Examples with NodeInfo com.quorum.tessera.partyinfo.node.NodeInfo used on opensource projects

Example 41 with NodeInfo

use of com.quorum.tessera.partyinfo.node.NodeInfo in project tessera by ConsenSys.

the class DiscoveryHelperImpl method buildCurrent.

@Override
public NodeInfo buildCurrent() {
    final URI uri = RuntimeContext.getInstance().getP2pServerUri();
    final NodeUri nodeUri = NodeUri.create(uri);
    final List<ActiveNode> activeNodes = networkStore.getActiveNodes().collect(Collectors.toList());
    Set<Recipient> recipients = activeNodes.stream().filter(a -> !a.getKeys().isEmpty()).flatMap(a -> a.getKeys().stream().map(k -> Recipient.of(k, a.getUri().asString()))).collect(Collectors.toSet());
    NodeInfo nodeInfo = NodeInfo.Builder.create().withRecipients(recipients).withUrl(nodeUri.asString()).withSupportedApiVersions(ApiVersion.versions()).build();
    LOGGER.debug("Built nodeinfo {}", nodeInfo);
    return nodeInfo;
}

Example 42 with NodeInfo

use of com.quorum.tessera.partyinfo.node.NodeInfo in project tessera by ConsenSys.

the class PartyInfoResource method getPartyInfoKeys.

@Operation(summary = "/partyinfo/keys", operationId = "getPartiesPublicKeys", description = "get public keys of all known nodes in the network, including the server's own keys")
@ApiResponse(responseCode = "200", description = "known nodes' public keys", content = @Content(schema = @Schema(implementation = GetPublicKeysResponse.class)))
@GET
@Path("/keys")
@Produces(MediaType.APPLICATION_JSON)
public Response getPartyInfoKeys() {
    final NodeInfo current = this.discovery.getCurrent();
    final JsonArrayBuilder recipientBuilder = Json.createArrayBuilder();
    current.getRecipients().stream().map(recipient -> Json.createObjectBuilder().add("key", recipient.getKey().encodeToBase64()).build()).forEach(recipientBuilder::add);
    final String output = Json.createObjectBuilder().add("keys", recipientBuilder.build()).build().toString();
    return Response.status(Response.Status.OK).entity(output).build();
}

Example 43 with NodeInfo

use of com.quorum.tessera.partyinfo.node.NodeInfo in project tessera by ConsenSys.

the class PartyInfoResource method partyInfo.

/**
 * Update the local partyinfo store with the encoded partyinfo included in the request.
 *
 * @param payload The encoded partyinfo information pushed by the caller
 * @return an empty 200 OK Response if the local node is using remote key validation; a 200 OK
 *     Response wrapping an encoded partyinfo that contains only the local node's URL if not using
 *     remote key validation; a 500 Internal Server Error if remote key validation fails
 */
@Operation(summary = "/partyinfo", operationId = "broadcastPartyInfo", description = "broadcast partyinfo information to server")
@ApiResponse(responseCode = "200", description = "server successfully updated its party info", content = @Content(array = @ArraySchema(schema = @Schema(description = "empty if server is using remote key validation, else is encoded partyinfo object containing only the server's URL", type = "string", format = "byte"))))
@ApiResponse(responseCode = "500", description = "Validation failed (if server is using remote key validation)")
@POST
@Consumes(MediaType.APPLICATION_OCTET_STREAM)
@Produces(MediaType.APPLICATION_OCTET_STREAM)
public Response partyInfo(@RequestBody(required = true, description = "partyinfo object") final byte[] payload, @HeaderParam(Constants.API_VERSION_HEADER) @Parameter(description = "client's supported API versions", array = @ArraySchema(schema = @Schema(type = "string"))) final List<String> headers) {
    final PartyInfo partyInfo = partyInfoParser.from(payload);
    final Set<String> versions = Optional.ofNullable(headers).orElse(emptyList()).stream().filter(Objects::nonNull).flatMap(v -> Arrays.stream(v.split(","))).collect(Collectors.toSet());
    final NodeInfo nodeInfo = NodeInfoUtil.from(partyInfo, versions);
    LOGGER.debug("Received PartyInfo from {}", partyInfo.getUrl());
    if (!enableKeyValidation) {
        LOGGER.debug("Key validation not enabled, passing PartyInfo through");
        discovery.onUpdate(nodeInfo);
        partyInfo.getParties().stream().map(Party::getUrl).map(NodeUri::create).map(NodeUri::asURI).forEach(partyStore::store);
        // create an empty party info object with our URL to send back
        // this is used by older versions (before 0.10.0), but we don't want to give any info back
        final PartyInfo emptyInfo = new PartyInfo(discovery.getCurrent().getUrl(), emptySet(), emptySet());
        final byte[] returnData = partyInfoParser.to(emptyInfo);
        return Response.ok(returnData).build();
    }
    final PublicKey localPublicKey = enclave.defaultPublicKey();
    final Predicate<Recipient> isValidRecipient = r -> {
        try {
            LOGGER.debug("Validating key {} for peer {}", r.getKey(), r.getUrl());
            final String dataToEncrypt = UUID.randomUUID().toString();
            final EncodedPayload encodedPayload = enclave.encryptPayload(dataToEncrypt.getBytes(), localPublicKey, List.of(r.getKey()), PrivacyMetadata.Builder.forStandardPrivate().build());
            final byte[] encodedPayloadBytes = payloadEncoder.encode(encodedPayload);
            try (Response response = restClient.target(r.getUrl()).path("partyinfo").path("validate").request().post(Entity.entity(encodedPayloadBytes, MediaType.APPLICATION_OCTET_STREAM))) {
                LOGGER.debug("Response code {} from peer {}", response.getStatus(), r.getUrl());
                final String responseData = response.readEntity(String.class);
                final boolean isValid = Objects.equals(responseData, dataToEncrypt);
                if (!isValid) {
                    LOGGER.warn("Validation of key {} for peer {} failed.  Key and peer will not be added to local partyinfo.", r.getKey(), r.getUrl());
                    LOGGER.debug("Response from {} was {}", r.getUrl(), responseData);
                }
                return isValid;
            }
        // Assume any and all exceptions to mean invalid. enclave bubbles up nacl array out of
        // bounds when calculating shared key from invalid data
        } catch (Exception ex) {
            LOGGER.debug(null, ex);
            return false;
        }
    };
    final String partyInfoSender = partyInfo.getUrl();
    final Predicate<Recipient> isSender = r -> NodeUri.create(r.getUrl()).equals(NodeUri.create(partyInfoSender));
    // Validate caller and treat no valid certs as security issue.
    final Set<com.quorum.tessera.partyinfo.node.Recipient> validatedSendersKeys = partyInfo.getRecipients().stream().filter(isSender.and(isValidRecipient)).map(r -> com.quorum.tessera.partyinfo.node.Recipient.of(r.getKey(), r.getUrl())).collect(Collectors.toSet());
    LOGGER.debug("Validated keys for peer {}: {}", partyInfoSender, validatedSendersKeys);
    if (validatedSendersKeys.isEmpty()) {
        throw new SecurityException("No validated keys found for peer " + partyInfoSender);
    }
    // End validation stuff
    final NodeInfo reducedNodeInfo = NodeInfo.Builder.create().withUrl(partyInfoSender).withSupportedApiVersions(versions).withRecipients(validatedSendersKeys).build();
    discovery.onUpdate(reducedNodeInfo);
    partyInfo.getParties().stream().map(Party::getUrl).map(NodeUri::create).map(NodeUri::asURI).forEach(partyStore::store);
    return Response.ok().build();
}

Example 44 with NodeInfo

use of com.quorum.tessera.partyinfo.node.NodeInfo in project tessera by ConsenSys.

the class PartyInfoResourceTest method partyInfo.

@Test
public void partyInfo() {
    String url = "http://www.bogus.com";
    PublicKey myKey = PublicKey.from("myKey".getBytes());
    PublicKey recipientKey = PublicKey.from("recipientKey".getBytes());
    String message = "I love sparrows";
    byte[] payload = message.getBytes();
    Recipient recipient = Recipient.of(recipientKey, url);
    Set<Recipient> recipientList = Collections.singleton(recipient);
    PartyInfo partyInfo = new PartyInfo(url, recipientList, Collections.emptySet());
    when(partyInfoParser.from(payload)).thenReturn(partyInfo);
    when(enclave.defaultPublicKey()).thenReturn(myKey);
    when(partyInfoParser.to(partyInfo)).thenReturn(payload);
    EncodedPayload encodedPayload = mock(EncodedPayload.class);
    List<String> uuidList = new ArrayList<>();
    doAnswer((invocation) -> {
        byte[] d = invocation.getArgument(0);
        uuidList.add(new String(d));
        return encodedPayload;
    }).when(enclave).encryptPayload(any(byte[].class), any(PublicKey.class), anyList(), any(PrivacyMetadata.class));
    when(payloadEncoder.encode(encodedPayload)).thenReturn(payload);
    WebTarget webTarget = mock(WebTarget.class);
    when(restClient.target(url)).thenReturn(webTarget);
    when(webTarget.path(anyString())).thenReturn(webTarget);
    Invocation.Builder invocationBuilder = mock(Invocation.Builder.class);
    when(webTarget.request()).thenReturn(invocationBuilder);
    Response response = mock(Response.class);
    when(response.getStatus()).thenReturn(200);
    doAnswer((invocation) -> uuidList.get(0)).when(response).readEntity(String.class);
    when(invocationBuilder.post(any(Entity.class))).thenReturn(response);
    Response result = partyInfoResource.partyInfo(payload, List.of("v1,v2"));
    assertThat(result.getStatus()).isEqualTo(200);
    verify(partyInfoParser).from(payload);
    verify(enclave).defaultPublicKey();
    verify(enclave).encryptPayload(any(byte[].class), any(PublicKey.class), anyList(), any(PrivacyMetadata.class));
    verify(payloadEncoder).encode(encodedPayload);
    verify(restClient).target(url);
    ArgumentCaptor<NodeInfo> argCaptor = ArgumentCaptor.forClass(NodeInfo.class);
    verify(discovery).onUpdate(argCaptor.capture());
    final NodeInfo nodeInfo = argCaptor.getValue();
    assertThat(nodeInfo).isNotNull();
    assertThat(nodeInfo.getUrl()).isEqualTo(url);
    assertThat(nodeInfo.supportedApiVersions()).containsExactlyInAnyOrder("v1", "v2");
}

Example 45 with NodeInfo

use of com.quorum.tessera.partyinfo.node.NodeInfo in project tessera by ConsenSys.

the class PartyInfoBroadcasterTest method exceptionThrowByPostDoesntBubble.

@Test
public void exceptionThrowByPostDoesntBubble() {
    final NodeInfo partyInfo = NodeInfo.Builder.create().withUrl(OWN_URL).build();
    when(partyStore.getParties()).thenReturn(Set.of(URI.create(TARGET_URL), URI.create(TARGET_URL_2)));
    doReturn(partyInfo).when(discovery).getCurrent();
    doThrow(UnsupportedOperationException.class).when(p2pClient).sendPartyInfo(TARGET_URL, DATA);
    final Throwable throwable = catchThrowable(partyInfoBroadcaster::run);
    assertThat(throwable).isNull();
    verify(partyStore).loadFromConfigIfEmpty();
    verify(partyStore).getParties();
    verify(p2pClient).sendPartyInfo(TARGET_URL, DATA);
    verify(p2pClient).sendPartyInfo(TARGET_URL_2, DATA);
    verify(discovery).getCurrent();
    verify(partyInfoParser).to(any(PartyInfo.class));
}