* Initial host server skeleton.
* Create IASProxy project, and skeleton for attestation host.
* Fix up tests
* Extend attestation host skeleton, and make test ports configurable.
* Enhance MockIAS to make pseManifestStatus optional.
* Make IASProxy endpoints asynchronous.
* Add sub-modules for challenger and for common code.
* Create integration test for host's provisioning endpoint.
* Flesh out attestation challenger WAR.
* Package refactoring, to be more Java9 friendly.
* Refactor more messages into attestation-common.
* Remove our private key from the repository.
* Declare an empty PSE Manifest to be invalid.
* Fix basic integration test issues for challenger and host.
* Integrate keystore scripts into the build properly.
* Name keystore targets explicitly for Gradle.
* Allow HTTP conversation between Challenger, Host and ISV using session ID.
* Add MockHost for challenger's integration tests.
* Reconcile HTTP port numbers between Phase1 and Phase2 components.
* Remove elements that can be inherited from root project.
* Add placeholder README.
* Add convenient extension functions to ObjectMapper.
* Extend integration test coverage for challenger/host/isv.
* Catch IOException from HttpClient for challenger.
* Integrate host sub-module with remote-attestation project.
* Begin integrating host/enclave code from Phase I.
* Rename challenger's HTTP endpoint.
* Generate keystore for challenger "on the fly".
* Add native JNI code for accessing the SGX enclave.
* Point Gradle to the correct enclave object.
* Fixes for generating a Quote for this enclave.
* Return the IAS report to the challenger for verification.
* Begin populating the challenger's AttestationResponse message.
* Enable the challenger to pass encrypted secrets into the enclave.
* Align challenger, host and isv ports.
* Refactor challenger as a fat-jar application.
* AttestationResponse is not shared, so refactor into challenger.
* Move HttpClientContext objects into HttpClient blocks.
* Remove unused Message2 and Message3 objects.
* Add realistic dummy value for reportID from IAS.
* Small tidy-up on attestation host.
* First set of review comments.
* Add missing exception message.
* Update location of environment file.
* Use empty mock revocation lists by default.
* Improve logging and add "happy path" test for provisioning secrets.
* Update Gradle files so that we can run attestation-host from IntelliJ.
* The platformInfo field from IAS can be null, so allow this.
Also protect other JNI pointer parameters from NPE.
* Allow Gradle to build hardware enclave.
* ENT-1291 Switch liquibase changelogs to use nvarchar instead of varchar
* Configure Hibernate to use nationalised strings
* Configure Hibernate to use nationalised strings
* Change schema so that UUIDs are varchars
* Update schema certificate signing request status is not unicode
* Upper case suffix for audit tables
* nvarchar -> varchar for status in the audit table
* Capitalisation
* Capitalisation
* Force hibernate to use unicode columns on SQL server
* Force hibernate to use unicode columns on SQL server
* Schema change to make PostgreSql happy
* SQL files to initialise the perfcluster db for SQL server and PostgreSql
* Code ordering and extra comment
* BFTNotaryServiceTests.kt - instantiate MockServices before each test, not at the class level - to allow database integration test clean database before each test.
* MySQLNotaryServiceTests.kt - use H2 datasource for the notary in database integration tests (and as it was before during standard integration tests)
* Revert Enterprise way of makeTestDataSourceProperties MockNode.kt.
* Minor attempt to refactor Enterprise only parts of reading database config and make it less error prone during OS->Enterprise merge.
* Make java interop functions same as inline functions and add tests
* Fixing docs
* Move unspecifiedCountry to internal. (#2274)
* Review changes
* Call java interop functions from inline functions
* Use correct test assertion
* Tentative API and implementation.
* Tests completed. API update needed.
* Updated api-current.txt. Some previous changes hadn't been reflected and now they are.
* Improved the tests.
* Some code review changes.
* Merge branch 'master' into features/ENT-850
# Conflicts:
# .ci/api-current.txt
* Code review changes.
* Code review changes.
* Override Liquibase default schema by one from the node configuration (database.schema) if they are different. This allows database tables be created within a correct schema when no default schema is set at database level.
* Pass in the databaseConfig.schema for network manager (for Liquibase schema migration).
* Design doc (unfinished).
* Design doc, requirements completed.
* Design doc, more content and the diagram.
* Design doc, more content.
* Design doc, minor changes.
* Changes following review from @davidleeuk
* Changes following review from @gendal
* Changes following review from @shamsasari
* R3NET-546: Re-arrange independent flows into separate packages. Functionally this is a NOP change.
* R3NET-546: Start BNO as a separate Corda node and improve GUI experience for IOU.
* R3NET-546: Move all the membership checks to the Business Network Owner node side, creating "InitiatedBy" flows as necessary.
* R3NET-546: Make MembershipViolationException AMQP serializable.
* R3NET-546: Improve GUI error reporting in case of membership violation.
* R3NET-546: Code changes following review by: @shamsasari
* R3NET-546: Code changes following review by: @shamsasari
* R3NET-546: Added a dedicated InvalidMembershipListNameException.
* CORDA-876 MockNetwork no longer leaks serialization env if init fails (#2272)
* Removed all remaining special treatment of the X500 common name.
* Move unspecifiedCountry to internal. (#2274)
* Merge fixes, which includes fixing the doorman tests and updating the doorman to not set a CN in the CSR responses
* Quick fixes
* Fix SignedNodeInfo
Introduce network-management schema changes to reflect that NodeInfos
can have multiple signatures.
* Address Shams comments
Store SignedNodeInfo as a blob for network management tool.
* Add more detail to HSM doorman outputs
* Remove duplicate display of defaults, add default value where it was only set in text, and show the actual names of the authentication modes.
* Add instructions for getting command line help
* Change error display to use System.err
* ENT-1012 - Use non-privileged user
* ENT-1012 - Build and run containerised tests from IntelliJ
* ENT-1012 - Remove trusty source in container
* ENT-1012 - Make debug target toggleable
* ENT-1012 - Inform when ready to attach debugger
* ENT-1012 - Update reference to user home folder
With network parameters the CN is no longer needed to identify notaries. This frees it up to be used in the node's name alongside the other attributes.
Also, the identity generation logic has been simplified, removing the need to have magic string values for storing distributed identities in the keystore. Now there are just two alias prefixes: "identity" as it was previously, and "distributed-notary".
