutdown()` call in `stop()` implementation for Node and Driver, to avoid stuck processes when observable pipelines go wrong.
* Fixed a missing import.
* Removed `Schedulers.shutdown()` for now.
* Fixed an issue with `pendingFlowsCount()` function.
Allow configuration in node for additional advertised addresses.
fix logic error
Use empty list as default config not null
Allow multiple addresses in NodeInfo
Describe new additionalP2PAddresses property in docs.
Add integration test of additionalP2PAddress feature
Fixup after rebase
Address PR comment
Address PR comments by removing unused element of NodeAddress
