CORE-18620: Add authentication protocol data (#1385)

yift-r3 · web-flow · commit ccf9d8b00d75 · 2023-12-11T12:15:12.000Z
* CORE-18620: Add authentication protocol data

* Add more common fields

* Add specific revocation mode enum

* Rename header to common details

* Rename field

* Set the version to the correct version
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticatedEncryptionSessionDetails.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticatedEncryptionSessionDetails.avsc
@@ -0,0 +1,23 @@
+{
+  "type": "record",
+  "name": "AuthenticatedEncryptionSessionDetails",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "outboundSecretKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "outboundNonce",
+      "type": "bytes"
+    },
+    {
+      "name": "inboundSecretKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "inboundNonce",
+      "type": "bytes"
+    }
+ ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticatedSessionDetails.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticatedSessionDetails.avsc
@@ -0,0 +1,15 @@
+{
+  "type": "record",
+  "name": "AuthenticatedSessionDetails",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "outboundSecretKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "inboundSecretKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    }
+ ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticationProtocolCommonDetails.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticationProtocolCommonDetails.avsc
@@ -0,0 +1,106 @@
+{
+  "type": "record",
+  "name": "AuthenticationProtocolCommonDetails",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "sessionId",
+      "type": "string"
+    },
+    {
+      "name": "ourMaxMessageSize",
+      "type": "int"
+    },
+    {
+      "name": "session",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.protocol.Session"
+      ]
+    },
+    {
+      "name": "myPrivateDHKey",
+      "type": [
+        "null",
+        "string"
+      ]
+    },
+    {
+      "name": "myPublicDHKey",
+      "type": [
+        "null",
+        "bytes"
+      ]
+    },
+    {
+      "name": "peerPublicDHKey",
+      "type": [
+        "null",
+        "string"
+      ]
+    },
+    {
+      "name": "sharedDHSecret",
+      "type": [
+        "null",
+        "bytes"
+      ]
+    },
+    {
+      "name": "selectedMode",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.ProtocolMode"
+      ]
+    },
+    {
+      "name": "sharedHandshakeSecrets",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.protocol.SharedHandshakeSecrets"
+      ]
+    },
+    {
+      "name": "initiatorHelloMessage",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.InitiatorHelloMessage"
+      ]
+    },
+    {
+      "name": "responderHelloMessage",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.ResponderHelloMessage"
+      ]
+    },
+    {
+      "name": "initiatorHelloToResponderHelloBytes",
+      "type": [
+        "null",
+        "bytes"
+      ]
+    },
+    {
+      "name": "initiatorHandshakePayloadBytes",
+      "type": [
+        "null",
+        "bytes"
+      ]
+    },
+    {
+      "name": "responderHandshakePayloadBytes",
+      "type": [
+        "null",
+        "bytes"
+      ]
+    },
+    {
+      "name": "agreedMaxMessageSize",
+      "type": [
+        "null",
+        "int"
+      ]
+    }
+  ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticationProtocolInitiatorDetails.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticationProtocolInitiatorDetails.avsc
@@ -0,0 +1,56 @@
+{
+  "type": "record",
+  "name": "AuthenticationProtocolInitiatorDetails",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "protocolCommonDetails",
+      "type": "net.corda.data.p2p.crypto.protocol.AuthenticationProtocolCommonDetails"
+    },
+    {
+      "name": "step",
+      "type": {
+        "type": "enum",
+        "name": "InitiatorStep",
+        "symbols" : [
+          "INIT",
+          "SENT_MY_DH_KEY",
+          "RECEIVED_PEER_DH_KEY",
+          "GENERATED_HANDSHAKE_SECRETS",
+          "SENT_HANDSHAKE_MESSAGE",
+          "RECEIVED_HANDSHAKE_MESSAGE",
+          "SESSION_ESTABLISHED"
+        ]
+      }
+    },
+    {
+      "name": "supportedModes",
+      "type": {
+        "type": "array",
+        "items": "net.corda.data.p2p.crypto.ProtocolMode"
+      }
+    },
+    {
+      "name": "ourPublicKey",
+      "type": "string"
+    },
+    {
+      "name": "groupId",
+      "type": "string"
+    },
+    {
+      "name": "certificateCheckMode",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.protocol.CheckCertificate"
+      ]
+    },
+    {
+      "name": "initiatorHandshakeMessage",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.InitiatorHandshakeMessage"
+      ]
+    }
+  ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticationProtocolResponderDetails.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/AuthenticationProtocolResponderDetails.avsc
@@ -0,0 +1,56 @@
+{
+  "type": "record",
+  "name": "AuthenticationProtocolResponderDetails",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "protocolCommonDetails",
+      "type": "net.corda.data.p2p.crypto.protocol.AuthenticationProtocolCommonDetails"
+    },
+    {
+      "name": "step",
+      "type": {
+        "type": "enum",
+        "name": "ResponderStep",
+        "symbols" : [
+          "INIT",
+          "RECEIVED_PEER_DH_KEY",
+          "SENT_MY_DH_KEY",
+          "GENERATED_HANDSHAKE_SECRETS",
+          "RECEIVED_HANDSHAKE_MESSAGE",
+          "VALIDATED_ENCRYPTED_EXTENSIONS",
+          "SENT_HANDSHAKE_MESSAGE",
+          "SESSION_ESTABLISHED"
+        ]
+      }
+    },
+    {
+      "name": "handshakeIdentityData",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.protocol.HandshakeIdentityData"
+      ]
+    },
+    {
+      "name": "responderHandshakeMessage",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.ResponderHandshakeMessage"
+      ]
+    },
+    {
+      "name": "encryptedExtensions",
+      "type": [
+        "null",
+        "net.corda.data.p2p.crypto.internal.InitiatorEncryptedExtensions"
+      ]
+    },
+    {
+      "name": "initiatorPublicKey",
+      "type": [
+        "null",
+        "string"
+      ]
+    }
+  ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/CheckCertificate.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/CheckCertificate.avsc
@@ -0,0 +1,26 @@
+{
+  "type": "record",
+  "name": "CheckCertificate",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "truststore",
+      "type": {
+        "type": "array",
+        "items": "string"
+      }
+    },
+    {
+      "name": "revocationCheckMode",
+      "type": {
+        "type": "enum",
+        "name": "RevocationCheckMode",
+        "symbols" : [
+          "OFF",
+          "SOFT_FAIL",
+          "HARD_FAIL"
+        ]
+      }
+    }
+  ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/HandshakeIdentityData.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/HandshakeIdentityData.avsc
@@ -0,0 +1,19 @@
+{
+  "type": "record",
+  "name": "HandshakeIdentityData",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "initiatorPublicKeyHash",
+      "type": "bytes"
+    },
+    {
+      "name": "responderPublicKeyHash",
+      "type": "bytes"
+    },
+    {
+      "name": "groupId",
+      "type": "string"
+    }
+  ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/SecretKeySpec.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/SecretKeySpec.avsc
@@ -0,0 +1,15 @@
+{
+  "type": "record",
+  "name": "SecretKeySpec",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "algorithm",
+      "type": "string"
+    },
+    {
+      "name": "key",
+      "type": "bytes"
+    }
+  ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/Session.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/Session.avsc
@@ -0,0 +1,22 @@
+{
+  "type": "record",
+  "name": "Session",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "sessionId",
+      "type": "string"
+    },
+    {
+      "name": "maxMessageSize",
+      "type": "int"
+    },
+    {
+      "name": "details",
+      "type": [
+        "net.corda.data.p2p.crypto.protocol.AuthenticatedSessionDetails",
+        "net.corda.data.p2p.crypto.protocol.AuthenticatedEncryptionSessionDetails"
+      ]
+    }
+ ]
+}
diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/SharedHandshakeSecrets.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/p2p/crypto/protocol/SharedHandshakeSecrets.avsc
@@ -0,0 +1,31 @@
+{
+  "type": "record",
+  "name": "SharedHandshakeSecrets",
+  "namespace": "net.corda.data.p2p.crypto.protocol",
+  "fields": [
+    {
+      "name": "initiatorAuthKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "responderAuthKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "initiatorEncryptionKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "responderEncryptionKey",
+      "type": "net.corda.data.p2p.crypto.protocol.SecretKeySpec"
+    },
+    {
+      "name": "initiatorNonce",
+      "type": "bytes"
+    },
+    {
+      "name": "responderNonce",
+      "type": "bytes"
+    }
+  ]
+}
diff --git a/gradle.properties b/gradle.properties
@@ -9,7 +9,7 @@ cordaProductVersion = 5.2.0
 # NOTE: update this each time this module contains a breaking change
 ## NOTE: currently this is a top level revision, so all API versions will line up, but this could be moved to
 ##   a per module property in which case module versions can change independently.
-cordaApiRevision = 11
+cordaApiRevision = 12
 
 # Main
 kotlinVersion = 1.8.21
