/** * Constructor. * * @param listenerExecutor executes callback listeners * @param certificateManager provider of certificates; it also determines which * domains this wave server regards as local wavelets. * @param federationRemote federation remote interface * @param waveMap records the waves and wavelets in memory */ @Inject WaveServerImpl(@ListenerExecutor Executor listenerExecutor, CertificateManager certificateManager, @FederationRemoteBridge WaveletFederationProvider federationRemote, WaveMap waveMap) { this.listenerExecutor = listenerExecutor; this.certificateManager = certificateManager; this.federationRemote = federationRemote; this.waveMap = waveMap; LOG.info("Wave Server configured to host local domains: " + certificateManager.getLocalDomains()); // Preemptively add our own signer info to the certificate manager SignerInfo signerInfo = certificateManager.getLocalSigner().getSignerInfo(); if (signerInfo != null) { try { certificateManager.storeSignerInfo(signerInfo.toProtoBuf()); } catch (SignatureException e) { LOG.severe("Failed to add our own signer info to the certificate store", e); } } }
final ProtocolSignerInfo psi = certificateManager.retrieveSignerInfo(sig.getSignerId());
public void testSignature() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@example.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(signedDelta); assertEquals(canonicalDelta, compare); }
/** * Test prefetchDeltaSignerInfo for multiple requests on a single domain where the first one * does not terminate. The entire request should fail. */ public void test_prefetchDeltaSignerInfo2() throws Exception { // The dead listener won't return SignerInfoPrefetchResultListener deadListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getDeadProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, deadListener); verifyZeroInteractions(deadListener); // But this will. However, it shouldn't be called since the other was added first, and only // 1 request is started per domain SignerInfoPrefetchResultListener aliveListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, aliveListener); verifyZeroInteractions(aliveListener); }
public void testRealSignature() throws Exception { manager = new CertificateManagerImpl(config, getSigner(), getRealVerifier(store), store); manager.storeSignerInfo(Certificates.getRealSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(getFakeSignedDelta()); assertEquals(compare, getFakeDelta()); }
public void testSignature_missingSignerInfo() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@example.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); manager = new CertificateManagerImpl(config, getSigner(), getVerifier(store, false), store); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); try { manager.verifyDelta(signedDelta); fail("expected UnknownSignerException, but didn't get it"); } catch (UnknownSignerException e) { // expected } catch (Exception e) { fail("expected UnknownSignerExeception, but got " + e); } }
if (certificateManager.retrieveSignerInfo(sig.getSignerId()) == null) { LOG.info("Fetching signer info " + Base64.encodeBase64(sig.getSignerId().toByteArray())); numSignerInfoPrefetched.incrementAndGet(); certificateManager.prefetchDeltaSignerInfo(federationProvider, sig.getSignerId(), getWaveletName(), deltaEndVersion, prefetchListener);
certificateManager.verifyDelta(appliedDelta.getMessage().getSignedOriginalDelta()); } catch (SignatureException e) { LOG.warning("Verification failure for " + domain + " incoming " + getWaveletName(), e);
@Override public void postSignerInfo(String destinationDomain, ProtocolSignerInfo signerInfo, PostSignerInfoResponseListener listener) { try { certificateManager.storeSignerInfo(signerInfo); } catch (SignatureException e) { String error = "verification failure from domain " + signerInfo.getDomain(); LOG.warning("incoming postSignerInfo: " + error, e); listener.onFailure(FederationErrors.badRequest(error)); return; } listener.onSuccess(); }
@Override public void submitRequest(WaveletName waveletName, ProtocolWaveletDelta delta, final SubmitRequestListener listener) { Preconditions.checkState(initialized, "Wave server not yet initialized"); if (delta.getOperationCount() == 0) { listener.onFailure("Empty delta at version " + delta.getHashedVersion().getVersion()); return; } // The serialised version of this delta happens now. This should be the only place, ever! ProtocolSignedDelta signedDelta = certificateManager.signDelta(ByteStringMessage.serializeMessage(delta)); submitDelta(waveletName, delta, signedDelta, new SubmitResultListener() { @Override public void onFailure(FederationError errorMessage) { listener.onFailure(errorMessage.getErrorMessage()); } @Override public void onSuccess(int operationsApplied, ProtocolHashedVersion hashedVersionAfterApplication, long applicationTimestamp) { listener.onSuccess(operationsApplied, CoreWaveletOperationSerializer.deserialize(hashedVersionAfterApplication), applicationTimestamp); } }); }
private Set<String> getLocalDomains() { return certificateManager.getLocalDomains(); }
public void testSignature() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@example.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(signedDelta); assertEquals(canonicalDelta, compare); }
/** * Test prefetchDeltaSignerInfo for multiple requests on a single domain where the first one * does not terminate. The entire request should fail. */ public void test_prefetchDeltaSignerInfo2() throws Exception { // The dead listener won't return SignerInfoPrefetchResultListener deadListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getDeadProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, deadListener); verifyZeroInteractions(deadListener); // But this will. However, it shouldn't be called since the other was added first, and only // 1 request is started per domain SignerInfoPrefetchResultListener aliveListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, aliveListener); verifyZeroInteractions(aliveListener); }
public void testRealSignature() throws Exception { manager = new CertificateManagerImpl(config, getSigner(), getRealVerifier(store), store); manager.storeSignerInfo(Certificates.getRealSignerInfo().toProtoBuf()); ByteStringMessage<ProtocolWaveletDelta> compare = manager.verifyDelta(getFakeSignedDelta()); assertEquals(compare, getFakeDelta()); }
public void testSignature_missingSignerInfo() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@example.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); manager = new CertificateManagerImpl(config, getSigner(), getVerifier(store, false), store); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); try { manager.verifyDelta(signedDelta); fail("expected UnknownSignerException, but didn't get it"); } catch (UnknownSignerException e) { // expected } catch (Exception e) { fail("expected UnknownSignerExeception, but got " + e); } }
certificateManager.verifyDelta(signedDelta); submitDelta(waveletName, delta, signedDelta, listener); } catch (SignatureException e) {
/** * Constructor. * * @param certificateManager knows what the local domains are * @param federationHostFactory manufactures federation host instances for * remote domains */ @Inject public WaveletNotificationDispatcher( CertificateManager certificateManager, @FederationHostBridge WaveletFederationListener.Factory federationHostFactory) { this.localDomains = certificateManager.getLocalDomains(); this.federationHostFactory = federationHostFactory; }
public void testSignature_authorNotMatching() throws Exception { ProtocolWaveletDelta delta = ProtocolWaveletDelta.newBuilder() .setHashedVersion(getProtocolHashedVersion()) .setAuthor("bob@someotherdomain.com") .build(); ByteStringMessage<ProtocolWaveletDelta> canonicalDelta = ByteStringMessage.serializeMessage(delta); ProtocolSignedDelta signedDelta = manager.signDelta(canonicalDelta); manager.storeSignerInfo(getSignerInfo().toProtoBuf()); try { manager.verifyDelta(signedDelta); fail("expected exception, but didn't get it"); } catch (SignatureException e) { // expected } }
/** * Test prefetchDeltaSignerInfo for failing requests -- the failure should be propagated to * the prefetch listener, and requests on the same domain should fail. */ public void test_prefetchDeltaSignerInfo4() throws Exception { // This will fail later SignerInfoPrefetchResultListener failListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSlowFailingProvider(ticker, EASY_TICKS), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, failListener); // This would succeed later if it weren't for the previous one failing SignerInfoPrefetchResultListener successListener = mock(SignerInfoPrefetchResultListener.class); manager.prefetchDeltaSignerInfo(getSuccessfulProvider(), getRealSignerId(), getFakeWaveletName(CertificateManagerImplTest.DOMAIN), null, successListener); verifyZeroInteractions(failListener); verifyZeroInteractions(successListener); // Both callbacks should fail after ticking ticker.tick(EASY_TICKS); verify(failListener).onFailure(GENERIC_ERROR); verify(successListener).onFailure(GENERIC_ERROR); }
@Override public void getDeltaSignerInfo(ByteString signerId, WaveletName waveletName, ProtocolHashedVersion deltaEndVersion, DeltaSignerInfoResponseListener listener) { LocalWaveletContainer wavelet = loadLocalWavelet(waveletName, listener); if (wavelet != null) { HashedVersion endVersion = CoreWaveletOperationSerializer.deserialize(deltaEndVersion); if (wavelet.isDeltaSigner(endVersion, signerId)) { ProtocolSignerInfo signerInfo = certificateManager.retrieveSignerInfo(signerId); if (signerInfo == null) { // Oh no! We are supposed to store it, and we already know they did sign this delta. LOG.severe("No stored signer info for valid getDeltaSignerInfo on " + waveletName); listener.onFailure(FederationErrors.badRequest("Unknown signer info")); } else { listener.onSuccess(signerInfo); } } else { LOG.info("getDeltaSignerInfo was not authrorised for wavelet " + waveletName + ", end version " + deltaEndVersion); listener.onFailure(FederationErrors.badRequest("Not authorised to get signer info")); } } }