* Fix two operand stack tests
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Remove unreachable assert
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Replace expected annotation field with assert
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Extract variables to let only a single call for assert
Signed-off-by: Diego López León <dieguitoll@gmail.com>
Co-authored-by: Sally MacFarlane <sally.macfarlane@consensys.net>
* Bump SLF4J version
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Replace log4j2 API with SLF4j API
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Replace usage of LogManager#getFormatterLogger
This is for keeping compatibility with SLF4J. If neccesary, a specific formatter can be created for the RlpBlockImporter class
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Unset the default logging value for the retesteth
This is because it's not possible to resolve the root logger level into a Log4J2 field
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Prevent creation of Logger context outside SLF4J
org.hyperledger.besu.cli.BesuCommand#setAllLevels was taken from
https://github.com/apache/logging-log4j2/blob/rel%2F2.17.1/log4j-core/src/main/java/org/apache/logging/log4j/core/config/Configurator.java#L309
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Add FATAL level deprecation message
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* [Sonar] Fix java:S2139
Exceptions should be either logged or rethrown but not both
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* [Sonar] Fix java:S3457
Printf-style format strings should be used correctly
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Add changelog
Signed-off-by: Diego López León <dieguitoll@gmail.com>
The NodeKeyTest might fail in case the SignatureAlgorithmFactory has an
instance already set from some previous test.
Signed-off-by: Jiri Peinlich <jiri.peinlich@gmail.com>
Co-authored-by: Sally MacFarlane <sally.macfarlane@consensys.net>
* Gradle 7.2 upgrade / Java 17 Build Support
* Upgrade to Gradle 7.2, which supports Java 17
* Regenerate gradlew script and wrapper (as recommended)
* Suppress the removal warning for `AccessController` for now
* Update the JMH version to get rid of Gradle deprecation warning
* Add spotless `targetExcludes` so it won't re-format submodules
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Upgrade to Apache Tuweni 2.0
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Remove intermediate repository
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Remove all occurrences of toBytes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Migrate to tuweni-bytes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* add changelog
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* correct reference tests
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Initial API changes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* more changes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Change APIs for VM ops
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Use constant UInt256.ONE
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Optimize a bit address <> word transformation
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* spotless
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* don't set SECP256R1 as signature algorithm instance in the tests, only use it when the nodes are started as their own processes
Signed-off-by: Daniel Lehrner <daniel@io.builders>
* renamed some variables for better readability
Signed-off-by: Daniel Lehrner <daniel@io.builders>
Fetching the hash from the java security providers is often longer than
the hashing itself, so we should cache results from the providers in a
reusable fashion.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Remove all but 4 log4j2.xml config files
* The main config for the besu CLI app
* The config for the evmTool CLI app
* The config for acceptance tests
* A config in testUtil
If any tests depend on a log4j file they should import testutil.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Adding the Log4j "jul" (java.util.logging) adapter resulted in many
messages like this at startup:
`main INFO Registered Log4j as the java.util.logging.LogManager.`
These come from the Log4j status logger. We can get rid of those by
setting the status attribute on all configurations to a higher logging
level. WARN is the next higher level.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Allows nodes in a network to not strictly prefer older peers. This
helps break up impenetrable cliques in small, stable networks (private
networks often fit this description). We generate a random mask for the
lifetime of the process and use that to xor against the nodeId of a
potential peer. The desired behavior of the network is that some of the
nodes will allow the new peer to make an inbound connection but that
peer can't try to farm a nodeId that would make prioritize it over all
other peers in a guaranteed fashion.
Signed-off-by: Ratan Rai Sur <ratan.r.sur@gmail.com>
Upgrade to ErrorProne 2.4.0
* public constructors on abstract classes are removed
* Javadoc must have meaningfull documentation
* lambdas should not be variables
* Added to the list of confusing inner class names (Entry and Type)
* no assert keyword in tests
* Obsolete JDK classes produce errors now
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Indicate that it is the node public key displayed in the log
feat: add `public` in key pair loading for clarity purpose
Signed-off-by: Alexandre PARIS-VERGNE <alexpv14@gmail.com>
Introduced Security Module Plugin API. This allows to switch to a different security module provider to provide cryptographic function that can be used by NodeKey (such as sign, ECDHKeyAgreement etc.). By default register KeyPairSecurityModule otherwise attempt to load Security Module via plugin API.
CLI Options:
--security-module=<name>. (defaults to localfile)
Signed-off-by: Usman Saleem <usman@usmans.info>
Enable native encryption by default, but retain the feature flags. The problem with acceptance tests is that the new native libraries added some startup overhead, which when translated to starting up 12 nodes on the same vm resulted in longer time getting to a testable state. Start up timeout was increased to 60 seconds.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Via JNA use native scep256k1 and altbn128 libraries.
This is gated by two feature flags and is disabled by default.
* `--Xsecp256k1-native-enabled` enables native secp256k1 across all of besu
* `--Xaltbn128-native-enabled` enables native altbn128 in the precompiled contracts
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Security frameworks create signatures of 64-bytes (for a 256-bit keys) - and do not produce the recId.
Furthermore, the signatures created maybe in the upper-half of the curve, which is illegal under Ethereum.
As these checks must be applied to signatures generated by the jce, it is prudent to separate the concept of signature generation, from the post-operations.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
This change allows the newly defined "SecurityModule" to work against a generic API, while the NodeKey interface adapts these generic types to the types already used throughout Besu (i.e. those defined in Secp256k1).
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
It was identified that during the creation of injectable crypto, that the NodeKey effectively offered duplicated functionality between ECDH and ECIES key agreements. The ECIES was superfluous and has been removed.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Update the Handhshaking classes to use an injected NodeKey object for ECIES encryption.
This has necessitated an update of NodeKey to support the creation of Key and ECIES agreement creation.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Currently, Besu injects a KeyPair from the initial entry, through the hierarchy of classes and into various leaf classes. The leaf classes then execute statically defined cryptographic functions (eg Secp256k1.sign) using the injected key.
Thus the implementation of the cryptographic function is hardcoded by the leaf node, and cannot be injected - and thus its implementation cannot be altered.
This change combines the node's KeyPair with associated cryptographic functions in a single class, which can then be injected. This in turn enables other cryptographic backends to be utilised by Besu.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
This was turned off a number of months ago because of long build times.
However it appears either because of code structure changes or fixed
errorprone that this finishes in a reasonable time now.
Code that violated this check is also fixed.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* adding in spdx-license-identifier & updated check for the same; removing license check from spotless
Signed-off-by: Joshua Fernandes <joshua.fernandes@consensys.net>
* Change CheckSpdxHeader to a task.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* [PAN-2842] Blake 2b tweaks
* Adjust endianess on byte payload
* f flag can have only 0 or 1
* Fewer successful vector tests
* Tests for failure and edge cases
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
BlockDataGenerator (a testing util) uses the default key generation code, which
is set to a production grade SecureRandom seed by default. However this creates
non-deterministic results with the block data.
This changes the generator for test data to use a deterministic set of key
pairs.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Don't copy collections if we don't need to. Change types higher up if needed.
* Don't use Guava's Object.equal, use Java's Objects.equals.
** add errorprone test to enforce the banning of Guava's Objects class.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Biggest change is that UnusedVariable and UnusedMethod went to WARN by
default. Since our build is a no warning build this means we either need
to turn them off or fix them. I mostly opted for the latter. Test code
was mostly fixed, unused loggers were deleted, and other shipped code
was mostly suppressed.
Two less noisy fixes to not use `SortedSet` and to use zero based
comparable results instead of -1, 0, and 1. Also a compiler nit in
errorprone was suppressed, per the description it won't affect us.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Upgrade errorprone
* Upgrade errorprone from 2.3.1 to 2.3.2
* Upgrade Jenkinsfile so that CI will use Java 11
* Suppress these new rules:
* EqualsGetClass
* ImmutableEnumChecker
* UnnecessaryParentheses
* Change code to conform to these new rules:
* BadImport
* BadInstanceof
* InconsistentHashCode
* LockNotBeforeTry
* MathAbsoluteRandom
* ModifiedButNotUsed
* UndefinedEquals
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>