Basic crypto API to support 5 signature schemes and MetaData-ed signatures.
Supported schemes: (1) RSA_SHA256, (2) ECDSA_SECP256K1_SHA256, (3) ECDSA_SECP256R1_SHA256, (4) EDDSA_ED25519_SHA512, (5) SPHINCS-256_SHA512.
To sign a transaction, a signer should create a MetaData wrapper that contains transaction's merkle root and some extra information, such as signer's public key, timestamp and visibleInputs. Actually, MetaData is utilised to support a practical partial, blind and extra-data attached signature model.
When a MetaData object is signed, the signer sends a TransactionSignature object that contains the signed output and the corresponding MetaData object.
Remarks:
This is an temporary solution for signature algorithmic agility. Further development is required for a robust and extensible Crypto Manager/Provider PKI that will support certificate creation, key generation, signing/verifying, deterministic key derivation, encoding formats, SGX/HSM support, identity and key management, versioning, revocation, asynchronicity, metadata, partial sig. policies etc.
* QueuedObservable could not leak due to hard references. Have made it weak referenced but also had to reference count a hard reference to prevent early GC. Explained in comments.
* Improved comments.
* Fixed typo
* Fixed another typo
* CORDA-265: Implement "ALL" permission for RPC users. Users with this permission in node.conf can use any flow.
* CORDA-265: Ensure that we always close the RPC proxy object after each test.
* CORDA-265: Refactor construction of dummy RPC client into an abstract base class.
* CORDA-265: Document RPC "ALL" permission.
* BFT notary prototype: add a non-validating service.
Each replica now validates the transaction timestamp and returns an individual signature to the BFT client. The client then returns a list of signatures back to the notary service flow.
The validating variant is still incomplete - it requires the ability to suspend flows on arbitrary function calls.
* Exclude old version of Javassist in favour of Hibernate's version.
* Comment why we are excluding javassist:javassist, and add TODO for when junit-quickcheck 0.8 is released.
Make notary flow return a collection of signatures to support the BFT notary. For a single-node or RAFT notary it would just contain a single signature.
* Make the network registration process more verbose
* removed gradle task for building standalone jar for the certificate signing request utility
* Added a flag "--initial-registration" to the corda jar to start the registration
* Add support for contract upgrades
* Add interface for the upgraded contract to implement, which provides functionality for upgrading legacy states.
* Add shared upgrade command and verification code for it.
* Add DummyContractV2 to illustrate what an upgraded contract looks like.
* Add new functions to vault service to support upgrading state objects.
* Add contract upgrade flow
Split CashFlow into independent CashIssueFlow, CashExitFlow and CashPaymentFlow,
so that users can be given access to one but not the other(s).
Signed-off-by: Ross Nicoll <ross.nicoll@r3.com>
