ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-04-14 14:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
corda/experimental
History
Viktor Kolomeyko 88f368134f
ENT-2610: Separate passwords for store and for private keys in Corda OS. (#4090) 
* ENT-2610: Separate passwords for store and for private keys in Corda OS.

When it comes to KeyStores there are *2* passwords: 1 for the keyStore as a whole and separately there is one private keys within this keyStore.
Unfortunately, those 2 passwords have to be the same due to Artemis limitation, for more details please see:
`org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport.loadKeyManagerFactory`
where it is calling `KeyManagerFactory.init()` with store password.

Before change in this PR, throughout our codebase there are multiple places where we assume that storePassword is the same as keyPassword, even in the classes that have nothing to do with Artemis.
This is of course less than ideal as TLS communication may be used not only for Artemis connectivity (e.g. Bridge/Float interaction in Ent) and it is unfair to impose same passwords constraint on that communication channel.
Therefore this PR is removing this limitation and properly separating storePassword from keyPassword.

Linked Jira(https://r3-cev.atlassian.net/browse/ENT-2610) has for more background info.

Suggest to start review from `net.corda.core.crypto.X509NameConstraintsTest` to get an idea about the nature of the changes made.

* ENT-2610: Address PR input from @kchalkias

* ENT-2610: Address PR input from @kchalkias, s/privateKeyPassword/entryPassword/

* ENT-2610: Address PR input from @kchalkias, s/keyPassword/entryPassword/

In the implementation of `CertificateStoreSupplier`
2018-10-22 07:11:27 +01:00
..
avalanche
CORDA-1964: Unify versioning of the shadow plugin, and resolve more issues for Gradle 5.0. (#3918)
2018-09-13 10:55:52 +01:00
behave
CORDA-1274: Migrated usage of FastClasspathScanner to ClassGraph (#4060)
2018-10-11 19:50:26 +01:00
corda-utils
Replaced all uses of assert with require (#3309)
2018-06-06 00:31:41 +01:00
kryo-hook
Enabled warnings as errors (#3514)
2018-07-04 17:17:27 +01:00
notary-bft-smart
CORDA-535: Allow notary implementations to specify a serialization filter (#4054)
2018-10-19 11:17:20 +01:00
notary-raft
ENT-2610: Separate passwords for store and for private keys in Corda OS. (#4090)
2018-10-22 07:11:27 +01:00
quasar-hook
Enabled warnings as errors (#3514)
2018-07-04 17:17:27 +01:00
src
Enabled warnings as errors (#3514)
2018-07-04 17:17:27 +01:00
build.gradle
Updated repository lists to reduce dependency on Jitpack and removed unused repositories.
2018-09-04 11:19:03 +01:00
README.md
Disable unit test for experimental projects (#2627)
2018-02-23 20:48:39 +00:00

README.md

Experimental module

The purpose of this module is to hold code that isn't yet ready for code review, but which still wants to be refactored and kept compiling as the underlying platform changes. Code placed into experimental must eventually either be moved into the main modules and go through code review, or be deleted.

Code placed here can be committed to directly onto master at any time as long as it doesn't break the build (no compile failures or unit test failures). Any commits here that break the build will simply be rolled back.

To help reduce the build times, unit tests for experimental projects have been disabled and will NOT run alongside the whole project tests run via Gradle. Add parameter experimental.test.enable (example command is gradlew test -Dexperimental.test.enable to enable those tests.