Commit Graph

8521 Commits

Author SHA1 Message Date
Andras Slemmer
f42e7d35c7 sgx: Add LD_LIBRARY_PATH for sign_helper 2017-06-15 18:12:08 +01:00
Andras Slemmer
5f2d6f8877 sgx: Remove section on key overwriting 2017-06-15 15:17:25 +01:00
Andras Slemmer
39942b9ce2 sgx: Fix hsm-tool CLI parsing, increase key generation timeout window, add IntelWhitelistFormInstructions.md 2017-06-15 15:11:46 +01:00
Andras Slemmer
c8c8c8eb66 sgx: Fix libprotobuf linking when SGX_USE_HARDWARE=TRUE, write pretty printed hsm sigstruct 2017-06-15 14:10:26 +01:00
Andras Slemmer
4e38d45a41 Address comments #2 2017-06-15 12:04:59 +01:00
Andras Slemmer
904252c0bb HSM works 2017-06-15 11:17:11 +01:00
Matthew Nesbit
294dc41fe6 Add a tool that connects to the HSM and creates signatures suitable for SGX enclave signing. 2017-06-15 11:17:11 +01:00
Andras Slemmer
3d8581a946 Add noop-enclave 2017-06-15 11:17:11 +01:00
Andrius Dagys
759cb6da04 Pass ports instead of hostAndPorts to the message broker. Pass an address for the NodeMessagingClient to advertise to the network map service. 2017-06-12 18:08:47 +02:00
Patrick Kuo
ae691ab4e0 Merged in pat-doorman-name-constraints (pull request #34)
Doorman now issue CA to client with name constraint.

* Doorman now issue CA to client with name constraint.

* address PR issues

Approved-by: Matthew Nesbit <matthew.nesbit@r3cev.com>
2017-06-12 16:26:00 +02:00
Andrius Dagys
cdb222cff2 Node can be configured to use an external relay for non-whitelisted inbound TCP connections.
It creates a SSH tunnel with the relay machine and forwards a remote port to the local message broker port.
2017-06-12 16:25:54 +02:00
Mike Hearn
782d4bd731 Merge commit '246de55433f747707b2d0dd6299437c664ea933d' into mike-enterprise-remerge
Includes API updates to the doorman code.
2017-06-12 16:25:30 +02:00
Patrick Kuo
246de55433 Create client CA certificate with X509 name constraint (#731)
* The node will be issued a CA certificate with name constraint which will allow the node to create keys with a valid certificate chain.
2017-05-24 16:13:37 +01:00
Andrzej Cichocki
bbe4c170c2 BFT notary demo (#725)
* Rename raft-notary-demo project to notary-demo
* Refactor serialisation filtering to allow BFT SMaRt to work, it no longer relies on the jdk.serialFilter system property
* In NodeBasedTest remove whitespace in node directory names for consistency with cordform and driver
2017-05-24 12:25:06 +01:00
Andrius Dagys
376a9d399f Merge remote-tracking branch 'open/master' 2017-05-24 12:19:49 +01:00
Chris Rankin
375392d32d Compile caplets against correct version of capsule. (#732) 2017-05-24 09:58:33 +01:00
Chris Rankin
179eccdd20 Modify how Gradle creates capsules: (#730)
- Better Gradle dependency management.
- Remove empty module jars from the capsules.
2017-05-23 18:04:20 +01:00
Ross Nicoll
36a091dd6a Add support for X509Certificate and CertPath serialization 2017-05-23 15:42:11 +01:00
Shams Asari
b8755ccdb2 Merge pull request #711 from corda/shams-retryableexception
Made RetryableExeption a FlowException and reverted UnknownFix to be …
2017-05-23 13:56:54 +01:00
Roger Willis
6f9cdb92c7 This function previously ALWAYS returned true providing the checkList wasn't empty. (#727) 2017-05-23 13:04:20 +01:00
Shams Asari
b8eb4448c8 Made RetryableExeption a FlowException and reverted UnknownFix to be retryable 2017-05-23 12:05:55 +01:00
Ross Nicoll
47d3415d20 X509Utilities API changes (#723)
* Add "TLS" to createTlsServerCert() to differentiate it from future work to introduce a non-TLS variant.
*Change to using Java 8 time types for certificate validity - does introduce so unnecessary roundtrips, but makes the code significantly easier to read/follow. In particular avoids opaque integers in the code and replaces them with Duration.
2017-05-22 14:57:22 +01:00
Chris Rankin
975866590b Prevent DemoBench hanging on shutdown (#722)
* We need to close the RPC client as otherwise the rpc-client-reaper-* thread is leaked, which also prevents shutdown. Sleep instead when the server exits, just long enough for the client to realise that the server is dead.
* Fix warning about leaking private types.
2017-05-22 12:18:53 +01:00
Chris Rankin
3c89e65924 Add verifier classes to the standalone jar. (#707)
Also build the standalone jar by default.
2017-05-22 12:11:31 +01:00
Konstantinos Chalkias
53276c1f06 faster key encoding/decoding and generic converters between key implementations 2017-05-22 11:14:05 +01:00
Gavin Thomas
1bc4c490bc Updated Azure documentation to better describe new Azure multi node offering (#709)
* Intro changes for multi node Azure deployment, more to do

* Updated text on running Azure wizard and starting writing how to use Yo CorDapp

* All text updated for Corda multi node offering in Azure

* Images for Azure multi node documentation

* Update link to Yo CorDapp video

* Fixed some typos

* Added further info on validating notary

* Changed Yo CorDapp info to manually load it since it is not pre-loaded

* Updated screenshot for Azure multi node step 2

* Uploaded yo_peers screenshot for Azure documentation

* Corda banner screenshot

* Screen shot of Corda syslog

* updated screenshot for Azure setup step3

* Updated text to account for M10 and improved notes on using Yo CorDapp

* typos fixed

* screenshot of api/yo/yos output

* Removed section on using shell because appears to crash to API

* New yo peers output screenshot

* Updated peers screenshot and example

* Minor changes following review by Joel

* Added guidance to login to portal.azure.com first
2017-05-19 17:15:54 +01:00
Mike Hearn
7244f2eeea Temp hack to fix DemoBench in master: leak the RPC connections when a node shuts down to avoid a hang. 2017-05-19 16:45:22 +02:00
Mike Hearn
77043e622d Minor: tweaks to the changelog entry for private key signing changes. 2017-05-19 16:45:22 +02:00
Mike Hearn
9a651906bc Publish cordform-common module to bintray and Maven Local. 2017-05-19 16:45:22 +02:00
Mike Hearn
207d3b0b8f Vault: any state that has us as a participant is relevant. 2017-05-19 16:45:22 +02:00
Mike Hearn
c7b751d6a5 Minor: add another convenience c'tor to FinalityFlow 2017-05-19 16:45:22 +02:00
Mike Hearn
839cc04844 Minor: MappedSchema is now open rather than abstract (it had no abstract members) 2017-05-19 16:45:22 +02:00
Mike Hearn
8d538e14a0 Minor: add a doc for the "using" infix function. 2017-05-19 16:45:22 +02:00
Mike Hearn
8dde7757f1 Minor: downgrade another spammy error to warning. 2017-05-19 16:45:22 +02:00
Mike Hearn
b461a89ac1 Whitelist some more java.time types for serialisation. 2017-05-19 16:45:22 +02:00
Mike Hearn
c79f369c83 Minor: degrade a log.error to a log.warn as errors get written to the console. 2017-05-19 16:45:22 +02:00
Mike Hearn
3f7acd3c68 Minor: just print the X.500 name in Party toString not base58 key too.
It's kind of annoying to have the big binary blog in the toString, which is often used for UI/debug purposes.
2017-05-19 16:45:22 +02:00
Mike Hearn
1c92d554e0 Minor: print a more useful error if you mess up your cordform config. 2017-05-19 16:45:22 +02:00
Mike Hearn
980d3455bd Minor: extra javadocs for Timestamp 2017-05-19 16:45:22 +02:00
Mike Hearn
e141fc1549 Minor: suppress some warnings and wrap an exception in the Jackson code. 2017-05-19 16:45:22 +02:00
Mike Hearn
07e01388d2 Minor: add more javadoc 2017-05-19 16:45:22 +02:00
Mike Hearn
3636f137b0 Minor: add a unit test for the StringToMethodParser code as used with c'tors. 2017-05-19 16:45:22 +02:00
Mike Hearn
e67521796f NodeRunner/Mac: java_home does not expect to be given a full path to the Java binary, and at the point we get here, we know the full JVM path anyway so we don't need the wrapper. 2017-05-19 16:45:22 +02:00
Mike Hearn
a5be12a81b Minor: print org name at startup instead of full X.500 name. 2017-05-19 16:45:22 +02:00
Mike Hearn
1e1ebf1370 In CollectSignaturesFlow wrap ISE/IAE/AE in FlowException so the other side can find out the details of what check failed. 2017-05-19 16:45:22 +02:00
Ross Nicoll
794ce03958 Remove mock identity service
Remove mock identity service and merge it with the in memory identity service. The two services
provide extremely similar functionality, and having two different version for production/test
risks subtle implementation differences. On that note, this patch includes changes to a number
of tests which worked only with mock identity service.
2017-05-19 11:22:47 +01:00
Matthew Nesbit
d288fcc979 Merge pull request #699 from corda/mnesbit-keymanagementservice-improvements
Do not expose PrivateKeys from KeyManagementService
2017-05-19 09:52:09 +01:00
Matthew Nesbit
05a97b11f3 First cut at removing PrivateKey leakage from KeyManagementService
Fixup after rebase

Restore original key property names

Fixup after rebase

Undo extra import that IntelliJ keeps erroneously adding.

Add comments and fix docs for transaction signing.

Fixes after rebase

More fixes after rebase

Address PR requests

Address PR requests
2017-05-18 17:34:04 +01:00
Clinton Alexander
ccbe76eb84 Chinese whitepapers added to the docsite. 2017-05-18 16:12:26 +01:00
Andrzej Cichocki
c8d71a96f5 One demo definition for both IntelliJ and gradle (#697)
* Raft notary demo now defined in one place that both IntelliJ/driver and gradle/runnodes can run
* New module cordform-common for code common to cordformation and corda
* Add single notary demo
2017-05-18 15:58:35 +01:00