Validations update #199
Validations update #199
Conversation
proto/compliance/tx.proto
Outdated
| @@ -21,10 +21,10 @@ message MsgCertifyModel { | |||
| int32 vid = 2 [(gogoproto.moretags) = "validate:\"gte=1,lte=65535\""]; | |||
| int32 pid = 3 [(gogoproto.moretags) = "validate:\"gte=1,lte=65535\""]; | |||
| uint32 software_version = 4; | |||
| string software_version_string = 5 [(gogoproto.moretags) = "validate:\"required\""]; | |||
| string software_version_string = 5 [(gogoproto.moretags) = "validate:\"required,max=10\""]; | |||
There was a problem hiding this comment.
I believe software_version_string should be 64 as in ModelVersion and the spec (please fix for all occurrences)
proto/compliance/tx.proto
Outdated
| uint32 c_d_version_number = 6 [(gogoproto.moretags) = "validate:\"gte=0,lte=65535\""]; | ||
| string certification_date = 7 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string certification_type = 8 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string certification_type = 8 [(gogoproto.moretags) = "validate:\"required,max=100\""]; | ||
| string reason = 9; |
There was a problem hiding this comment.
Please add max restriction for the reason field.
proto/compliancetest/tx.proto
Outdated
| string software_version_string = 5 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string test_result = 6 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string software_version_string = 5 [(gogoproto.moretags) = "validate:\"required,max=10\""]; | ||
| string test_result = 6 [(gogoproto.moretags) = "validate:\"required,max=256\""]; |
There was a problem hiding this comment.
I believe test result may contain quite a lot of info, so 256 is too small.
Let's constrain it to 10 MB, so max=10*1024*1024
proto/pki/tx.proto
Outdated
| @@ -21,51 +21,51 @@ service Msg { | |||
|
|
|||
| message MsgProposeAddX509RootCert { | |||
| string signer = 1 [(cosmos_proto.scalar) = "cosmos.AddressString", (gogoproto.moretags) = "validate:\"required\""]; | |||
| string cert = 2 [(gogoproto.moretags) = "validate:\"required\""]; | |||
| string cert = 2 [(gogoproto.moretags) = "validate:\"required,max=3500000\""]; | |||
There was a problem hiding this comment.
Let's constraint to 10MB (10 * 1024 * 1024)
proto/pki/tx.proto
Outdated
| string subject = 2 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string subject_key_id = 3 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string subject = 2 [(gogoproto.moretags) = "validate:\"required,max=50\""]; | ||
| string subject_key_id = 3 [(gogoproto.moretags) = "validate:\"required,max=150\""]; |
There was a problem hiding this comment.
According to https://www.rfc-editor.org/rfc/rfc3280#section-4.2.1.2
subject key ID should be either 160 bit or 60 bit. So, 150 may be too small.
It looks like other ways of generation of subject_key_id are also possible.
So, let's assign max=256.
proto/pki/tx.proto
Outdated
| } | ||
|
|
||
| message MsgProposeAddX509RootCertResponse { | ||
| } | ||
|
|
||
| message MsgApproveAddX509RootCert { | ||
| string signer = 1 [(cosmos_proto.scalar) = "cosmos.AddressString", (gogoproto.moretags) = "validate:\"required\""]; | ||
| string subject = 2 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string subject_key_id = 3 [(gogoproto.moretags) = "validate:\"required\""]; | ||
| string subject = 2 [(gogoproto.moretags) = "validate:\"required,max=50\""]; |
There was a problem hiding this comment.
Too small. Look at https://crypto.stackexchange.com/questions/54148/does-maximum-length-of-cn-in-a-x509-cert-include-the-length-of-the-oids and https://www.rfc-editor.org/rfc/rfc3280#section-4.1.2.6.
Let's restrict to some reasonably high value. For example, 1024 (1KB)
No description provided.