IdentityService.partyFromKey should check key to party mapping rather than key to party and cert mapping

Description

The new confidential identities work generates keys that belong to parties but do not have a corresponding certificate. The persistent identity service uses two database tables to represent this: one which maps keys to parties (which is new), and one which maps keys to PartyAndCertificates (which was present before the confidential identities work).

The IdentityService interface has a partyFromKey method that should return the party to which a key belongs. However, this checks the key to party and certificate mapping, and as a result cannot find parties for keys that do not have a certificate.

After discussing with , the proposed fix is to change this method to check the new table. (An alternative approach would be to deprecate this API and suggest using wellKnownPartyFromAnonymous instead, but it was decided that partyFromKey was a more obvious name for what the API does.)

Status

Assignee

James Paton

Reporter

James Higgs

Priority

Medium

Fix versions

Ported to...

Corda 4.3
Corda Enterprise 4.3

Feature Team

Vanguard

CVSS Vector

None

Severity

High

Affects versions

Configure