feat: update security parameters when updating the addressbook

[matteriben]

Description:

Update security parameters when updating the addressbook

Fixes #1900

[thenswan]

Hey @matteriben, thank you for your contribution here once again 🙂
Can you please explain use-case(s) for this feature more in detail? It would be great if you provide some examples of how you are planning to use it.

[matteriben]

Hey @matteriben, thank you for your contribution here once again 🙂 Can you please explain use-case(s) for this feature more in detail? It would be great if you provide some examples of how you are planning to use it.

I'd like to test using TLS with a network other than {mainnet, testnet, previewnet}. To do so, I need a way to provide the certHash in addition to the address string and accountId when configuring the client for my network.

The test case provides an example where the client is configured from an addressbook constructed for some alternative network.

        try (Client client = Client.forNetwork(Map.of())) {

            // reconfigure client network from addressbook (add new nodes)
            client.setNetworkFromAddressBook(NodeAddressBook.fromProtobuf(com.hedera.hashgraph.sdk.proto.NodeAddressBook.newBuilder()
                .addNodeAddress(nodeAddress(10001, new byte[] {10, 0, 0, 1}, "10001", new byte[] {1, 0, 1}))
                .addNodeAddress(nodeAddress(10002, new byte[] {10, 0, 0, 2}, "10002", new byte[] {1, 0, 2}))
                .build()));

            // verify security parameters in client
            assertThat(nodeAddress.apply(10001).certHash).isEqualTo(ByteString.copyFrom(new byte[]{1, 0, 1}));
            assertThat(nodeAddress.apply(10001).publicKey).isEqualTo("10001");
            assertThat(nodeAddress.apply(10002).certHash).isEqualTo(ByteString.copyFrom(new byte[]{1, 0, 2}));
            assertThat(nodeAddress.apply(10002).publicKey).isEqualTo("10002");

            // ...
        }

[matteriben]

[This concern has been addressed]

@thenswan This change may be problematic as it stands currently since it overwrites certHash (needed for TLS), and it appears that hedera-service may not provide certHash meaning with this change updating the client with the current addressbook could effectively remove certHash (by overwriting with nothing).

[matteriben]

@thenswan I updated this PR and so that the old certHash will be used in case the new addressbook is missing certHash, which currently appears to be the case when retrieving the addressbook from hedera-service directly.

I also updated the test to verify this case.

[thenswan]

@matteriben thank you for provided description and example. I reviewed everything and have a question:
Can you please take a look at this example that I made some time ago and let me know if this will suit your needs (or how your use-case is different from that)?

[matteriben]

@matteriben thank you for provided description and example. I reviewed everything and have a question: Can you please take a look at this example that I made some time ago and let me know if this will suit your needs (or how your use-case is different from that)?

@thenswan issue #1569 is related, but not the same issue. In issue #1569 the primary concern is configure the client to use a specific node which exists in the predefined address book. Having the ability to load a custom address book (including security parameters) would solve both issue #1569 and issue #1900.

PR #1570 demonstrates how to load a predefined address book then narrow the network to a single node. This is sufficient for issue #1569 but not issue #1900 because issue #1569 is dealing with nodes that exist in one of the predefined networks, where issue #1900 is dealing with a custom network that is not predefined.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[0xivanov]

LGTM

[agadzhalov]

LGTM