Upgrade bouncy castle to v1.75. This involved a change in maven
coordinates for other modules.
Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com>
* add new class to reflection config
* move CLI output to be system-err oriented
* make logger in evmtool nop
* exclude some problematic jars from compilation
- mixed versions of bouncy castle
- netty initializations of log4j
* Standardize JSON ObjectMapper Construction
* Add some manual mappings
* Directly instantiate crypto algorithms where appropriate
Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com>
* update to 2.4.1
* update use of DNS daemon with Vertx
* fix issue with Bytes.repeat
* update antlr version
* fix dns tests
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
---------
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com>
Refactor crypto, datatypes, and plugin-api to reduce plugin APIs in the EVM.
Split crypto into crypto services and crypto algorithms
Reverse the dependency between datatyps and plugin-api.
Remove plugin Hash and Address types (use datatypes)
Move PublicKey and Quantity into datatypes.
Lots of changes to imports and build files, and some fromPlugin calls removed.
Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com>
Signed-off-by: Danno Ferrin <danno.ferrin@shemnon.com>
Co-authored-by: Justin Florentine <justin+github@florentine.us>
Changes and config to support using GraalVM AOT to compile and
execute evmTool as an alternate configuration.
While not as long-term performant the startup time
makes filling reference tests with Besu reasonable.
Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com>
- Added missing javadocs so that javadoc doclint passes against JDK 17 (invoke by Besu gradle build).
- Exclude following packages from javadoc lint:
org.hyperledger.besu.privacy.contracts.generated
org.hyperledger.besu.tests.acceptance.*
- Temporarily exclude ethereum and evm submodule for doc lint checks.
- Run the javadoc task using GitHub actions (use Java 17) to report any javadoc errors during the PR builds
- Updating plugin-api build.gradle with new hash as javadoc comments caused it to change
Signed-off-by: Usman Saleem <usman@usmans.info>
Increate the speed of ModExp gas calculations by using primitive types.
Use a native lib for modexp precompile.
Signed-off-by: Danno Ferrin <danno.ferrin@swirldslabs.com>
* Native modexp
Add java module info to the manifests of the following libraries used by the Besu EVM
./crypto - org.hyperledger.besu.internal.Crypto
./ethereum/rlp - org.hyperledger.besu.internal.Rlp
./util - org.hyperledger.besu.internal.Util
./datatypes - org.hyperledger.besu.Datatypes
./evm - org.hyperledger.besu.Evm
./plugin-api - org.hyperledger.besu.PluginApi
Signed-off-by: Mustafa Uzun <mustafa.uzun@limechain.tech>
* Reduce EVM library dependencies
Reduce the runtime dependencies of the EVM module by moving a
class used by a single class out of util to the owned module (QosTimer)
and them removing un-used dependencies from EVM and dependant modules.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Fix two operand stack tests
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Remove unreachable assert
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Replace expected annotation field with assert
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Extract variables to let only a single call for assert
Signed-off-by: Diego López León <dieguitoll@gmail.com>
Co-authored-by: Sally MacFarlane <sally.macfarlane@consensys.net>
Change the unit test execution to use the Junit5 JUnitPlatform. This
allows for a mix of junit 4 and junit 5 tests and for a gradual
migration to junit 5 instead of a big bang. One class depended on
junit 4 exceptions and was updated. Two tests depending on
native libraries fail gracefully on mac (and only mac).
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Bump SLF4J version
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Replace log4j2 API with SLF4j API
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Replace usage of LogManager#getFormatterLogger
This is for keeping compatibility with SLF4J. If neccesary, a specific formatter can be created for the RlpBlockImporter class
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Unset the default logging value for the retesteth
This is because it's not possible to resolve the root logger level into a Log4J2 field
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Prevent creation of Logger context outside SLF4J
org.hyperledger.besu.cli.BesuCommand#setAllLevels was taken from
https://github.com/apache/logging-log4j2/blob/rel%2F2.17.1/log4j-core/src/main/java/org/apache/logging/log4j/core/config/Configurator.java#L309
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Add FATAL level deprecation message
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* [Sonar] Fix java:S2139
Exceptions should be either logged or rethrown but not both
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* [Sonar] Fix java:S3457
Printf-style format strings should be used correctly
Signed-off-by: Diego López León <dieguitoll@gmail.com>
* Add changelog
Signed-off-by: Diego López León <dieguitoll@gmail.com>
The NodeKeyTest might fail in case the SignatureAlgorithmFactory has an
instance already set from some previous test.
Signed-off-by: Jiri Peinlich <jiri.peinlich@gmail.com>
Co-authored-by: Sally MacFarlane <sally.macfarlane@consensys.net>
* Gradle 7.2 upgrade / Java 17 Build Support
* Upgrade to Gradle 7.2, which supports Java 17
* Regenerate gradlew script and wrapper (as recommended)
* Suppress the removal warning for `AccessController` for now
* Update the JMH version to get rid of Gradle deprecation warning
* Add spotless `targetExcludes` so it won't re-format submodules
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Upgrade to Apache Tuweni 2.0
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Remove intermediate repository
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Remove all occurrences of toBytes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Migrate to tuweni-bytes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* add changelog
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* correct reference tests
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Initial API changes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* more changes
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Change APIs for VM ops
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Use constant UInt256.ONE
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* Optimize a bit address <> word transformation
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* spotless
Signed-off-by: Antoine Toulme <antoine@lunar-ocean.com>
* don't set SECP256R1 as signature algorithm instance in the tests, only use it when the nodes are started as their own processes
Signed-off-by: Daniel Lehrner <daniel@io.builders>
* renamed some variables for better readability
Signed-off-by: Daniel Lehrner <daniel@io.builders>
Fetching the hash from the java security providers is often longer than
the hashing itself, so we should cache results from the providers in a
reusable fashion.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Remove all but 4 log4j2.xml config files
* The main config for the besu CLI app
* The config for the evmTool CLI app
* The config for acceptance tests
* A config in testUtil
If any tests depend on a log4j file they should import testutil.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Adding the Log4j "jul" (java.util.logging) adapter resulted in many
messages like this at startup:
`main INFO Registered Log4j as the java.util.logging.LogManager.`
These come from the Log4j status logger. We can get rid of those by
setting the status attribute on all configurations to a higher logging
level. WARN is the next higher level.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Allows nodes in a network to not strictly prefer older peers. This
helps break up impenetrable cliques in small, stable networks (private
networks often fit this description). We generate a random mask for the
lifetime of the process and use that to xor against the nodeId of a
potential peer. The desired behavior of the network is that some of the
nodes will allow the new peer to make an inbound connection but that
peer can't try to farm a nodeId that would make prioritize it over all
other peers in a guaranteed fashion.
Signed-off-by: Ratan Rai Sur <ratan.r.sur@gmail.com>
Upgrade to ErrorProne 2.4.0
* public constructors on abstract classes are removed
* Javadoc must have meaningfull documentation
* lambdas should not be variables
* Added to the list of confusing inner class names (Entry and Type)
* no assert keyword in tests
* Obsolete JDK classes produce errors now
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
* Indicate that it is the node public key displayed in the log
feat: add `public` in key pair loading for clarity purpose
Signed-off-by: Alexandre PARIS-VERGNE <alexpv14@gmail.com>
Introduced Security Module Plugin API. This allows to switch to a different security module provider to provide cryptographic function that can be used by NodeKey (such as sign, ECDHKeyAgreement etc.). By default register KeyPairSecurityModule otherwise attempt to load Security Module via plugin API.
CLI Options:
--security-module=<name>. (defaults to localfile)
Signed-off-by: Usman Saleem <usman@usmans.info>
Enable native encryption by default, but retain the feature flags. The problem with acceptance tests is that the new native libraries added some startup overhead, which when translated to starting up 12 nodes on the same vm resulted in longer time getting to a testable state. Start up timeout was increased to 60 seconds.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Via JNA use native scep256k1 and altbn128 libraries.
This is gated by two feature flags and is disabled by default.
* `--Xsecp256k1-native-enabled` enables native secp256k1 across all of besu
* `--Xaltbn128-native-enabled` enables native altbn128 in the precompiled contracts
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>
Security frameworks create signatures of 64-bytes (for a 256-bit keys) - and do not produce the recId.
Furthermore, the signatures created maybe in the upper-half of the curve, which is illegal under Ethereum.
As these checks must be applied to signatures generated by the jce, it is prudent to separate the concept of signature generation, from the post-operations.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
This change allows the newly defined "SecurityModule" to work against a generic API, while the NodeKey interface adapts these generic types to the types already used throughout Besu (i.e. those defined in Secp256k1).
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
It was identified that during the creation of injectable crypto, that the NodeKey effectively offered duplicated functionality between ECDH and ECIES key agreements. The ECIES was superfluous and has been removed.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Update the Handhshaking classes to use an injected NodeKey object for ECIES encryption.
This has necessitated an update of NodeKey to support the creation of Key and ECIES agreement creation.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Currently, Besu injects a KeyPair from the initial entry, through the hierarchy of classes and into various leaf classes. The leaf classes then execute statically defined cryptographic functions (eg Secp256k1.sign) using the injected key.
Thus the implementation of the cryptographic function is hardcoded by the leaf node, and cannot be injected - and thus its implementation cannot be altered.
This change combines the node's KeyPair with associated cryptographic functions in a single class, which can then be injected. This in turn enables other cryptographic backends to be utilised by Besu.
Signed-off-by: Trent Mohay <trent.mohay@consensys.net>
Removes as many Gradle 7.0 compatibility issues as possible
* `baseName` -> `archiveBaseName`
* `extension` -> `archiveExtension`
* `destinationDir` -> `destinationDirectory`
* `runtime` -> `runtimeOnly`
* Change some log4j-api and log4j-core dependencies
* Remove an unneeded and outdated plugin (`net.ltgt.apt`)
* tweak the plugin-api change detector's property annotations.
Warnings still exist with one external plugin used for license file
checking that we do not control the source code for.
Signed-off-by: Danno Ferrin <danno.ferrin@gmail.com>