mirror of
https://github.com/corda/corda.git
synced 2024-12-18 20:47:57 +00:00
0091807c2f
The various crypto tests that were previously ignored have been re-enabled. The abandoned i2p EdDSA library has been replaced with native support that was added in Java 15. Java 17 (via the `SunEC` provider) does not support the secp256k1 curve (one of the two ECDSA curves supported in Corda). This would not normally have been an issue as secp256k1 is already taken care of by Bouncy Castle. However, this only works if the `Crypto` API is used or if `”BC”` is explicitly specified as the provider (e.g. `Signature.getInstance(“SHA256withECDSA”, “BC”)`). If no provider is specified, which is what is more common, and actually what the Java docs recommend, then this doesn’t work as the `SunEC` provider is selected. To resolve this, a custom provider was created, installed just in front of `SunEC`, which “augments” `SunEC` by delegating to Bouncy Castle if keys or parameters for secp256k1 are encountered. `X509Utilities.createCertificate` now calls `X509Certificate.verify()` to verify the created certificate, rather than using the Bouncy Castle API. This is more representative of how certificates will be verified (e.g. during SSL handshake) and weeds out other issues (such as unsupported curve error for secp256k1). `BCCryptoService` has been renamed to `DefaultCryptoService` as it no longer explicitly uses Bouncy Castle but rather uses the installed security providers. This was done to fix a failing test. Further, `BCCryptoService` was already relying on the installed providers in some places. The hack to get Corda `SecureRandom` working was also resolved. Also, as an added bonus, tests which ignored `SPHINCS256_SHA256` have been reinstated. Note, there is a slightly inconsistency between how EdDSA and ECDSA keys are handled (and also RSA). For the later, Bouncy Castle is preferred, and methods such as `toSupportedKey*` will convert any JDK class to Bouncy Castle. For EdDSA the preference is the JDK (`SunEC`). However, this is simply a continuation of the previous preference of the i2p library over Bouncy Castle.
160 lines
5.2 KiB
Groovy
160 lines
5.2 KiB
Groovy
apply plugin: 'org.jetbrains.kotlin.jvm'
|
|
apply plugin: 'org.jetbrains.kotlin.plugin.jpa'
|
|
apply plugin: 'net.corda.plugins.quasar-utils'
|
|
apply plugin: 'net.corda.plugins.api-scanner'
|
|
apply plugin: 'corda.common-publishing'
|
|
|
|
description 'Corda core'
|
|
|
|
sourceSets {
|
|
obfuscator
|
|
}
|
|
|
|
configurations {
|
|
resolvableImplementation.extendsFrom implementation
|
|
|
|
integrationTestImplementation.extendsFrom testImplementation
|
|
integrationTestRuntimeOnly.extendsFrom testRuntimeOnly
|
|
|
|
smokeTestCompile.extendsFrom compile
|
|
smokeTestRuntimeOnly.extendsFrom runtimeOnly
|
|
|
|
testArtifacts.extendsFrom(testRuntimeClasspath)
|
|
}
|
|
|
|
dependencies {
|
|
// These are exposed in our public APIs and are thus "api" dependencies
|
|
api "org.slf4j:slf4j-api:$slf4j_version"
|
|
// RxJava: observable streams of events.
|
|
api "io.reactivex:rxjava:$rxjava_version"
|
|
|
|
implementation "org.jetbrains.kotlin:kotlin-reflect:$kotlin_version"
|
|
// SLF4J: commons-logging bindings for a SLF4J back end
|
|
implementation "org.slf4j:jcl-over-slf4j:$slf4j_version"
|
|
// Guava: Google utilities library.
|
|
implementation "com.google.guava:guava:$guava_version"
|
|
// For caches rather than guava
|
|
implementation "com.github.ben-manes.caffeine:caffeine:$caffeine_version"
|
|
implementation "org.apache.commons:commons-lang3:$commons_lang3_version"
|
|
// Bouncy castle support needed for X509 certificate manipulation
|
|
implementation "org.bouncycastle:bcprov-jdk18on:${bouncycastle_version}"
|
|
// required to use @Type annotation
|
|
implementation "org.hibernate:hibernate-core:$hibernate_version"
|
|
// FastThreadLocal
|
|
implementation "io.netty:netty-common:$netty_version"
|
|
implementation "io.github.classgraph:classgraph:$class_graph_version"
|
|
|
|
testImplementation sourceSets.obfuscator.output
|
|
testImplementation "org.junit.jupiter:junit-jupiter-api:$junit_jupiter_version"
|
|
testImplementation "junit:junit:$junit_version"
|
|
testImplementation "commons-fileupload:commons-fileupload:$fileupload_version"
|
|
// Guava: Google test library (collections test suite)
|
|
testImplementation "com.google.guava:guava-testlib:$guava_version"
|
|
testImplementation "org.jetbrains.kotlin:kotlin-test:$kotlin_version"
|
|
// Hamkrest, for fluent, composable matchers
|
|
testImplementation "com.natpryce:hamkrest:$hamkrest_version"
|
|
// AssertJ: for fluent assertions for testing
|
|
testImplementation "org.assertj:assertj-core:$assertj_version"
|
|
testImplementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastle_version"
|
|
testImplementation "org.ow2.asm:asm:$asm_version"
|
|
|
|
// JDK11: required by Quasar at run-time
|
|
testRuntimeOnly "com.esotericsoftware:kryo:$kryo_version"
|
|
testRuntimeOnly "org.slf4j:slf4j-simple:$slf4j_version"
|
|
|
|
testImplementation "org.mockito.kotlin:mockito-kotlin:$mockito_kotlin_version"
|
|
testImplementation "org.mockito:mockito-core:$mockito_version"
|
|
testImplementation "org.assertj:assertj-core:$assertj_version"
|
|
testImplementation "com.natpryce:hamkrest:$hamkrest_version"
|
|
testImplementation 'org.hamcrest:hamcrest-library:2.1'
|
|
}
|
|
|
|
// TODO Consider moving it to quasar-utils in the future (introduced with PR-1388)
|
|
tasks.register('copyQuasarJar', Copy) {
|
|
from configurations.quasar
|
|
into "$project.rootProject.projectDir/lib"
|
|
rename { filename -> "quasar.jar" }
|
|
}
|
|
|
|
jar {
|
|
finalizedBy(copyQuasarJar)
|
|
archiveBaseName = 'corda-core'
|
|
archiveClassifier = ''
|
|
}
|
|
|
|
processTestResources {
|
|
inputs.files(jar)
|
|
into("zip") {
|
|
from(jar) {
|
|
rename { "core.jar" }
|
|
}
|
|
}
|
|
}
|
|
|
|
test {
|
|
maxParallelForks = (System.env.CORDA_CORE_TESTING_FORKS == null) ? 1 : "$System.env.CORDA_CORE_TESTING_FORKS".toInteger()
|
|
}
|
|
|
|
tasks.register('testJar', Jar) {
|
|
dependsOn testClasses
|
|
classifier "tests"
|
|
from sourceSets.test.output
|
|
}
|
|
|
|
// quasar exclusions upon agent code instrumentation at run-time
|
|
quasar {
|
|
excludePackages.addAll(
|
|
"antlr**",
|
|
"com.codahale**",
|
|
"com.fasterxml.**",
|
|
"com.github.benmanes.caffeine.**",
|
|
"com.google.**",
|
|
"com.lmax.**",
|
|
"com.zaxxer.**",
|
|
"net.bytebuddy**",
|
|
"io.github.classgraph**",
|
|
"io.netty*",
|
|
"liquibase**",
|
|
"nonapi.io.github.classgraph.**",
|
|
"org.apiguardian.**",
|
|
"org.bouncycastle**",
|
|
"org.codehaus.**",
|
|
"org.h2**",
|
|
"org.hibernate**",
|
|
"org.jboss.**",
|
|
"org.objenesis**",
|
|
"org.w3c.**",
|
|
"org.xml**",
|
|
"org.yaml**",
|
|
"rx**",
|
|
"io.opentelemetry.**")
|
|
}
|
|
|
|
scanApi {
|
|
excludeClasses = [
|
|
// Kotlin should probably have declared this class as "synthetic".
|
|
"net.corda.core.Utils\$toFuture\$1\$subscription\$1"
|
|
]
|
|
}
|
|
|
|
tasks.register("writeTestResources", JavaExec) {
|
|
classpath sourceSets.obfuscator.output
|
|
classpath sourceSets.obfuscator.runtimeClasspath
|
|
main 'net.corda.core.internal.utilities.TestResourceWriter'
|
|
args new File(sourceSets.test.resources.srcDirs.first(), "zip").toString()
|
|
}
|
|
|
|
artifacts {
|
|
testArtifacts testJar
|
|
}
|
|
|
|
publishing {
|
|
publications {
|
|
maven(MavenPublication) {
|
|
artifactId 'corda-core'
|
|
artifact testJar
|
|
from components.java
|
|
}
|
|
}
|
|
}
|