* Correct path composition in identity service tests
* Correct identity service certificate path verification to handle the owning certificate being anywhere in the path, rather than expecting it to be trust root
Correct construction of anonymous parties to use the first certificate (the target)
rather than the last (the trust root). Worked because early tests used single certificate
paths, but later work introducing multi-certificate paths reveal it's rather broken.
* Remove unused type param
* If we drop Runnable we can use conciser syntax
* Sometimes we need the fully-fledged object, so retire separate handle class
* Implement IntelliJ suggestion
Deterministic Key Derivation for ECDSA R1/K1 and EdDSA
* DKG description and comments
* Removing a (confusing) not-required comma in comments.
* rename deterministic and generate to derive
Matching can be done with case insensitive substrings in the identity service, RPC and shell. In future cleverer matching should be possible, e.g. using Lucene or RDBMS free text search features.
Modify generateExit to return full set of signing keys in preparation for anonymity work meaning
that owner and issuer keys are typically not the same.
All references to 'parties' now refer to the inherited 'participants' attribute from ContractState.
Samples: all duplicate references to `parties` now changed to `participants`.
Clean up cash tests ahead of anonymisation work. This simplifies some boiler plate setup/teardown
and ensures idenities and flows are correctly registered.
Fixed issue where Corda services installed in unit tests were not being marked as serialise as singleton. Also the driver now automatically picks up the scanning annotations. This required moving the NodeFactory used in smoke tests into a separate module.
* Increase max network map request size so the notary can register
* Suppress oracle service installation errors in non-oracle nodes
* Make demos automatically build capsule jars
* Fix how network visualiser displays node X500 names.
* Change locations of test nodes, so when used for explorer map visualisation not all of them are stacked one on another in London.
Change PartyAndCertificate to an aggregate class instead of a subclass of Party. This reduces the changes compared to M11, as well as avoiding risk of accidental serialization of a PartyAndCertificate (which may be very large) where a Party is expected.
Cleaned up initial nodes known to the identity service, in particular mock nodes now know about themselves; previously full nodes registered themselves but mock nodes did not.
* Specifically, DriverTests and WebserverDriverTests
* RPCDriver.startRpcBroker now waits for port to be unbound, as was probably intended
* Explicitly drop network map future while ensuring the error is logged
* Fix bug in demobench. Explorer didn't show correctly location of a node.
There was no nearestCity override in config.
* Remove nearestCity from node configuration. Now information about the location is always taken from
node's legal name. If not present - exception on node startup.
* Add X500Name.locationOrNull that soft fails when location is not in X500 name. Address PR comments.
* Remove unused imports.
* Construct standard flows using PartyAndCertificate, and add support for launching
flows that are constructed with PartyAndCertificate or just Party.
* Store PartyAndCertificate in network map service
* Expand identity service to store certificates along with all identities.
This removes the need to do manual registration using the PluginServiceHub. As a result CordaPluginRegistry.servicePlugins is no longer needed. For oracles and services there is a CorDappService annotation.
I've also fixed the InitiatingFlow annotation such that client flows can be customised (sub-typed) without it breaking the flow sessions.
Replace X509Certificate with X509CertificateHolder for consistency in implementation of how X.509 certificates
are managed. Using the Java standard class entails the actual implementing class being one of several options
depending how a certificate is built, which makes serialization/deserialization with Kryo inconsistent as some
of these forms cannot be directly built from outside restricted classes.
* De-anonymise parties in AbstractStateReplacementFlow flows
* Convert transaction key negotiation to a subflow instead of utility functions
* Add serialization support for CertPath
* Restructure cash flows so that a counterparty flow can be added later
* Rename raft-notary-demo project to notary-demo
* Refactor serialisation filtering to allow BFT SMaRt to work, it no longer relies on the jdk.serialFilter system property
* In NodeBasedTest remove whitespace in node directory names for consistency with cordform and driver
* Add "TLS" to createTlsServerCert() to differentiate it from future work to introduce a non-TLS variant.
*Change to using Java 8 time types for certificate validity - does introduce so unnecessary roundtrips, but makes the code significantly easier to read/follow. In particular avoids opaque integers in the code and replaces them with Duration.
