From 01782d0c34ca76c9b197168cb4ecc9e0f6346829 Mon Sep 17 00:00:00 2001 From: Yash Nabar Date: Tue, 19 Dec 2023 15:01:34 +0000 Subject: [PATCH] CORE-18635 Avro schemas for session encryption operations (#1400) * CORE-18635 Avro schemas for session encryption * Split response * Remove nullability * Add alias * Fix mistake * Apply review comment * Remove context --------- Co-authored-by: Yiftach Kaplan --- .../encryption/request/DecryptRpcCommand.avsc | 23 +++++++++++++++++++ .../encryption/request/EncryptRpcCommand.avsc | 23 +++++++++++++++++++ .../response/CryptoDecryptionResult.avsc | 13 +++++++++++ .../response/CryptoEncryptionResult.avsc | 13 +++++++++++ .../response/DecryptionOpsResponse.avsc | 16 +++++++++++++ .../response/EncryptionOpsError.avsc | 12 ++++++++++ .../response/EncryptionOpsResponse.avsc | 16 +++++++++++++ gradle.properties | 2 +- 8 files changed, 117 insertions(+), 1 deletion(-) create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/DecryptRpcCommand.avsc create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/EncryptRpcCommand.avsc create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoDecryptionResult.avsc create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoEncryptionResult.avsc create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/DecryptionOpsResponse.avsc create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsError.avsc create mode 100644 data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsResponse.avsc diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/DecryptRpcCommand.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/DecryptRpcCommand.avsc new file mode 100644 index 0000000000..3f5dfb4a9b --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/DecryptRpcCommand.avsc @@ -0,0 +1,23 @@ +{ + "type": "record", + "name": "DecryptRpcCommand", + "namespace": "net.corda.data.crypto.wire.ops.encryption.request", + "doc": "Request to decrypt the given byte array", + "fields": [ + { + "name": "category", + "type": "string", + "doc": "The category of HSM e.g. ENCRYPTION_SECRET, TLS, etc." + }, + { + "name": "alias", + "type": ["null", "string"], + "doc": "The symmetric key alias." + }, + { + "name": "cipherBytes", + "type": "bytes", + "doc": "The data to decrypt." + } + ] +} \ No newline at end of file diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/EncryptRpcCommand.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/EncryptRpcCommand.avsc new file mode 100644 index 0000000000..25f3c51f39 --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/request/EncryptRpcCommand.avsc @@ -0,0 +1,23 @@ +{ + "type": "record", + "name": "EncryptRpcCommand", + "namespace": "net.corda.data.crypto.wire.ops.encryption.request", + "doc": "Request to encrypt the given byte array", + "fields": [ + { + "name": "category", + "type": "string", + "doc": "The category of HSM e.g. ENCRYPTION_SECRET, TLS, etc." + }, + { + "name": "alias", + "type": ["null", "string"], + "doc": "The symmetric key alias." + }, + { + "name": "plainBytes", + "type": "bytes", + "doc": "The data to encrypt." + } + ] +} \ No newline at end of file diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoDecryptionResult.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoDecryptionResult.avsc new file mode 100644 index 0000000000..748bf66d52 --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoDecryptionResult.avsc @@ -0,0 +1,13 @@ +{ + "type": "record", + "name": "CryptoDecryptionResult", + "namespace": "net.corda.data.crypto.wire.ops.encryption.response", + "doc": "Decryption operation response", + "fields": [ + { + "name": "plainBytes", + "type": "bytes", + "doc": "Decrypted byte array" + } + ] +} \ No newline at end of file diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoEncryptionResult.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoEncryptionResult.avsc new file mode 100644 index 0000000000..8220da9f18 --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/CryptoEncryptionResult.avsc @@ -0,0 +1,13 @@ +{ + "type": "record", + "name": "CryptoEncryptionResult", + "namespace": "net.corda.data.crypto.wire.ops.encryption.response", + "doc": "Encryption operation response", + "fields": [ + { + "name": "cipherBytes", + "type": "bytes", + "doc": "Encrypted byte array" + } + ] +} \ No newline at end of file diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/DecryptionOpsResponse.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/DecryptionOpsResponse.avsc new file mode 100644 index 0000000000..097dc64e8d --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/DecryptionOpsResponse.avsc @@ -0,0 +1,16 @@ +{ + "type": "record", + "name": "DecryptionOpsResponse", + "namespace": "net.corda.data.crypto.wire.ops.encryption.response", + "doc": "Response for crypto's decryption operations envelope", + "fields": [ + { + "name": "response", + "type": [ + "net.corda.data.crypto.wire.ops.encryption.response.CryptoDecryptionResult", + "net.corda.data.crypto.wire.ops.encryption.response.EncryptionOpsError" + ], + "doc": "Response's payload, depends on the requested operation" + } + ] +} \ No newline at end of file diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsError.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsError.avsc new file mode 100644 index 0000000000..8398f939ee --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsError.avsc @@ -0,0 +1,12 @@ +{ + "type": "record", + "name": "EncryptionOpsError", + "namespace": "net.corda.data.crypto.wire.ops.encryption.response", + "doc": "Error result while performing encryption or decryption operation.", + "fields": [ + { + "name": "errorMessage", + "type": "net.corda.data.ExceptionEnvelope" + } + ] +} diff --git a/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsResponse.avsc b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsResponse.avsc new file mode 100644 index 0000000000..20bd5bd525 --- /dev/null +++ b/data/avro-schema/src/main/resources/avro/net/corda/data/crypto/wire/ops/encryption/response/EncryptionOpsResponse.avsc @@ -0,0 +1,16 @@ +{ + "type": "record", + "name": "EncryptionOpsResponse", + "namespace": "net.corda.data.crypto.wire.ops.encryption.response", + "doc": "Response for crypto's encryption operations envelope", + "fields": [ + { + "name": "response", + "type": [ + "net.corda.data.crypto.wire.ops.encryption.response.CryptoEncryptionResult", + "net.corda.data.crypto.wire.ops.encryption.response.EncryptionOpsError" + ], + "doc": "Response's payload, depends on the requested operation" + } + ] +} \ No newline at end of file diff --git a/gradle.properties b/gradle.properties index 0110ba87b5..5cde18bd12 100644 --- a/gradle.properties +++ b/gradle.properties @@ -5,7 +5,7 @@ cordaProductVersion = 5.2.0 # NOTE: update this each time this module contains a breaking change ## NOTE: currently this is a top level revision, so all API versions will line up, but this could be moved to ## a per module property in which case module versions can change independently. -cordaApiRevision = 17 +cordaApiRevision = 18 # Main kotlin.stdlib.default.dependency = false