mirror of
https://github.com/corda/corda.git
synced 2025-01-18 10:46:38 +00:00
fc265ee472
* CORDA-3018 Allow loading an untrusted contract jar if another attachment exists that was signed with the same keys and uploaded by a trusted uploader `TransactionUtils.isAttachmentTrusted` requirements have been relaxed to allow an untrusted attachment to be loaded as long as another attachment exists that is signed by the same keys and was uploaded by a trusted uploader. The requirement of containing the same contract classes has been removed. Therefore the contents of the existing trusted attachment no longer matters. * CORDA-3018 Allow a subset/intersection of signers in `isAttachmentTrusted` Allow a subset/intersection of signers to satisfy the signer requirements of `isAttachmentTrusted`. This allows an "untrusted" attachment that is signed by one or more keys to be "trusted" as long as another trusted attachment already exists that is signed by at least one of the "untrusted" attachments signers. A cache of trusted and untrusted public keys is now held (replacing the previous cache of `List<PublicKey>`. Tests have been added to `NodeAttachmentServiceTest` to confirm that an attachment query using an `EQUAL` statement will actually return attachments that are signed by any of the keys passed into the query. Confirming this allowed an `EQUAL` query to satisfy the search that had to be done as part of this change. `MockAttachmentStorage`'s query criteria was updated to better match the real `NodeAttachmentService` implementation. * CORDA-3018 Update cache name and kdoc on `isAttachmentTrusted` * CORDA-3018 Verify that chains of trust do not occur * CORDA-3018 Switch keys around to improve chain of trust tests |
||
---|---|---|
.. | ||
src | ||
build.gradle |