diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 6bebdf312..6cab83ae1 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -56,8 +56,8 @@ jobs: if: needs.changes.outputs.workflows == 'true' name: Run actionlint tool to verify lint issues in GitHub actions runs-on: ubuntu-latest -# needs: -# - changes + needs: + - changes steps: - uses: actions/checkout@master - uses: reviewdog/action-actionlint@v1 diff --git a/docs/design/noc-root-cert-design.md b/docs/design/noc-root-cert-design.md index 42bfb89e0..70362aba4 100644 --- a/docs/design/noc-root-cert-design.md +++ b/docs/design/noc-root-cert-design.md @@ -13,7 +13,7 @@ A Vendor with DCL write privilege can submit a transaction to remove a NOC root ## Certificate Schema -To distinguesh NOC root certificates from others, an `isNOC` boolean field will be added to the [certificates](https://github.com/zigbee-alliance/distributed-compliance-ledger/blob/master/proto/pki/certificate.proto) schema +To distinguesh NOC root certificates from others, an `isNOC` boolean field will be added to the [certificates](https://github.com/zigbee-alliance/distributed-compliance-ledger/blob/master/proto/zigbeealliance/distributedcomplianceledger/pki/certificate.proto) schema ## Transactions diff --git a/docs/transactions.md b/docs/transactions.md index d808f8387..81babf270 100644 --- a/docs/transactions.md +++ b/docs/transactions.md @@ -1466,6 +1466,25 @@ Revoked certificates can be retrieved by using the [GET_REVOKED_CERT](#get_revok - CLI command: - `dcld tx pki revoke-noc-x509-ica-cert --subject= --subject-key-id= --serial-number= --info= --time= --revoke-child= --from=` +#### REMOVE_NOC_ICA + +**Status: Implemented** + +This transaction completely removes the given NOC ICA owned by the Vendor from the ledger. +Removed NOC ICA certificates can be re-added using the [ADD_NOC_ICA](#add_noc_ica) transaction. + +- Who can send: Vendor account + - Vid field associated with the corresponding NOC certificate on the ledger must be equal to the Vendor account's VID. +- Validation: + - a NOC ICA Certificate with the provided `subject` and `subject_key_id` must exist in the ledger. +- Parameters: + - subject: `string` - base64 encoded subject DER sequence bytes of the certificate. + - subject_key_id: `string` - certificate's `Subject Key Id` in hex string format, e.g., `5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB`. + - serial_number: `optional(string)` - certificate's serial number. If not provided, the transaction will remove all certificates that match the given `subject` and `subject_key_id` combination. +- CLI command: + - `dcld tx pki remove-noc-x509-ica-cert --subject= --subject-key-id= --from=` + + #### GET_NOC_ROOT_BY_VID **Status: Implemented** diff --git a/integration_tests/cli/pki-remove-noc-certificates.sh b/integration_tests/cli/pki-remove-noc-certificates.sh new file mode 100755 index 000000000..52abeecf9 --- /dev/null +++ b/integration_tests/cli/pki-remove-noc-certificates.sh @@ -0,0 +1,209 @@ +set -euo pipefail +source integration_tests/cli/common.sh + +root_cert_1_path="integration_tests/constants/noc_root_cert_1" +root_cert_subject="MHoxCzAJBgNVBAYTAlVaMRMwEQYDVQQIDApTb21lIFN0YXRlMREwDwYDVQQHDAhUYXNoa2VudDEYMBYGA1UECgwPRXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMQ4wDAYDVQQDDAVOT0MtMQ==" +root_cert_subject_key_id="44:EB:4C:62:6B:25:48:CD:A2:B3:1C:87:41:5A:08:E7:2B:B9:83:26" +root_cert_1_serial_number="47211865327720222621302679792296833381734533449" +root_cert_vid=65521 +intermediate_cert_1_path="integration_tests/constants/noc_cert_1" +intermediate_cert_2_path="integration_tests/constants/noc_cert_1_copy" +intermediate_cert_subject="MIGCMQswCQYDVQQGEwJVWjETMBEGA1UECAwKU29tZSBTdGF0ZTETMBEGA1UEBwwKU29tZSBTdGF0ZTEYMBYGA1UECgwPRXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMRQwEgYDVQQDDAtOT0MtY2hpbGQtMQ==" +intermediate_cert_subject_key_id="02:72:6E:BC:BB:EF:D6:BD:8D:9B:42:AE:D4:3C:C0:55:5F:66:3A:B3" +intermediate_cert_1_serial_number="631388393741945881054190991612463928825155142122" +intermediate_cert_2_serial_number="169445068204646961882009388640343665944683778293" +leaf_cert_path="integration_tests/constants/noc_leaf_cert_1" +leaf_cert_subject="MIGBMQswCQYDVQQGEwJVWjETMBEGA1UECAwKU29tZSBTdGF0ZTETMBEGA1UEBwwKU29tZSBTdGF0ZTEYMBYGA1UECgwPRXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMRMwEQYDVQQDDApOT0MtbGVhZi0x" +leaf_cert_subject_key_id="77:1F:DB:C4:4C:B1:29:7E:3C:EB:3E:D8:2A:38:0B:63:06:07:00:01" +leaf_cert_serial_number="281347277961838999749763518155363401757954575313" + +trustee_account="jack" + +test_divider + +echo "REMOVE NOC ICA CERTIFICATES" + +vendor_account_65521=vendor_account_$root_cert_vid +echo "Create Vendor account - $vendor_account_65521" +create_new_vendor_account $vendor_account_65521 $root_cert_vid + +vendor_account_65522=vendor_account_65522 +echo "Create Vendor account - $vendor_account_65522" +create_new_vendor_account $vendor_account_65522 65522 + +echo "Add first NOC root certificate" +result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="$root_cert_1_path" --from $vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Add first an ICA certificate" +result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$intermediate_cert_1_path" --from $vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Add second an ICA certificate" +result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$intermediate_cert_2_path" --from $vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Add a leaf ICA certificate" +result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$leaf_cert_path" --from $vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Request all approved certificates." +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subject\": \"$root_cert_subject\"" +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\"" + +echo "Revoke an ICA certificate with serialNumber $intermediate_cert_1_serial_number" +result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-ica-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="$intermediate_cert_1_serial_number" --from=$vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Request all revoked certificates should contain only one intermediate ICA certificate with serialNumber $intermediate_cert_1_serial_number" +result=$(dcld query pki all-revoked-x509-certs) +echo $result | jq +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" + +echo "Remove intermediate ICA certificate with invalid serialNumber" +result=$(echo "$passphrase" | dcld tx pki remove-noc-x509-ica-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="invalid" --from=$vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 404" + +echo "Try to remove the intermediate ICA certificate when sender is not Vendor account" +result=$(echo "$passphrase" | dcld tx pki remove-noc-x509-ica-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="$intermediate_cert_1_serial_number" --from=$trustee_account --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 4" + +echo "Try to remove the intermediate ICA certificate using a vendor account with other VID" +result=$(echo "$passphrase" | dcld tx pki remove-noc-x509-ica-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="$intermediate_cert_1_serial_number" --from=$vendor_account_65522 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 4" + +echo "Remove revoked intermediate ICA certificate with serialNumber $intermediate_cert_1_serial_number" +result=$(echo "$passphrase" | dcld tx pki remove-noc-x509-ica-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="$intermediate_cert_1_serial_number" --from=$vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Request all certificates should not contain intermediate ICA certificate with serialNumber $intermediate_cert_1_serial_number" +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subject\": \"$root_cert_subject\"" +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Request ICA certificates by VID should contain one ICA and leaf certificates" +result=$(dcld query pki noc-x509-ica-certs --vid="$root_cert_vid") +echo $result | jq +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Request approved certificates by an intermediate certificate's subject and subjectKeyId should contain only one certificate with serialNumber $intermediate_cert_2_serial_number" +result=$(dcld query pki x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id") +echo $result | jq +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Remove an intermediate certificate with subject and subjectKeyId" +result=$(echo "$passphrase" | dcld tx pki remove-noc-x509-ica-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --from=$vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Request approved certificates by an intermediate certificate's subject and subjectKeyId should be empty" +result=$(dcld query pki x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id") +echo $result | jq +check_response "$result" "Not Found" +response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Request ICA certificates by VID should contain only one leaf certificate" +result=$(dcld query pki noc-x509-ica-certs --vid="$root_cert_vid") +echo $result | jq +check_response "$result" "\"subject\": \"$leaf_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Request all revoked certificates should be empty" +result=$(dcld query pki all-revoked-x509-certs) +echo $result | jq +check_response "$result" "\[\]" +response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" + +echo "Request all certificates should contain only root and leaf certificates" +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Remove leaf certificate" +result=$(echo "$passphrase" | dcld tx pki remove-noc-x509-ica-cert --subject="$leaf_cert_subject" --subject-key-id="$leaf_cert_subject_key_id" --from=$vendor_account_65521 --yes) +result=$(get_txn_result "$result") +check_response "$result" "\"code\": 0" + +echo "Request approved leaf certificates should be empty" +result=$(dcld query pki x509-cert --subject="$leaf_cert_subject" --subject-key-id="$leaf_cert_subject_key_id") +echo $result | jq +check_response "$result" "Not Found" +response_does_not_contain "$result" "\"subject\": \"$leaf_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number" + +echo "Request ICA certificates by VID should be empty" +result=$(dcld query pki noc-x509-ica-certs --vid="$root_cert_vid") +echo $result | jq +response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\"" +response_does_not_contain "$result" "\"subject\": \"$leaf_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number" + +echo "Request all certificates should contain only root certificate" +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number" + +test_divider diff --git a/integration_tests/grpc_rest/pki/noc_cert_helpers.go b/integration_tests/grpc_rest/pki/noc_cert_helpers.go index 37ae26615..d34ef345f 100644 --- a/integration_tests/grpc_rest/pki/noc_cert_helpers.go +++ b/integration_tests/grpc_rest/pki/noc_cert_helpers.go @@ -8,6 +8,7 @@ import ( tmrand "github.com/cometbft/cometbft/libs/rand" sdk "github.com/cosmos/cosmos-sdk/types" "github.com/stretchr/testify/require" + testconstants "github.com/zigbee-alliance/distributed-compliance-ledger/integration_tests/constants" test_dclauth "github.com/zigbee-alliance/distributed-compliance-ledger/integration_tests/grpc_rest/dclauth" "github.com/zigbee-alliance/distributed-compliance-ledger/integration_tests/utils" @@ -161,6 +162,20 @@ func GetNocX509IcaCerts(suite *utils.TestSuite, vendorID int32) (*pkitypes.NocIc return &res, nil } +func GetNocX509IcaCertsBySubjectAndSKID(suite *utils.TestSuite, vendorID int32, subject, subjectKeyID string) []*pkitypes.Certificate { + certs, _ := GetNocX509IcaCerts(suite, vendorID) + for i := 0; i < len(certs.Certs); { + cert := certs.Certs[i] + if cert.Subject != subject || cert.SubjectKeyId != subjectKeyID { + certs.Certs = append(certs.Certs[:i], certs.Certs[i+1:]...) + } else { + i++ + } + } + + return certs.Certs +} + //nolint:funlen func NocCertDemo(suite *utils.TestSuite) { // Generate VIDs @@ -448,7 +463,208 @@ func NocCertDemo(suite *utils.TestSuite) { Subject: testconstants.NocRootCert1Subject, SubjectKeyId: testconstants.NocRootCert1SubjectKeyID, } - _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRevokeNocRootCert}, vendor1Name, vendor1Account) + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRevokeNocRootCert}, vendor2Name, vendor2Account) + require.Error(suite.T, err) + + // Add ICA certificate + msgAddNocCert = pkitypes.MsgAddNocX509IcaCert{ + Signer: vendor1Account.Address, + Cert: testconstants.NocCert1Copy, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddNocCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Revoke intermediate certificate with invalid serialNumber + msgRevokeCert := pkitypes.MsgRevokeNocX509IcaCert{ + Subject: testconstants.NocCert1Subject, + SubjectKeyId: testconstants.NocCert1SubjectKeyID, + SerialNumber: "invalid", + Signer: vendor1Account.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRevokeCert}, vendor1Name, vendor1Account) + require.Error(suite.T, err) + + // Revoke intermediate certificate with serialNumber 1 only(child certs should not be removed) + msgRevokeCert.SerialNumber = testconstants.NocCert1SerialNumber + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRevokeCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Request revoked certificate + revokedCerts, _ := GetRevokedX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(suite.T, 1, len(revokedCerts.Certs)) + require.Equal(suite.T, testconstants.NocCert1Subject, revokedCerts.Subject) + require.Equal(suite.T, testconstants.NocCert1SubjectKeyID, revokedCerts.SubjectKeyId) + require.Equal(suite.T, testconstants.NocCert1SerialNumber, revokedCerts.Certs[0].SerialNumber) + + // Check approved certificates + certs, _ = GetX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.NocCert1CopySerialNumber, certs.Certs[0].SerialNumber) + certs, _ = GetX509Cert(suite, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.NocLeafCert1SerialNumber, certs.Certs[0].SerialNumber) + + icaCerts, _ := GetNocX509IcaCerts(suite, vid1) + require.Equal(suite.T, 3, len(icaCerts.Certs)) + + // Revoke Root certificate with serialNumber(child certs should not be removed) + msgRevokeRootCert := pkitypes.MsgRevokeNocX509RootCert{ + Signer: vendor1Account.Address, + Subject: testconstants.NocRootCert1Subject, + SubjectKeyId: testconstants.NocRootCert1SubjectKeyID, + SerialNumber: testconstants.NocRootCert1SerialNumber, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRevokeRootCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Request revoked root certificate + revokedCerts, _ = GetRevokedX509Cert(suite, testconstants.NocRootCert1Subject, testconstants.NocRootCert1SubjectKeyID) + require.Equal(suite.T, 1, len(revokedCerts.Certs)) + require.Equal(suite.T, testconstants.NocRootCert1Subject, revokedCerts.Subject) + require.Equal(suite.T, testconstants.NocRootCert1SubjectKeyID, revokedCerts.SubjectKeyId) + require.Equal(suite.T, testconstants.NocRootCert1SerialNumber, revokedCerts.Certs[0].SerialNumber) + + // Check approved certificate + certs, _ = GetX509Cert(suite, testconstants.NocRootCert1Subject, testconstants.NocRootCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.NocRootCert1CopySerialNumber, certs.Certs[0].SerialNumber) + certs, _ = GetX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.NocCert1CopySerialNumber, certs.Certs[0].SerialNumber) + + nocRootCerts, _ := GetNocX509RootCertsByVidAndSkid(suite, vid1, testconstants.NocRootCert1SubjectKeyID) + require.Equal(suite.T, 1, len(nocRootCerts.Certs)) + require.Equal(suite.T, testconstants.NocRootCert1CopySerialNumber, nocRootCerts.Certs[0].SerialNumber) + + // Remove ICA certificate with invalid serialNumber + msgRemoveCert := pkitypes.MsgRemoveNocX509IcaCert{ + Signer: vendor1Account.Address, + Subject: testconstants.NocCert1Subject, + SubjectKeyId: testconstants.NocCert1SubjectKeyID, + SerialNumber: "invalid", + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveCert}, vendor1Name, vendor1Account) + require.Error(suite.T, err) + + // Try to Remove ICA certificate by subject and subject key id when sender is not Vendor account + msgRemoveCert = pkitypes.MsgRemoveNocX509IcaCert{ + Signer: aliceAccount.Address, + Subject: testconstants.NocCert1Subject, + SubjectKeyId: testconstants.NocCert1SubjectKeyID, + SerialNumber: testconstants.NocCert1CopySerialNumber, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveCert}, aliceName, aliceAccount) require.Error(suite.T, err) - // TODO: Fill with the positive cases after enabling removing of NOC certs + + // Remove revoked ICA certificate by subject and subject key id + msgRemoveCert = pkitypes.MsgRemoveNocX509IcaCert{ + Signer: vendor1Account.Address, + Subject: testconstants.NocCert1Subject, + SubjectKeyId: testconstants.NocCert1SubjectKeyID, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Check that two intermediate ICA certificates are removed + _, err = GetRevokedX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + suite.AssertNotFound(err) + _, err = GetX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + suite.AssertNotFound(err) + + certificates := GetNocX509IcaCertsBySubjectAndSKID(suite, vid1, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Empty(suite.T, certificates) + + // Remove leaf ICA certificate by subject and subject key id + msgRemoveCert = pkitypes.MsgRemoveNocX509IcaCert{ + Signer: vendor1Account.Address, + Subject: testconstants.NocLeafCert1Subject, + SubjectKeyId: testconstants.NocLeafCert1SubjectKeyID, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Check that leaf ICA certificate is removed + _, err = GetX509Cert(suite, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + suite.AssertNotFound(err) + + certificates = GetNocX509IcaCertsBySubjectAndSKID(suite, vid1, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Empty(suite.T, certificates) + + // Remove ICA certificates by subject, subject key id and serial number + // Add ICA certificates + msgAddNocCert = pkitypes.MsgAddNocX509IcaCert{ + Signer: vendor1Account.Address, + Cert: testconstants.NocCert1, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddNocCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + msgAddNocCert = pkitypes.MsgAddNocX509IcaCert{ + Signer: vendor1Account.Address, + Cert: testconstants.NocCert1Copy, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddNocCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + msgAddNocCert = pkitypes.MsgAddNocX509IcaCert{ + Signer: vendor1Account.Address, + Cert: testconstants.NocLeafCert1, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddNocCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Remove ICA certificate by serial number + msgRemoveCert = pkitypes.MsgRemoveNocX509IcaCert{ + Signer: vendor1Account.Address, + Subject: testconstants.NocCert1Subject, + SubjectKeyId: testconstants.NocCert1SubjectKeyID, + SerialNumber: testconstants.NocCert1SerialNumber, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Check that leaf and ICA with different serial number is not removed + certs, _ = GetX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.NocCert1CopySerialNumber, certs.Certs[0].SerialNumber) + certs, _ = GetX509Cert(suite, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + + certificates = GetNocX509IcaCertsBySubjectAndSKID(suite, vid1, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certificates)) + require.Equal(suite.T, testconstants.NocCert1CopySerialNumber, certificates[0].SerialNumber) + certificates = GetNocX509IcaCertsBySubjectAndSKID(suite, vid1, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(suite.T, 1, len(certificates)) + + // Revoke root cert and its child + msgRevokeRootCert = pkitypes.MsgRevokeNocX509RootCert{ + Signer: vendor1Account.Address, + Subject: testconstants.NocRootCert1Subject, + SubjectKeyId: testconstants.NocRootCert1SubjectKeyID, + RevokeChild: true, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRevokeRootCert}, vendor1Name, vendor1Account) + require.NoError(suite.T, err) + + // Check that all 3 certificates are revoked + revokedCerts, _ = GetRevokedX509Cert(suite, testconstants.NocRootCert1Subject, testconstants.NocRootCert1SubjectKeyID) + require.Equal(suite.T, 2, len(revokedCerts.Certs)) + revokedCerts, _ = GetRevokedX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(suite.T, 1, len(revokedCerts.Certs)) + revokedCerts, _ = GetRevokedX509Cert(suite, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(suite.T, 1, len(revokedCerts.Certs)) + + _, err = GetX509Cert(suite, testconstants.NocRootCert1Subject, testconstants.NocRootCert1SubjectKeyID) + suite.AssertNotFound(err) + _, err = GetX509Cert(suite, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + suite.AssertNotFound(err) + _, err = GetX509Cert(suite, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + suite.AssertNotFound(err) + + _, err = GetNocX509RootCertsByVidAndSkid(suite, vid1, testconstants.NocRootCert1SubjectKeyID) + suite.AssertNotFound(err) + certificates = GetNocX509IcaCertsBySubjectAndSKID(suite, vid1, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Empty(suite.T, certificates) + certificates = GetNocX509IcaCertsBySubjectAndSKID(suite, vid1, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Empty(suite.T, certificates) } diff --git a/proto/zigbeealliance/distributedcomplianceledger/pki/tx.proto b/proto/zigbeealliance/distributedcomplianceledger/pki/tx.proto index 50a8a9015..dae386304 100644 --- a/proto/zigbeealliance/distributedcomplianceledger/pki/tx.proto +++ b/proto/zigbeealliance/distributedcomplianceledger/pki/tx.proto @@ -26,7 +26,8 @@ service Msg { rpc AddNocX509IcaCert(MsgAddNocX509IcaCert) returns (MsgAddNocX509IcaCertResponse); rpc RevokeNocX509RootCert(MsgRevokeNocX509RootCert) returns (MsgRevokeNocX509RootCertResponse); rpc RevokeNocX509IcaCert(MsgRevokeNocX509IcaCert) returns (MsgRevokeNocX509IcaCertResponse); -// this line is used by starport scaffolding # proto/tx/rpc + rpc RemoveNocX509IcaCert (MsgRemoveNocX509IcaCert) returns (MsgRemoveNocX509IcaCertResponse); + // this line is used by starport scaffolding # proto/tx/rpc } message MsgProposeAddX509RootCert { @@ -232,4 +233,11 @@ message MsgRevokeNocX509IcaCert { message MsgRevokeNocX509IcaCertResponse { } -// this line is used by starport scaffolding # proto/tx/message \ No newline at end of file +message MsgRemoveNocX509IcaCert { + string signer = 1 [(cosmos_proto.scalar) = "cosmos.AddressString", (gogoproto.moretags) = "validate:\"required\""]; + string subject = 2 [(gogoproto.moretags) = "validate:\"required,max=1024\""]; + string subjectKeyId = 3 [(gogoproto.moretags) = "validate:\"required,max=256\""]; + string serialNumber = 4; +} + +message MsgRemoveNocX509IcaCertResponse {} diff --git a/scripts/ignite/07.pki_types.sh b/scripts/ignite/07.pki_types.sh new file mode 100755 index 000000000..029469fce --- /dev/null +++ b/scripts/ignite/07.pki_types.sh @@ -0,0 +1,4 @@ +# PKI types + +# messages +ignite scaffold --module pki message RemoveNocX509IcaCert subject subjectKeyId serialNumber --signer signer diff --git a/ts-client/zigbeealliance.distributedcomplianceledger.pki/module.ts b/ts-client/zigbeealliance.distributedcomplianceledger.pki/module.ts index f0d0e5fbd..2d6d712d2 100755 --- a/ts-client/zigbeealliance.distributedcomplianceledger.pki/module.ts +++ b/ts-client/zigbeealliance.distributedcomplianceledger.pki/module.ts @@ -7,22 +7,23 @@ import { msgTypes } from './registry'; import { IgniteClient } from "../client" import { MissingWalletError } from "../helpers" import { Api } from "./rest"; -import { MsgApproveRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRemoveX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRejectAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgAddX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgAddNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgDeletePkiRevocationDistributionPoint } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRevokeX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRevokeNocX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgApproveRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRemoveNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgApproveAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRevokeNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgProposeRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgAddX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgUpdatePkiRevocationDistributionPoint } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgAssignVid } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRemoveX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRevokeX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgProposeRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRejectAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgAddNocX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgProposeAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRevokeNocX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgAddPkiRevocationDistributionPoint } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRevokeNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgAddNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { ApprovedCertificates as typeApprovedCertificates} from "./types" import { ApprovedCertificatesBySubject as typeApprovedCertificatesBySubject} from "./types" @@ -45,7 +46,13 @@ import { RevokedNocRootCertificates as typeRevokedNocRootCertificates} from "./t import { RevokedRootCertificates as typeRevokedRootCertificates} from "./types" import { UniqueCertificate as typeUniqueCertificate} from "./types" -export { MsgApproveRevokeX509RootCert, MsgRemoveX509Cert, MsgRejectAddX509RootCert, MsgAddX509Cert, MsgAddNocX509IcaCert, MsgDeletePkiRevocationDistributionPoint, MsgRevokeX509Cert, MsgRevokeNocX509RootCert, MsgApproveAddX509RootCert, MsgRevokeNocX509IcaCert, MsgProposeRevokeX509RootCert, MsgUpdatePkiRevocationDistributionPoint, MsgAssignVid, MsgAddNocX509RootCert, MsgProposeAddX509RootCert, MsgAddPkiRevocationDistributionPoint }; +export { MsgDeletePkiRevocationDistributionPoint, MsgApproveRevokeX509RootCert, MsgRemoveNocX509IcaCert, MsgApproveAddX509RootCert, MsgAddX509Cert, MsgUpdatePkiRevocationDistributionPoint, MsgAssignVid, MsgRemoveX509Cert, MsgRevokeX509Cert, MsgProposeRevokeX509RootCert, MsgRejectAddX509RootCert, MsgAddNocX509RootCert, MsgProposeAddX509RootCert, MsgRevokeNocX509RootCert, MsgAddPkiRevocationDistributionPoint, MsgRevokeNocX509IcaCert, MsgAddNocX509IcaCert }; + +type sendMsgDeletePkiRevocationDistributionPointParams = { + value: MsgDeletePkiRevocationDistributionPoint, + fee?: StdFee, + memo?: string +}; type sendMsgApproveRevokeX509RootCertParams = { value: MsgApproveRevokeX509RootCert, @@ -53,14 +60,14 @@ type sendMsgApproveRevokeX509RootCertParams = { memo?: string }; -type sendMsgRemoveX509CertParams = { - value: MsgRemoveX509Cert, +type sendMsgRemoveNocX509IcaCertParams = { + value: MsgRemoveNocX509IcaCert, fee?: StdFee, memo?: string }; -type sendMsgRejectAddX509RootCertParams = { - value: MsgRejectAddX509RootCert, +type sendMsgApproveAddX509RootCertParams = { + value: MsgApproveAddX509RootCert, fee?: StdFee, memo?: string }; @@ -71,129 +78,121 @@ type sendMsgAddX509CertParams = { memo?: string }; -type sendMsgAddNocX509IcaCertParams = { - value: MsgAddNocX509IcaCert, +type sendMsgUpdatePkiRevocationDistributionPointParams = { + value: MsgUpdatePkiRevocationDistributionPoint, fee?: StdFee, memo?: string }; -type sendMsgDeletePkiRevocationDistributionPointParams = { - value: MsgDeletePkiRevocationDistributionPoint, +type sendMsgAssignVidParams = { + value: MsgAssignVid, fee?: StdFee, memo?: string }; -type sendMsgRevokeX509CertParams = { - value: MsgRevokeX509Cert, +type sendMsgRemoveX509CertParams = { + value: MsgRemoveX509Cert, fee?: StdFee, memo?: string }; -type sendMsgRevokeNocX509RootCertParams = { - value: MsgRevokeNocX509RootCert, +type sendMsgRevokeX509CertParams = { + value: MsgRevokeX509Cert, fee?: StdFee, memo?: string }; -type sendMsgApproveAddX509RootCertParams = { - value: MsgApproveAddX509RootCert, +type sendMsgProposeRevokeX509RootCertParams = { + value: MsgProposeRevokeX509RootCert, fee?: StdFee, memo?: string }; -type sendMsgRevokeNocX509IcaCertParams = { - value: MsgRevokeNocX509IcaCert, +type sendMsgRejectAddX509RootCertParams = { + value: MsgRejectAddX509RootCert, fee?: StdFee, memo?: string }; -type sendMsgProposeRevokeX509RootCertParams = { - value: MsgProposeRevokeX509RootCert, +type sendMsgAddNocX509RootCertParams = { + value: MsgAddNocX509RootCert, fee?: StdFee, memo?: string }; -type sendMsgUpdatePkiRevocationDistributionPointParams = { - value: MsgUpdatePkiRevocationDistributionPoint, +type sendMsgProposeAddX509RootCertParams = { + value: MsgProposeAddX509RootCert, fee?: StdFee, memo?: string }; -type sendMsgAssignVidParams = { - value: MsgAssignVid, +type sendMsgRevokeNocX509RootCertParams = { + value: MsgRevokeNocX509RootCert, fee?: StdFee, memo?: string }; -type sendMsgAddNocX509RootCertParams = { - value: MsgAddNocX509RootCert, +type sendMsgAddPkiRevocationDistributionPointParams = { + value: MsgAddPkiRevocationDistributionPoint, fee?: StdFee, memo?: string }; -type sendMsgProposeAddX509RootCertParams = { - value: MsgProposeAddX509RootCert, +type sendMsgRevokeNocX509IcaCertParams = { + value: MsgRevokeNocX509IcaCert, fee?: StdFee, memo?: string }; -type sendMsgAddPkiRevocationDistributionPointParams = { - value: MsgAddPkiRevocationDistributionPoint, +type sendMsgAddNocX509IcaCertParams = { + value: MsgAddNocX509IcaCert, fee?: StdFee, memo?: string }; +type msgDeletePkiRevocationDistributionPointParams = { + value: MsgDeletePkiRevocationDistributionPoint, +}; + type msgApproveRevokeX509RootCertParams = { value: MsgApproveRevokeX509RootCert, }; -type msgRemoveX509CertParams = { - value: MsgRemoveX509Cert, +type msgRemoveNocX509IcaCertParams = { + value: MsgRemoveNocX509IcaCert, }; -type msgRejectAddX509RootCertParams = { - value: MsgRejectAddX509RootCert, +type msgApproveAddX509RootCertParams = { + value: MsgApproveAddX509RootCert, }; type msgAddX509CertParams = { value: MsgAddX509Cert, }; -type msgAddNocX509IcaCertParams = { - value: MsgAddNocX509IcaCert, -}; - -type msgDeletePkiRevocationDistributionPointParams = { - value: MsgDeletePkiRevocationDistributionPoint, -}; - -type msgRevokeX509CertParams = { - value: MsgRevokeX509Cert, +type msgUpdatePkiRevocationDistributionPointParams = { + value: MsgUpdatePkiRevocationDistributionPoint, }; -type msgRevokeNocX509RootCertParams = { - value: MsgRevokeNocX509RootCert, +type msgAssignVidParams = { + value: MsgAssignVid, }; -type msgApproveAddX509RootCertParams = { - value: MsgApproveAddX509RootCert, +type msgRemoveX509CertParams = { + value: MsgRemoveX509Cert, }; -type msgRevokeNocX509IcaCertParams = { - value: MsgRevokeNocX509IcaCert, +type msgRevokeX509CertParams = { + value: MsgRevokeX509Cert, }; type msgProposeRevokeX509RootCertParams = { value: MsgProposeRevokeX509RootCert, }; -type msgUpdatePkiRevocationDistributionPointParams = { - value: MsgUpdatePkiRevocationDistributionPoint, -}; - -type msgAssignVidParams = { - value: MsgAssignVid, +type msgRejectAddX509RootCertParams = { + value: MsgRejectAddX509RootCert, }; type msgAddNocX509RootCertParams = { @@ -204,10 +203,22 @@ type msgProposeAddX509RootCertParams = { value: MsgProposeAddX509RootCert, }; +type msgRevokeNocX509RootCertParams = { + value: MsgRevokeNocX509RootCert, +}; + type msgAddPkiRevocationDistributionPointParams = { value: MsgAddPkiRevocationDistributionPoint, }; +type msgRevokeNocX509IcaCertParams = { + value: MsgRevokeNocX509IcaCert, +}; + +type msgAddNocX509IcaCertParams = { + value: MsgAddNocX509IcaCert, +}; + export const registry = new Registry(msgTypes); @@ -238,6 +249,20 @@ export const txClient = ({ signer, prefix, addr }: TxClientOptions = { addr: "ht return { + async sendMsgDeletePkiRevocationDistributionPoint({ value, fee, memo }: sendMsgDeletePkiRevocationDistributionPointParams): Promise { + if (!signer) { + throw new Error('TxClient:sendMsgDeletePkiRevocationDistributionPoint: Unable to sign Tx. Signer is not present.') + } + try { + const { address } = (await signer.getAccounts())[0]; + const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); + let msg = this.msgDeletePkiRevocationDistributionPoint({ value: MsgDeletePkiRevocationDistributionPoint.fromPartial(value) }) + return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) + } catch (e: any) { + throw new Error('TxClient:sendMsgDeletePkiRevocationDistributionPoint: Could not broadcast Tx: '+ e.message) + } + }, + async sendMsgApproveRevokeX509RootCert({ value, fee, memo }: sendMsgApproveRevokeX509RootCertParams): Promise { if (!signer) { throw new Error('TxClient:sendMsgApproveRevokeX509RootCert: Unable to sign Tx. Signer is not present.') @@ -252,31 +277,31 @@ export const txClient = ({ signer, prefix, addr }: TxClientOptions = { addr: "ht } }, - async sendMsgRemoveX509Cert({ value, fee, memo }: sendMsgRemoveX509CertParams): Promise { + async sendMsgRemoveNocX509IcaCert({ value, fee, memo }: sendMsgRemoveNocX509IcaCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgRemoveX509Cert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgRemoveNocX509IcaCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgRemoveX509Cert({ value: MsgRemoveX509Cert.fromPartial(value) }) + let msg = this.msgRemoveNocX509IcaCert({ value: MsgRemoveNocX509IcaCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgRemoveX509Cert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgRemoveNocX509IcaCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgRejectAddX509RootCert({ value, fee, memo }: sendMsgRejectAddX509RootCertParams): Promise { + async sendMsgApproveAddX509RootCert({ value, fee, memo }: sendMsgApproveAddX509RootCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgRejectAddX509RootCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgApproveAddX509RootCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgRejectAddX509RootCert({ value: MsgRejectAddX509RootCert.fromPartial(value) }) + let msg = this.msgApproveAddX509RootCert({ value: MsgApproveAddX509RootCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgRejectAddX509RootCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgApproveAddX509RootCert: Could not broadcast Tx: '+ e.message) } }, @@ -294,175 +319,183 @@ export const txClient = ({ signer, prefix, addr }: TxClientOptions = { addr: "ht } }, - async sendMsgAddNocX509IcaCert({ value, fee, memo }: sendMsgAddNocX509IcaCertParams): Promise { + async sendMsgUpdatePkiRevocationDistributionPoint({ value, fee, memo }: sendMsgUpdatePkiRevocationDistributionPointParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgAddNocX509IcaCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgUpdatePkiRevocationDistributionPoint: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgAddNocX509IcaCert({ value: MsgAddNocX509IcaCert.fromPartial(value) }) + let msg = this.msgUpdatePkiRevocationDistributionPoint({ value: MsgUpdatePkiRevocationDistributionPoint.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgAddNocX509IcaCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgUpdatePkiRevocationDistributionPoint: Could not broadcast Tx: '+ e.message) } }, - async sendMsgDeletePkiRevocationDistributionPoint({ value, fee, memo }: sendMsgDeletePkiRevocationDistributionPointParams): Promise { + async sendMsgAssignVid({ value, fee, memo }: sendMsgAssignVidParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgDeletePkiRevocationDistributionPoint: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgAssignVid: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgDeletePkiRevocationDistributionPoint({ value: MsgDeletePkiRevocationDistributionPoint.fromPartial(value) }) + let msg = this.msgAssignVid({ value: MsgAssignVid.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgDeletePkiRevocationDistributionPoint: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgAssignVid: Could not broadcast Tx: '+ e.message) } }, - async sendMsgRevokeX509Cert({ value, fee, memo }: sendMsgRevokeX509CertParams): Promise { + async sendMsgRemoveX509Cert({ value, fee, memo }: sendMsgRemoveX509CertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgRevokeX509Cert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgRemoveX509Cert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgRevokeX509Cert({ value: MsgRevokeX509Cert.fromPartial(value) }) + let msg = this.msgRemoveX509Cert({ value: MsgRemoveX509Cert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgRevokeX509Cert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgRemoveX509Cert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgRevokeNocX509RootCert({ value, fee, memo }: sendMsgRevokeNocX509RootCertParams): Promise { + async sendMsgRevokeX509Cert({ value, fee, memo }: sendMsgRevokeX509CertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgRevokeNocX509RootCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgRevokeX509Cert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgRevokeNocX509RootCert({ value: MsgRevokeNocX509RootCert.fromPartial(value) }) + let msg = this.msgRevokeX509Cert({ value: MsgRevokeX509Cert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgRevokeNocX509RootCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgRevokeX509Cert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgApproveAddX509RootCert({ value, fee, memo }: sendMsgApproveAddX509RootCertParams): Promise { + async sendMsgProposeRevokeX509RootCert({ value, fee, memo }: sendMsgProposeRevokeX509RootCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgApproveAddX509RootCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgProposeRevokeX509RootCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgApproveAddX509RootCert({ value: MsgApproveAddX509RootCert.fromPartial(value) }) + let msg = this.msgProposeRevokeX509RootCert({ value: MsgProposeRevokeX509RootCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgApproveAddX509RootCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgProposeRevokeX509RootCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgRevokeNocX509IcaCert({ value, fee, memo }: sendMsgRevokeNocX509IcaCertParams): Promise { + async sendMsgRejectAddX509RootCert({ value, fee, memo }: sendMsgRejectAddX509RootCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgRevokeNocX509IcaCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgRejectAddX509RootCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgRevokeNocX509IcaCert({ value: MsgRevokeNocX509IcaCert.fromPartial(value) }) + let msg = this.msgRejectAddX509RootCert({ value: MsgRejectAddX509RootCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgRevokeNocX509IcaCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgRejectAddX509RootCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgProposeRevokeX509RootCert({ value, fee, memo }: sendMsgProposeRevokeX509RootCertParams): Promise { + async sendMsgAddNocX509RootCert({ value, fee, memo }: sendMsgAddNocX509RootCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgProposeRevokeX509RootCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgAddNocX509RootCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgProposeRevokeX509RootCert({ value: MsgProposeRevokeX509RootCert.fromPartial(value) }) + let msg = this.msgAddNocX509RootCert({ value: MsgAddNocX509RootCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgProposeRevokeX509RootCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgAddNocX509RootCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgUpdatePkiRevocationDistributionPoint({ value, fee, memo }: sendMsgUpdatePkiRevocationDistributionPointParams): Promise { + async sendMsgProposeAddX509RootCert({ value, fee, memo }: sendMsgProposeAddX509RootCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgUpdatePkiRevocationDistributionPoint: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgProposeAddX509RootCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgUpdatePkiRevocationDistributionPoint({ value: MsgUpdatePkiRevocationDistributionPoint.fromPartial(value) }) + let msg = this.msgProposeAddX509RootCert({ value: MsgProposeAddX509RootCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgUpdatePkiRevocationDistributionPoint: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgProposeAddX509RootCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgAssignVid({ value, fee, memo }: sendMsgAssignVidParams): Promise { + async sendMsgRevokeNocX509RootCert({ value, fee, memo }: sendMsgRevokeNocX509RootCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgAssignVid: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgRevokeNocX509RootCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgAssignVid({ value: MsgAssignVid.fromPartial(value) }) + let msg = this.msgRevokeNocX509RootCert({ value: MsgRevokeNocX509RootCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgAssignVid: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgRevokeNocX509RootCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgAddNocX509RootCert({ value, fee, memo }: sendMsgAddNocX509RootCertParams): Promise { + async sendMsgAddPkiRevocationDistributionPoint({ value, fee, memo }: sendMsgAddPkiRevocationDistributionPointParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgAddNocX509RootCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgAddPkiRevocationDistributionPoint: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgAddNocX509RootCert({ value: MsgAddNocX509RootCert.fromPartial(value) }) + let msg = this.msgAddPkiRevocationDistributionPoint({ value: MsgAddPkiRevocationDistributionPoint.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgAddNocX509RootCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgAddPkiRevocationDistributionPoint: Could not broadcast Tx: '+ e.message) } }, - async sendMsgProposeAddX509RootCert({ value, fee, memo }: sendMsgProposeAddX509RootCertParams): Promise { + async sendMsgRevokeNocX509IcaCert({ value, fee, memo }: sendMsgRevokeNocX509IcaCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgProposeAddX509RootCert: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgRevokeNocX509IcaCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgProposeAddX509RootCert({ value: MsgProposeAddX509RootCert.fromPartial(value) }) + let msg = this.msgRevokeNocX509IcaCert({ value: MsgRevokeNocX509IcaCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgProposeAddX509RootCert: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgRevokeNocX509IcaCert: Could not broadcast Tx: '+ e.message) } }, - async sendMsgAddPkiRevocationDistributionPoint({ value, fee, memo }: sendMsgAddPkiRevocationDistributionPointParams): Promise { + async sendMsgAddNocX509IcaCert({ value, fee, memo }: sendMsgAddNocX509IcaCertParams): Promise { if (!signer) { - throw new Error('TxClient:sendMsgAddPkiRevocationDistributionPoint: Unable to sign Tx. Signer is not present.') + throw new Error('TxClient:sendMsgAddNocX509IcaCert: Unable to sign Tx. Signer is not present.') } try { const { address } = (await signer.getAccounts())[0]; const signingClient = await SigningStargateClient.connectWithSigner(addr,signer,{registry, prefix}); - let msg = this.msgAddPkiRevocationDistributionPoint({ value: MsgAddPkiRevocationDistributionPoint.fromPartial(value) }) + let msg = this.msgAddNocX509IcaCert({ value: MsgAddNocX509IcaCert.fromPartial(value) }) return await signingClient.signAndBroadcast(address, [msg], fee ? fee : defaultFee, memo) } catch (e: any) { - throw new Error('TxClient:sendMsgAddPkiRevocationDistributionPoint: Could not broadcast Tx: '+ e.message) + throw new Error('TxClient:sendMsgAddNocX509IcaCert: Could not broadcast Tx: '+ e.message) } }, + msgDeletePkiRevocationDistributionPoint({ value }: msgDeletePkiRevocationDistributionPointParams): EncodeObject { + try { + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgDeletePkiRevocationDistributionPoint", value: MsgDeletePkiRevocationDistributionPoint.fromPartial( value ) } + } catch (e: any) { + throw new Error('TxClient:MsgDeletePkiRevocationDistributionPoint: Could not create message: ' + e.message) + } + }, + msgApproveRevokeX509RootCert({ value }: msgApproveRevokeX509RootCertParams): EncodeObject { try { return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgApproveRevokeX509RootCert", value: MsgApproveRevokeX509RootCert.fromPartial( value ) } @@ -471,19 +504,19 @@ export const txClient = ({ signer, prefix, addr }: TxClientOptions = { addr: "ht } }, - msgRemoveX509Cert({ value }: msgRemoveX509CertParams): EncodeObject { + msgRemoveNocX509IcaCert({ value }: msgRemoveNocX509IcaCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", value: MsgRemoveX509Cert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveNocX509IcaCert", value: MsgRemoveNocX509IcaCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgRemoveX509Cert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgRemoveNocX509IcaCert: Could not create message: ' + e.message) } }, - msgRejectAddX509RootCert({ value }: msgRejectAddX509RootCertParams): EncodeObject { + msgApproveAddX509RootCert({ value }: msgApproveAddX509RootCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRejectAddX509RootCert", value: MsgRejectAddX509RootCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgApproveAddX509RootCert", value: MsgApproveAddX509RootCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgRejectAddX509RootCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgApproveAddX509RootCert: Could not create message: ' + e.message) } }, @@ -495,99 +528,99 @@ export const txClient = ({ signer, prefix, addr }: TxClientOptions = { addr: "ht } }, - msgAddNocX509IcaCert({ value }: msgAddNocX509IcaCertParams): EncodeObject { + msgUpdatePkiRevocationDistributionPoint({ value }: msgUpdatePkiRevocationDistributionPointParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509IcaCert", value: MsgAddNocX509IcaCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgUpdatePkiRevocationDistributionPoint", value: MsgUpdatePkiRevocationDistributionPoint.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgAddNocX509IcaCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgUpdatePkiRevocationDistributionPoint: Could not create message: ' + e.message) } }, - msgDeletePkiRevocationDistributionPoint({ value }: msgDeletePkiRevocationDistributionPointParams): EncodeObject { + msgAssignVid({ value }: msgAssignVidParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgDeletePkiRevocationDistributionPoint", value: MsgDeletePkiRevocationDistributionPoint.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAssignVid", value: MsgAssignVid.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgDeletePkiRevocationDistributionPoint: Could not create message: ' + e.message) + throw new Error('TxClient:MsgAssignVid: Could not create message: ' + e.message) } }, - msgRevokeX509Cert({ value }: msgRevokeX509CertParams): EncodeObject { + msgRemoveX509Cert({ value }: msgRemoveX509CertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeX509Cert", value: MsgRevokeX509Cert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", value: MsgRemoveX509Cert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgRevokeX509Cert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgRemoveX509Cert: Could not create message: ' + e.message) } }, - msgRevokeNocX509RootCert({ value }: msgRevokeNocX509RootCertParams): EncodeObject { + msgRevokeX509Cert({ value }: msgRevokeX509CertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509RootCert", value: MsgRevokeNocX509RootCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeX509Cert", value: MsgRevokeX509Cert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgRevokeNocX509RootCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgRevokeX509Cert: Could not create message: ' + e.message) } }, - msgApproveAddX509RootCert({ value }: msgApproveAddX509RootCertParams): EncodeObject { + msgProposeRevokeX509RootCert({ value }: msgProposeRevokeX509RootCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgApproveAddX509RootCert", value: MsgApproveAddX509RootCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", value: MsgProposeRevokeX509RootCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgApproveAddX509RootCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgProposeRevokeX509RootCert: Could not create message: ' + e.message) } }, - msgRevokeNocX509IcaCert({ value }: msgRevokeNocX509IcaCertParams): EncodeObject { + msgRejectAddX509RootCert({ value }: msgRejectAddX509RootCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509IcaCert", value: MsgRevokeNocX509IcaCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRejectAddX509RootCert", value: MsgRejectAddX509RootCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgRevokeNocX509IcaCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgRejectAddX509RootCert: Could not create message: ' + e.message) } }, - msgProposeRevokeX509RootCert({ value }: msgProposeRevokeX509RootCertParams): EncodeObject { + msgAddNocX509RootCert({ value }: msgAddNocX509RootCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", value: MsgProposeRevokeX509RootCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509RootCert", value: MsgAddNocX509RootCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgProposeRevokeX509RootCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgAddNocX509RootCert: Could not create message: ' + e.message) } }, - msgUpdatePkiRevocationDistributionPoint({ value }: msgUpdatePkiRevocationDistributionPointParams): EncodeObject { + msgProposeAddX509RootCert({ value }: msgProposeAddX509RootCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgUpdatePkiRevocationDistributionPoint", value: MsgUpdatePkiRevocationDistributionPoint.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCert", value: MsgProposeAddX509RootCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgUpdatePkiRevocationDistributionPoint: Could not create message: ' + e.message) + throw new Error('TxClient:MsgProposeAddX509RootCert: Could not create message: ' + e.message) } }, - msgAssignVid({ value }: msgAssignVidParams): EncodeObject { + msgRevokeNocX509RootCert({ value }: msgRevokeNocX509RootCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAssignVid", value: MsgAssignVid.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509RootCert", value: MsgRevokeNocX509RootCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgAssignVid: Could not create message: ' + e.message) + throw new Error('TxClient:MsgRevokeNocX509RootCert: Could not create message: ' + e.message) } }, - msgAddNocX509RootCert({ value }: msgAddNocX509RootCertParams): EncodeObject { + msgAddPkiRevocationDistributionPoint({ value }: msgAddPkiRevocationDistributionPointParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509RootCert", value: MsgAddNocX509RootCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddPkiRevocationDistributionPoint", value: MsgAddPkiRevocationDistributionPoint.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgAddNocX509RootCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgAddPkiRevocationDistributionPoint: Could not create message: ' + e.message) } }, - msgProposeAddX509RootCert({ value }: msgProposeAddX509RootCertParams): EncodeObject { + msgRevokeNocX509IcaCert({ value }: msgRevokeNocX509IcaCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCert", value: MsgProposeAddX509RootCert.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509IcaCert", value: MsgRevokeNocX509IcaCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgProposeAddX509RootCert: Could not create message: ' + e.message) + throw new Error('TxClient:MsgRevokeNocX509IcaCert: Could not create message: ' + e.message) } }, - msgAddPkiRevocationDistributionPoint({ value }: msgAddPkiRevocationDistributionPointParams): EncodeObject { + msgAddNocX509IcaCert({ value }: msgAddNocX509IcaCertParams): EncodeObject { try { - return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddPkiRevocationDistributionPoint", value: MsgAddPkiRevocationDistributionPoint.fromPartial( value ) } + return { typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509IcaCert", value: MsgAddNocX509IcaCert.fromPartial( value ) } } catch (e: any) { - throw new Error('TxClient:MsgAddPkiRevocationDistributionPoint: Could not create message: ' + e.message) + throw new Error('TxClient:MsgAddNocX509IcaCert: Could not create message: ' + e.message) } }, diff --git a/ts-client/zigbeealliance.distributedcomplianceledger.pki/registry.ts b/ts-client/zigbeealliance.distributedcomplianceledger.pki/registry.ts index d5e359e44..3d0c4adc6 100755 --- a/ts-client/zigbeealliance.distributedcomplianceledger.pki/registry.ts +++ b/ts-client/zigbeealliance.distributedcomplianceledger.pki/registry.ts @@ -1,38 +1,40 @@ import { GeneratedType } from "@cosmjs/proto-signing"; -import { MsgApproveRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRemoveX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRejectAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgAddX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgAddNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgDeletePkiRevocationDistributionPoint } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRevokeX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRevokeNocX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgApproveRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRemoveNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgApproveAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgRevokeNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; -import { MsgProposeRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgAddX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgUpdatePkiRevocationDistributionPoint } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgAssignVid } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRemoveX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRevokeX509Cert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgProposeRevokeX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRejectAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgAddNocX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgProposeAddX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRevokeNocX509RootCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; import { MsgAddPkiRevocationDistributionPoint } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgRevokeNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; +import { MsgAddNocX509IcaCert } from "./types/zigbeealliance/distributedcomplianceledger/pki/tx"; const msgTypes: Array<[string, GeneratedType]> = [ - ["/zigbeealliance.distributedcomplianceledger.pki.MsgApproveRevokeX509RootCert", MsgApproveRevokeX509RootCert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", MsgRemoveX509Cert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgRejectAddX509RootCert", MsgRejectAddX509RootCert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddX509Cert", MsgAddX509Cert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509IcaCert", MsgAddNocX509IcaCert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgDeletePkiRevocationDistributionPoint", MsgDeletePkiRevocationDistributionPoint], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeX509Cert", MsgRevokeX509Cert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509RootCert", MsgRevokeNocX509RootCert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgApproveRevokeX509RootCert", MsgApproveRevokeX509RootCert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveNocX509IcaCert", MsgRemoveNocX509IcaCert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgApproveAddX509RootCert", MsgApproveAddX509RootCert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509IcaCert", MsgRevokeNocX509IcaCert], - ["/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", MsgProposeRevokeX509RootCert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddX509Cert", MsgAddX509Cert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgUpdatePkiRevocationDistributionPoint", MsgUpdatePkiRevocationDistributionPoint], ["/zigbeealliance.distributedcomplianceledger.pki.MsgAssignVid", MsgAssignVid], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", MsgRemoveX509Cert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeX509Cert", MsgRevokeX509Cert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", MsgProposeRevokeX509RootCert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRejectAddX509RootCert", MsgRejectAddX509RootCert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509RootCert", MsgAddNocX509RootCert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCert", MsgProposeAddX509RootCert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509RootCert", MsgRevokeNocX509RootCert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddPkiRevocationDistributionPoint", MsgAddPkiRevocationDistributionPoint], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509IcaCert", MsgRevokeNocX509IcaCert], + ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509IcaCert", MsgAddNocX509IcaCert], ]; diff --git a/ts-client/zigbeealliance.distributedcomplianceledger.pki/rest.ts b/ts-client/zigbeealliance.distributedcomplianceledger.pki/rest.ts index 976c10243..d3274ec96 100644 --- a/ts-client/zigbeealliance.distributedcomplianceledger.pki/rest.ts +++ b/ts-client/zigbeealliance.distributedcomplianceledger.pki/rest.ts @@ -208,6 +208,8 @@ export type PkiMsgProposeRevokeX509RootCertResponse = object; export type PkiMsgRejectAddX509RootCertResponse = object; +export type PkiMsgRemoveNocX509IcaCertResponse = object; + export type PkiMsgRemoveX509CertResponse = object; export type PkiMsgRevokeNocX509IcaCertResponse = object; diff --git a/ts-client/zigbeealliance.distributedcomplianceledger.pki/types/zigbeealliance/distributedcomplianceledger/pki/tx.ts b/ts-client/zigbeealliance.distributedcomplianceledger.pki/types/zigbeealliance/distributedcomplianceledger/pki/tx.ts index 40749344d..f44fb9500 100644 --- a/ts-client/zigbeealliance.distributedcomplianceledger.pki/types/zigbeealliance/distributedcomplianceledger/pki/tx.ts +++ b/ts-client/zigbeealliance.distributedcomplianceledger.pki/types/zigbeealliance/distributedcomplianceledger/pki/tx.ts @@ -207,6 +207,16 @@ export interface MsgRevokeNocX509IcaCert { export interface MsgRevokeNocX509IcaCertResponse { } +export interface MsgRemoveNocX509IcaCert { + signer: string; + subject: string; + subjectKeyId: string; + serialNumber: string; +} + +export interface MsgRemoveNocX509IcaCertResponse { +} + function createBaseMsgProposeAddX509RootCert(): MsgProposeAddX509RootCert { return { signer: "", cert: "", info: "", time: 0, vid: 0, certSchemaVersion: 0, schemaVersion: 0 }; } @@ -2521,6 +2531,121 @@ export const MsgRevokeNocX509IcaCertResponse = { }, }; +function createBaseMsgRemoveNocX509IcaCert(): MsgRemoveNocX509IcaCert { + return { signer: "", subject: "", subjectKeyId: "", serialNumber: "" }; +} + +export const MsgRemoveNocX509IcaCert = { + encode(message: MsgRemoveNocX509IcaCert, writer: _m0.Writer = _m0.Writer.create()): _m0.Writer { + if (message.signer !== "") { + writer.uint32(10).string(message.signer); + } + if (message.subject !== "") { + writer.uint32(18).string(message.subject); + } + if (message.subjectKeyId !== "") { + writer.uint32(26).string(message.subjectKeyId); + } + if (message.serialNumber !== "") { + writer.uint32(34).string(message.serialNumber); + } + return writer; + }, + + decode(input: _m0.Reader | Uint8Array, length?: number): MsgRemoveNocX509IcaCert { + const reader = input instanceof _m0.Reader ? input : new _m0.Reader(input); + let end = length === undefined ? reader.len : reader.pos + length; + const message = createBaseMsgRemoveNocX509IcaCert(); + while (reader.pos < end) { + const tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.signer = reader.string(); + break; + case 2: + message.subject = reader.string(); + break; + case 3: + message.subjectKeyId = reader.string(); + break; + case 4: + message.serialNumber = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }, + + fromJSON(object: any): MsgRemoveNocX509IcaCert { + return { + signer: isSet(object.signer) ? String(object.signer) : "", + subject: isSet(object.subject) ? String(object.subject) : "", + subjectKeyId: isSet(object.subjectKeyId) ? String(object.subjectKeyId) : "", + serialNumber: isSet(object.serialNumber) ? String(object.serialNumber) : "", + }; + }, + + toJSON(message: MsgRemoveNocX509IcaCert): unknown { + const obj: any = {}; + message.signer !== undefined && (obj.signer = message.signer); + message.subject !== undefined && (obj.subject = message.subject); + message.subjectKeyId !== undefined && (obj.subjectKeyId = message.subjectKeyId); + message.serialNumber !== undefined && (obj.serialNumber = message.serialNumber); + return obj; + }, + + fromPartial, I>>(object: I): MsgRemoveNocX509IcaCert { + const message = createBaseMsgRemoveNocX509IcaCert(); + message.signer = object.signer ?? ""; + message.subject = object.subject ?? ""; + message.subjectKeyId = object.subjectKeyId ?? ""; + message.serialNumber = object.serialNumber ?? ""; + return message; + }, +}; + +function createBaseMsgRemoveNocX509IcaCertResponse(): MsgRemoveNocX509IcaCertResponse { + return {}; +} + +export const MsgRemoveNocX509IcaCertResponse = { + encode(_: MsgRemoveNocX509IcaCertResponse, writer: _m0.Writer = _m0.Writer.create()): _m0.Writer { + return writer; + }, + + decode(input: _m0.Reader | Uint8Array, length?: number): MsgRemoveNocX509IcaCertResponse { + const reader = input instanceof _m0.Reader ? input : new _m0.Reader(input); + let end = length === undefined ? reader.len : reader.pos + length; + const message = createBaseMsgRemoveNocX509IcaCertResponse(); + while (reader.pos < end) { + const tag = reader.uint32(); + switch (tag >>> 3) { + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }, + + fromJSON(_: any): MsgRemoveNocX509IcaCertResponse { + return {}; + }, + + toJSON(_: MsgRemoveNocX509IcaCertResponse): unknown { + const obj: any = {}; + return obj; + }, + + fromPartial, I>>(_: I): MsgRemoveNocX509IcaCertResponse { + const message = createBaseMsgRemoveNocX509IcaCertResponse(); + return message; + }, +}; + /** Msg defines the Msg service. */ export interface Msg { ProposeAddX509RootCert(request: MsgProposeAddX509RootCert): Promise; @@ -2544,8 +2669,9 @@ export interface Msg { RemoveX509Cert(request: MsgRemoveX509Cert): Promise; AddNocX509IcaCert(request: MsgAddNocX509IcaCert): Promise; RevokeNocX509RootCert(request: MsgRevokeNocX509RootCert): Promise; - /** this line is used by starport scaffolding # proto/tx/rpc */ RevokeNocX509IcaCert(request: MsgRevokeNocX509IcaCert): Promise; + /** this line is used by starport scaffolding # proto/tx/rpc */ + RemoveNocX509IcaCert(request: MsgRemoveNocX509IcaCert): Promise; } export class MsgClientImpl implements Msg { @@ -2568,6 +2694,7 @@ export class MsgClientImpl implements Msg { this.AddNocX509IcaCert = this.AddNocX509IcaCert.bind(this); this.RevokeNocX509RootCert = this.RevokeNocX509RootCert.bind(this); this.RevokeNocX509IcaCert = this.RevokeNocX509IcaCert.bind(this); + this.RemoveNocX509IcaCert = this.RemoveNocX509IcaCert.bind(this); } ProposeAddX509RootCert(request: MsgProposeAddX509RootCert): Promise { const data = MsgProposeAddX509RootCert.encode(request).finish(); @@ -2710,6 +2837,16 @@ export class MsgClientImpl implements Msg { ); return promise.then((data) => MsgRevokeNocX509IcaCertResponse.decode(new _m0.Reader(data))); } + + RemoveNocX509IcaCert(request: MsgRemoveNocX509IcaCert): Promise { + const data = MsgRemoveNocX509IcaCert.encode(request).finish(); + const promise = this.rpc.request( + "zigbeealliance.distributedcomplianceledger.pki.Msg", + "RemoveNocX509IcaCert", + data, + ); + return promise.then((data) => MsgRemoveNocX509IcaCertResponse.decode(new _m0.Reader(data))); + } } interface Rpc { diff --git a/vue/package.json b/vue/package.json index 65d69f193..17795d32f 100644 --- a/vue/package.json +++ b/vue/package.json @@ -1,5 +1,5 @@ { - "author": "Tendermint, Inc \u003chello@tendermint.com\u003e", + "author": "Tendermint, Inc ", "dependencies": { "@cosmjs/launchpad": "0.25.0", "@cosmjs/proto-signing": "0.25.0", @@ -42,7 +42,7 @@ "dev": "vue-cli-service serve", "lint": "vue-cli-service lint", "serve": "vue-cli-service serve --mode=production", - "test": "echo \"Error: run tests from root\" \u0026\u0026 exit 1" + "test": "echo \"Error: run tests from root\" && exit 1" }, "version": "0.1.53" } diff --git a/vue/src/store/generated/package.json b/vue/src/store/generated/package.json index 0cdaabe7a..df5ed5909 100644 --- a/vue/src/store/generated/package.json +++ b/vue/src/store/generated/package.json @@ -1,8 +1,13 @@ { - "name": "zigbee-alliance-distributed-compliance-ledger-js", - "version": "0.1.0", - "description": "Autogenerated cosmos modules vuex store", - "author": "Starport Codegen ", + "author": "Ignite Codegen ", + "dependencies": { + "buffer": "^6.0.3", + "zigbee-alliance-distributed-compliance-ledger-client-ts": "file:../../../../ts-client" + }, + "description": "Autogenerated Vuex Stores", + "devDependencies": { + "typescript": "^4.8.4" + }, "license": "Apache-2.0", "licenses": [ { @@ -10,8 +15,20 @@ "url": "http://www.apache.org/licenses/LICENSE-2.0" } ], - "main": "index.js", + "main": "./lib/index.js", + "name": "zigbee-alliance-distributed-compliance-ledger-vuex", + "peerDependencies": { + "@cosmjs/proto-signing": "0.27.0", + "@cosmjs/stargate": "0.27.0", + "vue": "3.2.31" + }, "publishConfig": { "access": "public" - } -} \ No newline at end of file + }, + "scripts": { + "build": "tsc", + "postinstall": "node postinstall.js", + "prepublishOnly": "node local-check.js && tsc" + }, + "version": "0.0.1" +} diff --git a/x/pki/client/cli/tx.go b/x/pki/client/cli/tx.go index 6806eabdb..8a6a81840 100644 --- a/x/pki/client/cli/tx.go +++ b/x/pki/client/cli/tx.go @@ -38,6 +38,7 @@ func GetTxCmd() *cobra.Command { cmd.AddCommand(CmdAddNocX509IcaCert()) cmd.AddCommand(CmdRevokeNocX509RootCert()) cmd.AddCommand(CmdRevokeNocX509IcaCert()) + cmd.AddCommand(CmdRemoveNocX509IcaCert()) // this line is used by starport scaffolding # 1 return cmd diff --git a/x/pki/client/cli/tx_remove_noc_x_509_ica_cert.go b/x/pki/client/cli/tx_remove_noc_x_509_ica_cert.go new file mode 100644 index 000000000..896dac282 --- /dev/null +++ b/x/pki/client/cli/tx_remove_noc_x_509_ica_cert.go @@ -0,0 +1,59 @@ +package cli + +import ( + "strconv" + + "github.com/cosmos/cosmos-sdk/client" + "github.com/cosmos/cosmos-sdk/client/flags" + "github.com/cosmos/cosmos-sdk/client/tx" + "github.com/spf13/cobra" + "github.com/spf13/viper" + + "github.com/zigbee-alliance/distributed-compliance-ledger/utils/cli" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" +) + +var _ = strconv.Itoa(0) + +func CmdRemoveNocX509IcaCert() *cobra.Command { + cmd := &cobra.Command{ + Use: "remove-noc-x509-ica-cert", + Short: "Removes the given NOC ICA intermediate or leaf certificate.", + Args: cobra.ExactArgs(0), + RunE: func(cmd *cobra.Command, args []string) (err error) { + clientCtx, err := client.GetClientTxContext(cmd) + if err != nil { + return err + } + + subject := viper.GetString(FlagSubject) + subjectKeyID := viper.GetString(FlagSubjectKeyID) + serialNumber := viper.GetString(FlagSerialNumber) + + msg := types.NewMsgRemoveNocX509IcaCert( + clientCtx.GetFromAddress().String(), + subject, + subjectKeyID, + serialNumber, + ) + // validate basic will be called in GenerateOrBroadcastTxCLI + err = tx.GenerateOrBroadcastTxCLI(clientCtx, cmd.Flags(), msg) + if cli.IsWriteInsteadReadRPCError(err) { + return clientCtx.PrintString(cli.LightClientProxyForWriteRequests) + } + + return err + }, + } + + cmd.Flags().StringP(FlagSubject, FlagSubjectShortcut, "", "Certificate's subject") + cmd.Flags().StringP(FlagSubjectKeyID, FlagSubjectKeyIDShortcut, "", "Certificate's subject key id (hex)") + cmd.Flags().StringP(FlagSerialNumber, FlagSerialNumberShortcut, "", "Certificate's serial number") + cli.AddTxFlagsToCmd(cmd) + + _ = cmd.MarkFlagRequired(FlagSubject) + _ = cmd.MarkFlagRequired(FlagSubjectKeyID) + _ = cmd.MarkFlagRequired(flags.FlagFrom) + + return cmd +} diff --git a/x/pki/handler.go b/x/pki/handler.go index 8f82eecce..44f713e4b 100644 --- a/x/pki/handler.go +++ b/x/pki/handler.go @@ -83,6 +83,10 @@ func NewHandler(k keeper.Keeper) sdk.Handler { case *types.MsgRevokeNocX509IcaCert: res, err := msgServer.RevokeNocX509IcaCert(sdk.WrapSDKContext(ctx), msg) + return sdk.WrapServiceResult(ctx, res, err) + case *types.MsgRemoveNocX509IcaCert: + res, err := msgServer.RemoveNocX509IcaCert(sdk.WrapSDKContext(ctx), msg) + return sdk.WrapServiceResult(ctx, res, err) // this line is used by starport scaffolding # 1 default: diff --git a/x/pki/handler_remove_noc_ica_cert_test.go b/x/pki/handler_remove_noc_ica_cert_test.go new file mode 100644 index 000000000..965a5b8da --- /dev/null +++ b/x/pki/handler_remove_noc_ica_cert_test.go @@ -0,0 +1,508 @@ +package pki + +import ( + "testing" + + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + "github.com/stretchr/testify/require" + testconstants "github.com/zigbee-alliance/distributed-compliance-ledger/integration_tests/constants" + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + dclauthtypes "github.com/zigbee-alliance/distributed-compliance-ledger/x/dclauth/types" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" +) + +func TestHandler_RemoveNocX509IcaCert_BySubjectAndSKID(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // Add two intermediate certificates + addIcaCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + addIcaCert = types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1Copy, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err = setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + // Add a leaf certificate + addIcaLeafCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocLeafCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err = setup.Handler(setup.Ctx, addIcaLeafCert) + require.NoError(t, err) + + // get certificates for further comparison + allCerts := setup.Keeper.GetAllApprovedCertificates(setup.Ctx) + require.NotNil(t, allCerts) + require.Equal(t, 3, len(allCerts)) + require.Equal(t, 4, len(allCerts[0].Certs)+len(allCerts[1].Certs)+len(allCerts[2].Certs)) + + // remove all intermediate certificates but leave leaf certificate + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + "", + ) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.NoError(t, err) + + // check that only root and leaf certificates exists + allCerts, _ = queryAllApprovedCertificates(setup) + require.Equal(t, 2, len(allCerts)) + require.Equal(t, 2, len(allCerts[0].Certs)+len(allCerts[1].Certs)) + _, err = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + // check that unique certificates does not exists + found := setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1SerialNumber) + require.Equal(t, false, found) + found = setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1CopySerialNumber) + require.Equal(t, false, found) + + leafCerts, _ := queryApprovedCertificates(setup, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(t, 1, len(leafCerts.Certs)) + require.Equal(t, testconstants.NocLeafCert1SerialNumber, leafCerts.Certs[0].SerialNumber) + + // query noc certificate by VID + nocCertificates, err := queryNocCertificates(setup, vid) + require.NoError(t, err) + require.Equal(t, len(nocCertificates.Certs), 1) + require.Equal(t, testconstants.NocLeafCert1Subject, nocCertificates.Certs[0].Subject) + require.Equal(t, testconstants.NocLeafCert1SubjectKeyID, nocCertificates.Certs[0].SubjectKeyId) +} + +func TestHandler_RemoveNocX509IcaCert_BySerialNumber(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // Add ICA certificates + addIcaCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + // Add ICA certificates with sam subject and SKID but different serial number + addIcaCert = types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1Copy, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err = setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + // Add a leaf certificate + addIcaLeafCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocLeafCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err = setup.Handler(setup.Ctx, addIcaLeafCert) + require.NoError(t, err) + + intermediateCerts, _ := queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, 2, len(intermediateCerts.Certs)) + require.Equal(t, testconstants.NocCert1Subject, intermediateCerts.Certs[0].Subject) + require.Equal(t, testconstants.NocCert1SubjectKeyID, intermediateCerts.Certs[0].SubjectKeyId) + + // remove ICA certificate by serial number + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + testconstants.NocCert1SerialNumber, + ) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.NoError(t, err) + + // check that only root, intermediate(with serial number 3) and leaf certificates exists + allCerts, _ := queryAllApprovedCertificates(setup) + require.Equal(t, 3, len(allCerts)) + require.Equal(t, 3, len(allCerts[0].Certs)+len(allCerts[1].Certs)+len(allCerts[2].Certs)) + leafCerts, _ := queryApprovedCertificates(setup, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(t, 1, len(leafCerts.Certs)) + + intermediateCerts, _ = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, 1, len(intermediateCerts.Certs)) + require.Equal(t, testconstants.NocCert1CopySerialNumber, intermediateCerts.Certs[0].SerialNumber) + + // remove intermediate certificate by serial number and check that leaf cert is not removed + removeIcaCert = types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + testconstants.NocCert1CopySerialNumber, + ) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.NoError(t, err) + + allCerts, _ = queryAllApprovedCertificates(setup) + require.Equal(t, 2, len(allCerts)) + require.Equal(t, 2, len(allCerts[0].Certs)+len(allCerts[1].Certs)) + + _, err = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + + // check that unique certificates does not exists + found := setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1SerialNumber) + require.Equal(t, false, found) + found = setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1CopySerialNumber) + require.Equal(t, false, found) + + leafCerts, _ = queryApprovedCertificates(setup, testconstants.NocLeafCert1Subject, testconstants.NocLeafCert1SubjectKeyID) + require.Equal(t, 1, len(leafCerts.Certs)) + + // query noc certificate by VID + nocCertificates, err := queryNocCertificates(setup, vid) + require.NoError(t, err) + require.Equal(t, len(nocCertificates.Certs), 1) + require.Equal(t, testconstants.NocLeafCert1Subject, nocCertificates.Certs[0].Subject) + require.Equal(t, testconstants.NocLeafCert1SubjectKeyID, nocCertificates.Certs[0].SubjectKeyId) +} + +func TestHandler_RemoveNocX509IcaCert_RevokedAndApprovedCertificate(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // Add an intermediate certificate + addIcaCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + // get certificates for further comparison + allCerts := setup.Keeper.GetAllApprovedCertificates(setup.Ctx) + require.NotNil(t, allCerts) + require.Equal(t, 2, len(allCerts)) + require.Equal(t, 2, len(allCerts[0].Certs)+len(allCerts[1].Certs)) + + // revoke an intermediate certificate + revokeX509Cert := types.NewMsgRevokeNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + testconstants.NocCert1SerialNumber, + testconstants.Info, + false, + testconstants.SchemaVersion, + ) + _, err = setup.Handler(setup.Ctx, revokeX509Cert) + require.NoError(t, err) + + // Add an intermediate certificate with new serial number + addIcaCert = types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1Copy, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err = setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + intermediateCerts, _ := queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, 1, len(intermediateCerts.Certs)) + require.Equal(t, testconstants.NocCert1Subject, intermediateCerts.Certs[0].Subject) + require.Equal(t, testconstants.NocCert1SubjectKeyID, intermediateCerts.Certs[0].SubjectKeyId) + require.Equal(t, testconstants.NocCert1CopySerialNumber, intermediateCerts.Certs[0].SerialNumber) + + // remove an intermediate certificate + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + "", + ) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.NoError(t, err) + + // check that only root and leaf certificates exists + allCerts, _ = queryAllApprovedCertificates(setup) + require.Equal(t, 1, len(allCerts)) + require.Equal(t, true, allCerts[0].Certs[0].IsRoot) + _, err = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + _, err = queryRevokedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + + // check that unique certificates does not exists + found := setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1SerialNumber) + require.Equal(t, false, found) + found = setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1CopySerialNumber) + require.Equal(t, false, found) + + // query noc certificate by VID + _, err = queryNocCertificates(setup, vid) + require.Equal(t, codes.NotFound, status.Code(err)) +} + +func TestHandler_RemoveNocX509IcaCert_RevokedCertificate(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // Add an intermediate certificate + addIcaCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + intermediateCerts, _ := queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, 1, len(intermediateCerts.Certs)) + require.Equal(t, testconstants.NocCert1Subject, intermediateCerts.Certs[0].Subject) + require.Equal(t, testconstants.NocCert1SubjectKeyID, intermediateCerts.Certs[0].SubjectKeyId) + + // revoke intermediate certificate by serial number + revokeX509Cert := types.NewMsgRevokeNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + testconstants.NocCert1SerialNumber, + testconstants.Info, + false, + testconstants.SchemaVersion, + ) + _, err = setup.Handler(setup.Ctx, revokeX509Cert) + require.NoError(t, err) + + _, err = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + + revokedCerts, _ := queryRevokedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, 1, len(revokedCerts.Certs)) + require.Equal(t, testconstants.NocCert1Subject, revokedCerts.Certs[0].Subject) + require.Equal(t, testconstants.NocCert1SubjectKeyID, revokedCerts.Certs[0].SubjectKeyId) + + // remove intermediate certificate by serial number + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + testconstants.NocCert1SerialNumber, + ) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.NoError(t, err) + + allCerts, _ := queryAllApprovedCertificates(setup) + require.Equal(t, 1, len(allCerts)) + require.Equal(t, true, allCerts[0].Certs[0].IsRoot) + + _, err = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + _, err = queryRevokedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + + // check that unique certificate does not exists + found := setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, testconstants.NocCert1Issuer, testconstants.NocCert1SerialNumber) + require.Equal(t, false, found) + + // query noc certificate by VID + _, err = queryNocCertificates(setup, vid) + require.Equal(t, codes.NotFound, status.Code(err)) +} + +func TestHandler_RemoveNocX509IcaCert_ByNotOwnerButSameVendor(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // add first vendor account with VID = 1 + vendorAccAddress1 := GenerateAccAddress() + setup.AddAccount(vendorAccAddress1, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, testconstants.Vid) + + // add ICA certificate by fist vendor account + addIcaCert := types.NewMsgAddNocX509IcaCert(vendorAccAddress1.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addIcaCert) + require.NoError(t, err) + + // add second vendor account with VID = 1 + vendorAccAddress2 := GenerateAccAddress() + setup.AddAccount(vendorAccAddress2, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, testconstants.Vid) + + // remove x509 certificate by second vendor account + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress2.String(), + testconstants.NocCert1Subject, + testconstants.NocCert1SubjectKeyID, + testconstants.NocCert1SerialNumber, + ) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.NoError(t, err) + + // check that certificate removed from 'approved certificates' list + _, err = queryApprovedCertificates(setup, testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID) + require.Error(t, err) + require.Equal(t, codes.NotFound, status.Code(err)) + + // check that certificate removed from 'approved certificates by subject' list + _, err = queryApprovedCertificatesBySubject(setup, testconstants.NocCert1Subject) + require.Error(t, err) + require.Equal(t, codes.NotFound, status.Code(err)) + + // check that certificate removed from 'approved certificates by SKID' list + approvedCerts, err := queryAllApprovedCertificatesBySubjectKeyID(setup, testconstants.NocCert1SubjectKeyID) + require.NoError(t, err) + require.Equal(t, 0, len(approvedCerts)) + + // query noc certificate by VID + _, err = queryNocCertificates(setup, vid) + require.Equal(t, codes.NotFound, status.Code(err)) + + // check that unique certificate key is not registered + require.False(t, setup.Keeper.IsUniqueCertificatePresent(setup.Ctx, + testconstants.NocCert1Issuer, testconstants.NocCert1SerialNumber)) +} + +func TestHandler_RemoveNocX509IcaCert_CertificateDoesNotExist(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID, testconstants.NocCert1SerialNumber) + _, err := setup.Handler(setup.Ctx, removeIcaCert) + require.Error(t, err) + require.True(t, pkitypes.ErrCertificateDoesNotExist.Is(err)) +} + +func TestHandler_RemoveNocX509IcaCert_EmptyCertificatesList(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + setup.Keeper.SetNocIcaCertificates( + setup.Ctx, + types.NocIcaCertificates{ + Vid: vid, + }, + ) + + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID, "") + _, err := setup.Handler(setup.Ctx, removeIcaCert) + require.Error(t, err) + require.True(t, pkitypes.ErrCertificateDoesNotExist.Is(err)) +} + +func TestHandler_RemoveNocX509IcaCert_ByOtherVendor(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // add fist vendor account with VID = 1 + vendorAccAddress1 := GenerateAccAddress() + setup.AddAccount(vendorAccAddress1, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, testconstants.Vid) + + // add x509 certificate by `setup.Trustee` + addX509Cert := types.NewMsgAddNocX509IcaCert(vendorAccAddress1.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addX509Cert) + require.NoError(t, err) + + // add second vendor account with VID = 1000 + vendorAccAddress2 := GenerateAccAddress() + setup.AddAccount(vendorAccAddress2, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, testconstants.VendorID1) + + // remove ICA certificate by second vendor account + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress2.String(), testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID, testconstants.NocCert1SerialNumber) + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.Error(t, err) + require.True(t, pkitypes.ErrCertificateDoesNotExist.Is(err)) +} + +func TestHandler_RemoveNocX509IcaCert_SenderNotVendor(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // add x509 certificate + addX509Cert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addX509Cert) + require.NoError(t, err) + + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + setup.Trustee1.String(), testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID, "") + _, err = setup.Handler(setup.Ctx, removeIcaCert) + require.Error(t, err) + require.True(t, sdkerrors.ErrUnauthorized.Is(err)) +} + +func TestHandler_RemoveNocX509IcaCert_ForNonIcaCertificate(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, testconstants.Vid) + + setup.Keeper.SetRevokedCertificates( + setup.Ctx, + types.RevokedCertificates{ + Subject: testconstants.IntermediateSubject, + SubjectKeyId: testconstants.IntermediateSubjectKeyID, + Certs: []*types.Certificate{{IsNoc: false}}, + }, + ) + + removeIcaCert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), testconstants.IntermediateSubject, testconstants.IntermediateSubjectKeyID, "") + _, err := setup.Handler(setup.Ctx, removeIcaCert) + require.Error(t, err) + require.True(t, pkitypes.ErrInappropriateCertificateType.Is(err)) +} + +func TestHandler_RemoveNocX509IcaCert_InvalidSerialNumber(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + addX509Cert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addX509Cert) + require.NoError(t, err) + + removeX509Cert := types.NewMsgRemoveNocX509IcaCert( + vendorAccAddress.String(), testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID, "invalid") + _, err = setup.Handler(setup.Ctx, removeX509Cert) + require.Error(t, err) + require.True(t, pkitypes.ErrCertificateDoesNotExist.Is(err)) +} diff --git a/x/pki/handler_remove_non_root_cert_test.go b/x/pki/handler_remove_non_root_cert_test.go index b25e48760..f28486299 100644 --- a/x/pki/handler_remove_non_root_cert_test.go +++ b/x/pki/handler_remove_non_root_cert_test.go @@ -481,3 +481,26 @@ func TestHandler_RemoveX509Cert_BySubjectAndSKID(t *testing.T) { require.Equal(t, 1, len(leafCerts.Certs)) require.Equal(t, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber, leafCerts.Certs[0].SerialNumber) } + +func TestHandler_RemoveX509Cert_ForNocIcaCertificate(t *testing.T) { + setup := Setup(t) + + // Add vendor account + vid := testconstants.Vid + vendorAccAddress := GenerateAccAddress() + setup.AddAccount(vendorAccAddress, []dclauthtypes.AccountRole{dclauthtypes.Vendor}, vid) + + // add NOC root certificate + addNocRootCertificate(setup, vendorAccAddress, testconstants.NocRootCert1, vid) + + // Add ICA certificate + addX509Cert := types.NewMsgAddNocX509IcaCert(vendorAccAddress.String(), testconstants.NocCert1, testconstants.CertSchemaVersion, testconstants.SchemaVersion) + _, err := setup.Handler(setup.Ctx, addX509Cert) + require.NoError(t, err) + + removeX509Cert := types.NewMsgRemoveX509Cert( + vendorAccAddress.String(), testconstants.NocCert1Subject, testconstants.NocCert1SubjectKeyID, testconstants.NocCert1SerialNumber) + _, err = setup.Handler(setup.Ctx, removeX509Cert) + require.Error(t, err) + require.True(t, pkitypes.ErrInappropriateCertificateType.Is(err)) +} diff --git a/x/pki/keeper/keeper.go b/x/pki/keeper/keeper.go index 312571cc9..ef970a067 100644 --- a/x/pki/keeper/keeper.go +++ b/x/pki/keeper/keeper.go @@ -116,3 +116,14 @@ func filterCertificates(certificates *[]*types.Certificate, predicate Certificat return result } + +func (k msgServer) removeApprovedX509Cert(ctx sdk.Context, certID types.CertificateIdentifier, certificates *types.ApprovedCertificates, serialNumber string) { + if len(certificates.Certs) == 0 { + k.RemoveApprovedCertificates(ctx, certID.Subject, certID.SubjectKeyId) + k.RemoveApprovedCertificateBySubject(ctx, certID.Subject, certID.SubjectKeyId) + k.RemoveApprovedCertificatesBySubjectKeyID(ctx, certID.Subject, certID.SubjectKeyId) + } else { + k.SetApprovedCertificates(ctx, *certificates) + k.RemoveApprovedCertificatesBySubjectKeyIDAndSerialNumber(ctx, certID.Subject, certID.SubjectKeyId, serialNumber) + } +} diff --git a/x/pki/keeper/msg_server_remove_noc_x_509_ica_cert.go b/x/pki/keeper/msg_server_remove_noc_x_509_ica_cert.go new file mode 100644 index 000000000..4d0a01022 --- /dev/null +++ b/x/pki/keeper/msg_server_remove_noc_x_509_ica_cert.go @@ -0,0 +1,90 @@ +package keeper + +import ( + "context" + + sdk "github.com/cosmos/cosmos-sdk/types" + + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + dclauthtypes "github.com/zigbee-alliance/distributed-compliance-ledger/x/dclauth/types" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" +) + +func (k msgServer) RemoveNocX509IcaCert(goCtx context.Context, msg *types.MsgRemoveNocX509IcaCert) (*types.MsgRemoveNocX509IcaCertResponse, error) { + ctx := sdk.UnwrapSDKContext(goCtx) + + signerAddr, err := sdk.AccAddressFromBech32(msg.Signer) + if err != nil { + return nil, pkitypes.NewErrInvalidAddress(err) + } + + // check if signer has vendor role + if !k.dclauthKeeper.HasRole(ctx, signerAddr, dclauthtypes.Vendor) { + return nil, pkitypes.NewErrUnauthorizedRole("MsgRemoveNocX509IcaCert", dclauthtypes.Vendor) + } + + signerAccount, _ := k.dclauthKeeper.GetAccountO(ctx, signerAddr) + accountVid := signerAccount.VendorID + + icaCerts, foundActive := k.GetNocIcaCertificatesBySubjectAndSKID(ctx, accountVid, msg.Subject, msg.SubjectKeyId) + revCerts, foundRevoked := k.GetRevokedCertificates(ctx, msg.Subject, msg.SubjectKeyId) + certificates := icaCerts.Certs + certificates = append(certificates, revCerts.Certs...) + if len(certificates) == 0 { + return nil, pkitypes.NewErrCertificateDoesNotExist(msg.Subject, msg.SubjectKeyId) + } + + // Existing certificate must be NOC certificate + if !certificates[0].IsNoc { + return nil, pkitypes.NewErrProvidedNocCertButExistingNotNoc(msg.Subject, msg.SubjectKeyId) + } + + if err = k.EnsureVidMatches(ctx, certificates[0].Owner, msg.Signer); err != nil { + return nil, err + } + + certID := types.CertificateIdentifier{ + Subject: msg.Subject, + SubjectKeyId: msg.SubjectKeyId, + } + + if msg.SerialNumber != "" { + certBySerialNumber, found := findCertificate(msg.SerialNumber, &certificates) + if !found { + return nil, pkitypes.NewErrCertificateBySerialNumberDoesNotExist(msg.Subject, msg.SubjectKeyId, msg.SerialNumber) + } + + // remove from subject with serialNumber map + k.RemoveUniqueCertificate(ctx, certBySerialNumber.Issuer, certBySerialNumber.SerialNumber) + + if foundActive { + // Remove from Approved lists + aprCerts, _ := k.GetApprovedCertificates(ctx, msg.Subject, msg.SubjectKeyId) + removeCertFromList(certBySerialNumber.Issuer, certBySerialNumber.SerialNumber, &aprCerts.Certs) + k.removeApprovedX509Cert(ctx, certID, &aprCerts, msg.SerialNumber) + + // Remove from ICA lists + k.RemoveNocIcaCertificateBySerialNumber(ctx, icaCerts.Vid, certID.Subject, certID.SubjectKeyId, msg.SerialNumber) + } + if foundRevoked { + removeCertFromList(certBySerialNumber.Issuer, certBySerialNumber.SerialNumber, &revCerts.Certs) + k.removeOrUpdateRevokedX509Cert(ctx, certID, &revCerts) + } + } else { + k.RemoveNocIcaCertificate(ctx, certID.Subject, certID.SubjectKeyId, icaCerts.Vid) + // remove from approved list + k.RemoveApprovedCertificates(ctx, certID.Subject, certID.SubjectKeyId) + // remove from subject -> subject key ID map + k.RemoveApprovedCertificateBySubject(ctx, certID.Subject, certID.SubjectKeyId) + // remove from subject key ID -> certificates map + k.RemoveApprovedCertificatesBySubjectKeyID(ctx, certID.Subject, certID.SubjectKeyId) + // remove from revoked list + k.RemoveRevokedCertificates(ctx, certID.Subject, certID.SubjectKeyId) + // remove from subject with serialNumber map + for _, cert := range certificates { + k.RemoveUniqueCertificate(ctx, cert.Issuer, cert.SerialNumber) + } + } + + return &types.MsgRemoveNocX509IcaCertResponse{}, nil +} diff --git a/x/pki/keeper/msg_server_remove_x_509_cert.go b/x/pki/keeper/msg_server_remove_x_509_cert.go index 61608dcb8..811b49315 100644 --- a/x/pki/keeper/msg_server_remove_x_509_cert.go +++ b/x/pki/keeper/msg_server_remove_x_509_cert.go @@ -35,6 +35,11 @@ func (k msgServer) RemoveX509Cert(goCtx context.Context, msg *types.MsgRemoveX50 return nil, pkitypes.NewErrMessageExpectedNonRoot(msg.Subject, msg.SubjectKeyId) } + // Existing certificate must not be NOC certificate + if certificates[0].IsNoc { + return nil, pkitypes.NewErrProvidedNotNocCertButExistingNoc(msg.Subject, msg.SubjectKeyId) + } + if err := k.EnsureVidMatches(ctx, certificates[0].Owner, msg.Signer); err != nil { return nil, err } @@ -55,11 +60,11 @@ func (k msgServer) RemoveX509Cert(goCtx context.Context, msg *types.MsgRemoveX50 if foundApproved { removeCertFromList(certBySerialNumber.Issuer, certBySerialNumber.SerialNumber, &aprCerts.Certs) - k._removeApprovedX509Cert(ctx, certID, &aprCerts, msg.SerialNumber) + k.removeApprovedX509Cert(ctx, certID, &aprCerts, msg.SerialNumber) } if foundRevoked { removeCertFromList(certBySerialNumber.Issuer, certBySerialNumber.SerialNumber, &revCerts.Certs) - k._removeRevokedX509Cert(ctx, certID, &revCerts) + k.removeOrUpdateRevokedX509Cert(ctx, certID, &revCerts) } } else { k.RemoveApprovedCertificates(ctx, certID.Subject, certID.SubjectKeyId) @@ -77,25 +82,3 @@ func (k msgServer) RemoveX509Cert(goCtx context.Context, msg *types.MsgRemoveX50 return &types.MsgRemoveX509CertResponse{}, nil } - -func (k msgServer) _removeApprovedX509Cert(ctx sdk.Context, certID types.CertificateIdentifier, certificates *types.ApprovedCertificates, serialNumber string) { - if len(certificates.Certs) == 0 { - k.RemoveApprovedCertificates(ctx, certID.Subject, certID.SubjectKeyId) - k.RemoveApprovedCertificateBySubject(ctx, certID.Subject, certID.SubjectKeyId) - k.RemoveApprovedCertificatesBySubjectKeyID(ctx, certID.Subject, certID.SubjectKeyId) - } else { - k.SetApprovedCertificates(ctx, *certificates) - k.RemoveApprovedCertificatesBySubjectKeyIDAndSerialNumber(ctx, certID.Subject, certID.SubjectKeyId, serialNumber) - } -} - -func (k msgServer) _removeRevokedX509Cert(ctx sdk.Context, certID types.CertificateIdentifier, certificates *types.RevokedCertificates) { - if len(certificates.Certs) == 0 { - k.RemoveRevokedCertificates(ctx, certID.Subject, certID.SubjectKeyId) - } else { - k.SetRevokedCertificates( - ctx, - *certificates, - ) - } -} diff --git a/x/pki/keeper/noc_ica_certificates.go b/x/pki/keeper/noc_ica_certificates.go index 0f3e54f10..6a537fc7c 100644 --- a/x/pki/keeper/noc_ica_certificates.go +++ b/x/pki/keeper/noc_ica_certificates.go @@ -37,6 +37,30 @@ func (k Keeper) GetNocIcaCertificates( return val, true } +// GetNocIcaCertificatesBySubjectAndSKID returns a NocIcaCertificates by subject and SKID from its index. +func (k Keeper) GetNocIcaCertificatesBySubjectAndSKID( + ctx sdk.Context, + vid int32, + subject string, + subjectKeyID string, +) (types.NocIcaCertificates, bool) { + certs, found := k.GetNocIcaCertificates(ctx, vid) + if !found { + return certs, found + } + + for i := 0; i < len(certs.Certs); { + cert := certs.Certs[i] + if cert.Subject != subject || cert.SubjectKeyId != subjectKeyID { + certs.Certs = append(certs.Certs[:i], certs.Certs[i+1:]...) + } else { + i++ + } + } + + return certs, len(certs.Certs) > 0 +} + // AddNocIcaCertificates adds a NOC certificate to the list of NOC certificates for the VID map. func (k Keeper) AddNocIcaCertificate(ctx sdk.Context, nocIcaCertificates types.Certificate) { store := prefix.NewStore(ctx.KVStore(k.storeKey), pkitypes.KeyPrefix(types.NocIcaCertificatesKeyPrefix)) diff --git a/x/pki/keeper/revoked_certificates.go b/x/pki/keeper/revoked_certificates.go index 32ce3b6cf..279da9265 100644 --- a/x/pki/keeper/revoked_certificates.go +++ b/x/pki/keeper/revoked_certificates.go @@ -96,3 +96,14 @@ func (k Keeper) AddRevokedCertificates(ctx sdk.Context, approvedCertificates typ revokedCertificates.SubjectKeyId, ), b) } + +func (k msgServer) removeOrUpdateRevokedX509Cert(ctx sdk.Context, certID types.CertificateIdentifier, certificates *types.RevokedCertificates) { + if len(certificates.Certs) == 0 { + k.RemoveRevokedCertificates(ctx, certID.Subject, certID.SubjectKeyId) + } else { + k.SetRevokedCertificates( + ctx, + *certificates, + ) + } +} diff --git a/x/pki/module_simulation.go b/x/pki/module_simulation.go index d8ccf1755..c4dc498da 100644 --- a/x/pki/module_simulation.go +++ b/x/pki/module_simulation.go @@ -87,6 +87,10 @@ const ( // TODO: Determine the simulation weight value. defaultWeightMsgRevokeNocX509Cert int = 100 + opWeightMsgRemoveNocX509IcaCert = "op_weight_msg_remove_noc_x_509_ica_cert" + // TODO: Determine the simulation weight value. + defaultWeightMsgRemoveNocX509IcaCert int = 100 + // this line is used by starport scaffolding # simapp/module/const. ) @@ -291,6 +295,17 @@ func (am AppModule) WeightedOperations(simState module.SimulationState) []simtyp pkisimulation.SimulateMsgRevokeNocX509Cert(am.keeper), )) + var weightMsgRemoveNocX509IcaCert int + simState.AppParams.GetOrGenerate(simState.Cdc, opWeightMsgRemoveNocX509IcaCert, &weightMsgRemoveNocX509IcaCert, nil, + func(_ *rand.Rand) { + weightMsgRemoveNocX509IcaCert = defaultWeightMsgRemoveNocX509IcaCert + }, + ) + operations = append(operations, simulation.NewWeightedOperation( + weightMsgRemoveNocX509IcaCert, + pkisimulation.SimulateMsgRemoveNocX509IcaCert(am.keeper), + )) + // this line is used by starport scaffolding # simapp/module/operation return operations diff --git a/x/pki/simulation/remove_noc_x_509_ica_cert.go b/x/pki/simulation/remove_noc_x_509_ica_cert.go new file mode 100644 index 000000000..0372ea4df --- /dev/null +++ b/x/pki/simulation/remove_noc_x_509_ica_cert.go @@ -0,0 +1,28 @@ +package simulation + +import ( + "math/rand" + + "github.com/cosmos/cosmos-sdk/baseapp" + sdk "github.com/cosmos/cosmos-sdk/types" + simtypes "github.com/cosmos/cosmos-sdk/types/simulation" + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/keeper" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" +) + +func SimulateMsgRemoveNocX509IcaCert( + k keeper.Keeper, +) simtypes.Operation { + return func(r *rand.Rand, app *baseapp.BaseApp, ctx sdk.Context, accs []simtypes.Account, chainID string, + ) (simtypes.OperationMsg, []simtypes.FutureOperation, error) { + simAccount, _ := simtypes.RandomAcc(r, accs) + msg := &types.MsgRemoveNocX509IcaCert{ + Signer: simAccount.Address.String(), + } + + // TODO: Handling the RemoveNocX509IcaCert simulation + + return simtypes.NoOpMsg(pkitypes.ModuleName, msg.Type(), "RemoveNocX509IcaCert simulation not implemented"), nil, nil + } +} diff --git a/x/pki/types/codec.go b/x/pki/types/codec.go index a7c273a38..6722ff81a 100644 --- a/x/pki/types/codec.go +++ b/x/pki/types/codec.go @@ -24,6 +24,7 @@ func RegisterCodec(cdc *codec.LegacyAmino) { cdc.RegisterConcrete(&MsgAddNocX509IcaCert{}, "pki/AddNocX509Cert", nil) cdc.RegisterConcrete(&MsgRevokeNocX509RootCert{}, "pki/RevokeNocRootX509Cert", nil) cdc.RegisterConcrete(&MsgRevokeNocX509IcaCert{}, "pki/RevokeNocX509Cert", nil) + cdc.RegisterConcrete(&MsgRemoveNocX509IcaCert{}, "pki/RemoveNocX509IcaCert", nil) // this line is used by starport scaffolding # 2 } @@ -76,8 +77,13 @@ func RegisterInterfaces(registry cdctypes.InterfaceRegistry) { registry.RegisterImplementations((*sdk.Msg)(nil), &MsgRevokeNocX509IcaCert{}, ) + registry.RegisterImplementations((*sdk.Msg)(nil), + &MsgRemoveNocX509IcaCert{}, + ) // this line is used by starport scaffolding # 3 + msgservice.RegisterMsgServiceDesc(registry, &_Msg_serviceDesc) + msgservice.RegisterMsgServiceDesc(registry, &_Msg_serviceDesc) //nolint:nosnakecase } diff --git a/x/pki/types/message_remove_noc_x_509_ica_cert.go b/x/pki/types/message_remove_noc_x_509_ica_cert.go new file mode 100644 index 000000000..f85d0b00a --- /dev/null +++ b/x/pki/types/message_remove_noc_x_509_ica_cert.go @@ -0,0 +1,59 @@ +package types + +import ( + "cosmossdk.io/errors" + sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + "github.com/zigbee-alliance/distributed-compliance-ledger/utils/validator" +) + +const TypeMsgRemoveNocX509IcaCert = "remove_noc_x_509_ica_cert" + +var _ sdk.Msg = &MsgRemoveNocX509IcaCert{} + +func NewMsgRemoveNocX509IcaCert(signer string, subject string, subjectKeyID string, serialNumber string) *MsgRemoveNocX509IcaCert { + return &MsgRemoveNocX509IcaCert{ + Signer: signer, + Subject: subject, + SubjectKeyId: subjectKeyID, + SerialNumber: serialNumber, + } +} + +func (msg *MsgRemoveNocX509IcaCert) Route() string { + return pkitypes.RouterKey +} + +func (msg *MsgRemoveNocX509IcaCert) Type() string { + return TypeMsgRemoveNocX509IcaCert +} + +func (msg *MsgRemoveNocX509IcaCert) GetSigners() []sdk.AccAddress { + signer, err := sdk.AccAddressFromBech32(msg.Signer) + if err != nil { + panic(err) + } + + return []sdk.AccAddress{signer} +} + +func (msg *MsgRemoveNocX509IcaCert) GetSignBytes() []byte { + bz := ModuleCdc.MustMarshalJSON(msg) + + return sdk.MustSortJSON(bz) +} + +func (msg *MsgRemoveNocX509IcaCert) ValidateBasic() error { + _, err := sdk.AccAddressFromBech32(msg.Signer) + if err != nil { + return errors.Wrapf(sdkerrors.ErrInvalidAddress, "invalid signer address (%s)", err) + } + + err = validator.Validate(msg) + if err != nil { + return err + } + + return nil +} diff --git a/x/pki/types/message_remove_noc_x_509_ica_cert_test.go b/x/pki/types/message_remove_noc_x_509_ica_cert_test.go new file mode 100644 index 000000000..5f8579dff --- /dev/null +++ b/x/pki/types/message_remove_noc_x_509_ica_cert_test.go @@ -0,0 +1,105 @@ +package types + +import ( + "testing" + + tmrand "github.com/cometbft/cometbft/libs/rand" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + "github.com/stretchr/testify/require" + + testconstants "github.com/zigbee-alliance/distributed-compliance-ledger/integration_tests/constants" + "github.com/zigbee-alliance/distributed-compliance-ledger/testutil/sample" + "github.com/zigbee-alliance/distributed-compliance-ledger/utils/validator" +) + +func TestMsgRemoveNocX509IcaCert_ValidateBasic(t *testing.T) { + negativeTests := []struct { + name string + msg MsgRemoveNocX509IcaCert + err error + }{ + { + name: "invalid address", + msg: MsgRemoveNocX509IcaCert{ + Signer: "invalid_address", + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + err: sdkerrors.ErrInvalidAddress, + }, + { + name: "empty subject", + msg: MsgRemoveNocX509IcaCert{ + Signer: sample.AccAddress(), + Subject: "", + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + err: validator.ErrRequiredFieldMissing, + }, + { + name: "empty SubjectKeyId", + msg: MsgRemoveNocX509IcaCert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: "", + }, + err: validator.ErrRequiredFieldMissing, + }, + { + name: "subject len > 1024 (1 KB)", + msg: MsgRemoveNocX509IcaCert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject + tmrand.Str(1025-len(testconstants.RootSubject)), + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + err: validator.ErrFieldMaxLengthExceeded, + }, + { + name: "subject key id len > 256", + msg: MsgRemoveNocX509IcaCert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID + tmrand.Str(257-len(testconstants.RootSubjectKeyID)), + }, + err: validator.ErrFieldMaxLengthExceeded, + }, + } + + positiveTests := []struct { + name string + msg MsgRemoveNocX509IcaCert + }{ + { + name: "valid remove nocX509IcaCert msg", + msg: MsgRemoveNocX509IcaCert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + }, + { + name: "valid remove nocX509IcaCert msg with serial number", + msg: MsgRemoveNocX509IcaCert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID, + SerialNumber: testconstants.RootSerialNumber, + }, + }, + } + + for _, tt := range negativeTests { + t.Run(tt.name, func(t *testing.T) { + err := tt.msg.ValidateBasic() + require.Error(t, err) + require.ErrorIs(t, err, tt.err) + }) + } + + for _, tt := range positiveTests { + t.Run(tt.name, func(t *testing.T) { + err := tt.msg.ValidateBasic() + require.NoError(t, err) + }) + } +} diff --git a/x/pki/types/tx.pb.go b/x/pki/types/tx.pb.go index 37dccfaa6..aad2d6af3 100644 --- a/x/pki/types/tx.pb.go +++ b/x/pki/types/tx.pb.go @@ -2053,6 +2053,110 @@ func (m *MsgRevokeNocX509IcaCertResponse) XXX_DiscardUnknown() { var xxx_messageInfo_MsgRevokeNocX509IcaCertResponse proto.InternalMessageInfo +type MsgRemoveNocX509IcaCert struct { + Signer string `protobuf:"bytes,1,opt,name=signer,proto3" json:"signer,omitempty" validate:"required"` + Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty" validate:"required,max=1024"` + SubjectKeyId string `protobuf:"bytes,3,opt,name=subjectKeyId,proto3" json:"subjectKeyId,omitempty" validate:"required,max=256"` + SerialNumber string `protobuf:"bytes,4,opt,name=serialNumber,proto3" json:"serialNumber,omitempty"` +} + +func (m *MsgRemoveNocX509IcaCert) Reset() { *m = MsgRemoveNocX509IcaCert{} } +func (m *MsgRemoveNocX509IcaCert) String() string { return proto.CompactTextString(m) } +func (*MsgRemoveNocX509IcaCert) ProtoMessage() {} +func (*MsgRemoveNocX509IcaCert) Descriptor() ([]byte, []int) { + return fileDescriptor_3047b9df3153e42a, []int{32} +} +func (m *MsgRemoveNocX509IcaCert) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MsgRemoveNocX509IcaCert) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MsgRemoveNocX509IcaCert.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MsgRemoveNocX509IcaCert) XXX_Merge(src proto.Message) { + xxx_messageInfo_MsgRemoveNocX509IcaCert.Merge(m, src) +} +func (m *MsgRemoveNocX509IcaCert) XXX_Size() int { + return m.Size() +} +func (m *MsgRemoveNocX509IcaCert) XXX_DiscardUnknown() { + xxx_messageInfo_MsgRemoveNocX509IcaCert.DiscardUnknown(m) +} + +var xxx_messageInfo_MsgRemoveNocX509IcaCert proto.InternalMessageInfo + +func (m *MsgRemoveNocX509IcaCert) GetSigner() string { + if m != nil { + return m.Signer + } + return "" +} + +func (m *MsgRemoveNocX509IcaCert) GetSubject() string { + if m != nil { + return m.Subject + } + return "" +} + +func (m *MsgRemoveNocX509IcaCert) GetSubjectKeyId() string { + if m != nil { + return m.SubjectKeyId + } + return "" +} + +func (m *MsgRemoveNocX509IcaCert) GetSerialNumber() string { + if m != nil { + return m.SerialNumber + } + return "" +} + +type MsgRemoveNocX509IcaCertResponse struct { +} + +func (m *MsgRemoveNocX509IcaCertResponse) Reset() { *m = MsgRemoveNocX509IcaCertResponse{} } +func (m *MsgRemoveNocX509IcaCertResponse) String() string { return proto.CompactTextString(m) } +func (*MsgRemoveNocX509IcaCertResponse) ProtoMessage() {} +func (*MsgRemoveNocX509IcaCertResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_3047b9df3153e42a, []int{33} +} +func (m *MsgRemoveNocX509IcaCertResponse) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MsgRemoveNocX509IcaCertResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MsgRemoveNocX509IcaCertResponse.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MsgRemoveNocX509IcaCertResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_MsgRemoveNocX509IcaCertResponse.Merge(m, src) +} +func (m *MsgRemoveNocX509IcaCertResponse) XXX_Size() int { + return m.Size() +} +func (m *MsgRemoveNocX509IcaCertResponse) XXX_DiscardUnknown() { + xxx_messageInfo_MsgRemoveNocX509IcaCertResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_MsgRemoveNocX509IcaCertResponse proto.InternalMessageInfo + func init() { proto.RegisterType((*MsgProposeAddX509RootCert)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCert") proto.RegisterType((*MsgProposeAddX509RootCertResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCertResponse") @@ -2086,6 +2190,8 @@ func init() { proto.RegisterType((*MsgRevokeNocX509RootCertResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509RootCertResponse") proto.RegisterType((*MsgRevokeNocX509IcaCert)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509IcaCert") proto.RegisterType((*MsgRevokeNocX509IcaCertResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocX509IcaCertResponse") + proto.RegisterType((*MsgRemoveNocX509IcaCert)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRemoveNocX509IcaCert") + proto.RegisterType((*MsgRemoveNocX509IcaCertResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRemoveNocX509IcaCertResponse") } func init() { @@ -2093,102 +2199,104 @@ func init() { } var fileDescriptor_3047b9df3153e42a = []byte{ - // 1517 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x5a, 0xcd, 0x6f, 0xd4, 0x46, - 0x14, 0xc7, 0xfb, 0x91, 0x8f, 0x97, 0x10, 0x89, 0x69, 0x08, 0xc6, 0xd0, 0xdd, 0xc5, 0x20, 0x88, - 0xd4, 0x64, 0x37, 0x04, 0x36, 0x7c, 0xa8, 0xb4, 0x4a, 0xd8, 0x02, 0x11, 0x09, 0x4d, 0x1d, 0xa0, - 0x55, 0x55, 0x15, 0x79, 0xd7, 0x83, 0x99, 0xc6, 0xbb, 0x76, 0x6d, 0x6f, 0x44, 0xb8, 0xf5, 0x2f, - 0x28, 0x52, 0xd5, 0x6b, 0x6f, 0x6d, 0x25, 0xa4, 0x22, 0xaa, 0x7e, 0x5c, 0x7b, 0xed, 0xa5, 0x12, - 0xea, 0xa5, 0x3d, 0xad, 0x10, 0x5c, 0x2a, 0xf5, 0xb6, 0xf7, 0x4a, 0x95, 0x3f, 0x76, 0x1c, 0xef, - 0xda, 0xc9, 0xae, 0xd7, 0xa9, 0x20, 0xcd, 0x6d, 0x3d, 0x3b, 0xef, 0x37, 0x33, 0xef, 0xf7, 0x7b, - 0xe3, 0x79, 0x6f, 0x0c, 0xe7, 0x1e, 0x10, 0xb9, 0x8c, 0xb1, 0xa8, 0x28, 0x44, 0xac, 0x55, 0x70, - 0x41, 0x22, 0x86, 0xa9, 0x93, 0x72, 0xdd, 0xc4, 0x52, 0x45, 0xad, 0x6a, 0x4e, 0xab, 0x82, 0x25, - 0x19, 0xeb, 0x05, 0x6d, 0x8d, 0x14, 0xcc, 0xfb, 0x79, 0x4d, 0x57, 0x4d, 0x15, 0xe5, 0xfd, 0x86, - 0xf9, 0x2d, 0x0c, 0xf3, 0xda, 0x1a, 0xe1, 0x0e, 0x57, 0x54, 0xa3, 0xaa, 0x1a, 0x77, 0x6c, 0xeb, - 0x82, 0xf3, 0xe0, 0x40, 0x71, 0xe3, 0xb2, 0x2a, 0xab, 0x4e, 0xbb, 0xf5, 0xcb, 0x69, 0xe5, 0x1f, - 0x27, 0xe1, 0xf0, 0xb2, 0x21, 0xaf, 0xe8, 0xaa, 0xa6, 0x1a, 0x78, 0x5e, 0x92, 0x3e, 0x28, 0xce, - 0x5c, 0x10, 0x54, 0xd5, 0xbc, 0x8c, 0x75, 0x13, 0x5d, 0x85, 0x01, 0x83, 0xc8, 0x35, 0xac, 0xb3, - 0x4c, 0x8e, 0x99, 0x1c, 0x5e, 0x28, 0x34, 0x1b, 0xd9, 0xd7, 0xd6, 0x45, 0x85, 0x48, 0xa2, 0x89, - 0x2f, 0xf2, 0x3a, 0xfe, 0xb4, 0x4e, 0x74, 0x2c, 0xf1, 0xbf, 0xff, 0x38, 0x3d, 0xee, 0x0e, 0x36, - 0x2f, 0x49, 0x3a, 0x36, 0x8c, 0x55, 0x53, 0x27, 0x35, 0x59, 0x70, 0xcd, 0xd1, 0x79, 0x48, 0x55, - 0xb0, 0x6e, 0xb2, 0x09, 0x1b, 0xe6, 0x44, 0xb3, 0x91, 0xcd, 0x75, 0xc2, 0x4c, 0x55, 0xc5, 0xfb, - 0x97, 0x4e, 0xcf, 0x9c, 0x3d, 0x5f, 0x3c, 0x37, 0x37, 0xc3, 0x0b, 0xb6, 0x05, 0x7a, 0x03, 0x52, - 0xa4, 0x76, 0x57, 0x65, 0x93, 0xb6, 0xe5, 0x21, 0xff, 0x04, 0x2c, 0x83, 0xb3, 0x33, 0x17, 0xe6, - 0x78, 0xc1, 0xee, 0x84, 0x10, 0xa4, 0x4c, 0x52, 0xc5, 0x6c, 0x2a, 0xc7, 0x4c, 0x26, 0x05, 0xfb, - 0x37, 0xba, 0x00, 0xc9, 0x75, 0x22, 0xb1, 0xe9, 0x1c, 0x33, 0x99, 0x5e, 0x38, 0xd5, 0x6c, 0x64, - 0x8f, 0x7b, 0xf6, 0xb2, 0x89, 0x2f, 0x9d, 0x9e, 0x52, 0x4c, 0x7c, 0x69, 0xae, 0x58, 0x3c, 0x53, - 0x9c, 0xa2, 0x0b, 0x12, 0x2c, 0x1b, 0xb4, 0x04, 0x07, 0xac, 0x39, 0xac, 0x56, 0xee, 0xe1, 0xaa, - 0x78, 0x1b, 0xeb, 0x06, 0x51, 0x6b, 0xec, 0x40, 0x8e, 0x99, 0xdc, 0xbf, 0x90, 0x69, 0x36, 0xb2, - 0x9c, 0x1f, 0x68, 0xc6, 0x03, 0xe2, 0x85, 0x4e, 0x43, 0x54, 0x82, 0xfd, 0x86, 0x0f, 0x69, 0xb0, - 0x2b, 0x24, 0xbf, 0x11, 0x7f, 0x1c, 0x8e, 0x85, 0xf2, 0x25, 0x60, 0x43, 0x53, 0x6b, 0x06, 0xe6, - 0xbf, 0x49, 0xd8, 0xac, 0xce, 0x6b, 0x9a, 0xae, 0xae, 0xef, 0x1c, 0xab, 0x17, 0x61, 0xd0, 0xa8, - 0x97, 0x3f, 0xc1, 0x95, 0x16, 0xb1, 0xb9, 0x66, 0x23, 0x7b, 0x34, 0x94, 0xd8, 0xd9, 0xb3, 0xbc, - 0xd0, 0x32, 0x40, 0x97, 0x61, 0xd4, 0xfd, 0x79, 0x1d, 0x6f, 0x2c, 0x4a, 0x2e, 0xbf, 0xd9, 0x66, - 0x23, 0x7b, 0x24, 0x04, 0x60, 0xb6, 0x38, 0xc7, 0x0b, 0x3e, 0x23, 0x2a, 0x8e, 0x54, 0x2f, 0xe2, - 0x48, 0x7b, 0xe2, 0x70, 0xbd, 0x19, 0xec, 0x27, 0xea, 0xcd, 0xbf, 0x12, 0x30, 0x66, 0xf5, 0x72, - 0xfe, 0xde, 0x35, 0x81, 0x11, 0xa8, 0xee, 0x74, 0x6c, 0xea, 0x1e, 0x88, 0xa2, 0x6e, 0x16, 0x26, - 0xfc, 0x9e, 0xa6, 0x24, 0xfc, 0x94, 0x84, 0xa3, 0x9e, 0xf0, 0x05, 0xbc, 0xae, 0xae, 0xe1, 0x3d, - 0x55, 0x07, 0xaa, 0x1a, 0xf1, 0x30, 0x6a, 0x60, 0x9d, 0x88, 0xca, 0x8d, 0x7a, 0xb5, 0x8c, 0x75, - 0x9b, 0x8a, 0x61, 0xc1, 0xd7, 0x86, 0x72, 0x30, 0xa2, 0xdb, 0x4e, 0xbc, 0x7c, 0x8f, 0x28, 0x92, - 0xbd, 0x17, 0x0d, 0x09, 0x9b, 0x9b, 0x3a, 0x19, 0x1d, 0x8a, 0xc2, 0xe8, 0x49, 0x38, 0xb1, 0x15, - 0x6d, 0x94, 0xdf, 0xdf, 0x12, 0x36, 0xbf, 0x6e, 0x28, 0xfe, 0x2f, 0xf8, 0x4d, 0xf7, 0xc2, 0xef, - 0xc0, 0x16, 0xfc, 0x0e, 0x76, 0xf2, 0xeb, 0xfa, 0x3d, 0xd4, 0x9d, 0xd4, 0xef, 0x8f, 0x92, 0x70, - 0x60, 0xd9, 0x90, 0xbd, 0x1e, 0x7b, 0xc1, 0xf4, 0xf2, 0x06, 0xd3, 0x11, 0xfb, 0xb5, 0xee, 0xe7, - 0x8a, 0x32, 0xf9, 0x77, 0x02, 0x58, 0xfb, 0x5f, 0x6b, 0xf1, 0x7b, 0xef, 0xfc, 0x50, 0x42, 0xe3, - 0x79, 0x53, 0xf1, 0x90, 0x0b, 0x73, 0x36, 0x65, 0xe4, 0xf1, 0x80, 0x13, 0x84, 0x92, 0xb4, 0xb2, - 0x46, 0x2c, 0xd6, 0x2a, 0xa2, 0x49, 0xd4, 0x5a, 0xa9, 0x75, 0x88, 0x27, 0x6a, 0x6d, 0x45, 0x25, - 0xb5, 0x18, 0xd9, 0x71, 0x0f, 0xbb, 0x89, 0x08, 0x87, 0xdd, 0x19, 0x48, 0x6a, 0xc4, 0xe1, 0x24, - 0xbd, 0xad, 0x33, 0xac, 0xae, 0x68, 0x1c, 0xd2, 0xc4, 0x58, 0x99, 0x9f, 0xb7, 0xa9, 0x18, 0x12, - 0x9c, 0x07, 0x34, 0x0d, 0x69, 0x45, 0x2c, 0x63, 0x25, 0x78, 0x7b, 0xf3, 0x06, 0x75, 0x7a, 0xa1, - 0xeb, 0x30, 0x5e, 0xd1, 0x95, 0x55, 0x7b, 0xfa, 0x96, 0xf3, 0xc8, 0x5d, 0x52, 0x11, 0x4d, 0x67, - 0xbf, 0xdb, 0xc2, 0x3a, 0xd0, 0x08, 0x5d, 0x05, 0x44, 0x0c, 0xa3, 0x8e, 0xf5, 0x55, 0x4f, 0x31, - 0x25, 0x67, 0x7b, 0x0c, 0x87, 0x0a, 0x30, 0x41, 0x45, 0x18, 0x94, 0x44, 0x53, 0xbc, 0x25, 0x2c, - 0xd9, 0x81, 0x3a, 0xbc, 0x70, 0xa4, 0xd9, 0xc8, 0x1e, 0x0a, 0x10, 0x69, 0x5d, 0x57, 0x78, 0xa1, - 0xd5, 0xd7, 0xda, 0x2b, 0xac, 0x9f, 0x57, 0x88, 0x82, 0x57, 0xc9, 0x03, 0xcc, 0x0e, 0xe7, 0x98, - 0xc9, 0x94, 0xe0, 0x6b, 0x43, 0x19, 0x00, 0xeb, 0xb9, 0x44, 0x64, 0x6c, 0x98, 0x2c, 0xd8, 0xbb, - 0xc9, 0xa6, 0x16, 0x74, 0x12, 0xc6, 0xbc, 0xa7, 0x9b, 0x1b, 0x1a, 0x66, 0x47, 0x2c, 0x7d, 0x0a, - 0x6d, 0xad, 0xe8, 0x6d, 0x18, 0xd3, 0xa9, 0xa4, 0xec, 0x7e, 0xa3, 0xb6, 0x8e, 0x43, 0xd7, 0xd9, - 0xd6, 0xbd, 0x33, 0x0e, 0xf6, 0x47, 0x88, 0x03, 0x74, 0x1d, 0x10, 0xa5, 0xa2, 0x84, 0x15, 0x2c, - 0x8b, 0xa6, 0xaa, 0xb3, 0x63, 0x41, 0x4e, 0xf3, 0x9f, 0x62, 0x03, 0xcc, 0xf8, 0x3c, 0x4c, 0x75, - 0x13, 0x2f, 0x34, 0xc0, 0x1e, 0xa6, 0xe1, 0xd4, 0xb2, 0x21, 0xdf, 0xd2, 0xac, 0x01, 0x5e, 0x81, - 0x18, 0xa3, 0xb1, 0x91, 0xec, 0x2a, 0x36, 0x66, 0x43, 0x62, 0xc3, 0xde, 0xfa, 0x7a, 0x0a, 0x81, - 0x74, 0xef, 0x21, 0x30, 0xe7, 0x85, 0x80, 0x13, 0x8b, 0x47, 0x9b, 0x8d, 0x2c, 0xeb, 0x59, 0xab, - 0x55, 0x62, 0xe2, 0xaa, 0x66, 0x6e, 0x6c, 0x13, 0x03, 0x83, 0xdb, 0xc6, 0xc0, 0x50, 0x17, 0x31, - 0x30, 0x1c, 0x18, 0x03, 0x1d, 0x12, 0x86, 0xf8, 0x24, 0x3c, 0x12, 0x4d, 0xc2, 0xa7, 0xa1, 0xd0, - 0xa5, 0x22, 0xa9, 0x8a, 0xbf, 0x4e, 0xd8, 0x2a, 0xb6, 0x30, 0x76, 0xa3, 0x8a, 0x83, 0x15, 0x99, - 0xea, 0x59, 0x91, 0xae, 0x6b, 0xbb, 0x71, 0x13, 0x75, 0xed, 0x17, 0x09, 0x18, 0xb5, 0x76, 0x14, - 0xc3, 0x5a, 0xf5, 0x6d, 0x22, 0xed, 0xa2, 0x73, 0x90, 0x4b, 0x60, 0xaa, 0x77, 0x02, 0xf9, 0x09, - 0x18, 0xdf, 0xec, 0x14, 0xef, 0xbc, 0x92, 0x80, 0x83, 0xce, 0xfe, 0x7b, 0x43, 0xad, 0xbc, 0x6c, - 0x85, 0xc0, 0xc0, 0x72, 0x45, 0x2a, 0xb6, 0x72, 0x45, 0x3a, 0xca, 0x21, 0x30, 0x0b, 0xaf, 0x07, - 0xfa, 0x8b, 0x7a, 0xf4, 0xb3, 0x84, 0x9b, 0x5d, 0x55, 0xd5, 0xf5, 0xdd, 0x98, 0x5d, 0xb5, 0x27, - 0x47, 0xa9, 0x80, 0x4c, 0xb4, 0x95, 0xb4, 0x6c, 0x76, 0x01, 0x75, 0xd0, 0x77, 0x09, 0x47, 0x8b, - 0xd4, 0x85, 0x8b, 0x15, 0xf1, 0xa5, 0x56, 0x5c, 0x32, 0x36, 0xc5, 0xa5, 0xa2, 0x28, 0x2e, 0xe3, - 0x54, 0x49, 0xda, 0xdd, 0x45, 0xfd, 0xf9, 0x7d, 0xd2, 0x4d, 0x02, 0xad, 0x14, 0x71, 0xc7, 0xa2, - 0xf8, 0x55, 0xd0, 0x5d, 0xff, 0x65, 0x96, 0xff, 0x2a, 0xab, 0x6f, 0xa5, 0x92, 0x01, 0x94, 0x51, - 0x5e, 0x9f, 0x24, 0xe1, 0x50, 0x7b, 0xa7, 0xd8, 0x43, 0x65, 0x8f, 0xd6, 0x38, 0x69, 0x3d, 0x06, - 0xd9, 0x10, 0xc6, 0x5a, 0xac, 0xce, 0xfe, 0x33, 0x01, 0xc9, 0x65, 0x43, 0x46, 0x3f, 0x33, 0x30, - 0x11, 0x72, 0x05, 0xb7, 0xd8, 0xe3, 0x15, 0x60, 0x3e, 0xf4, 0x76, 0x88, 0x7b, 0x2f, 0x36, 0xa8, - 0xd6, 0x02, 0xec, 0x89, 0x87, 0xdc, 0x32, 0x45, 0x99, 0x78, 0x30, 0x54, 0xa4, 0x89, 0x6f, 0x7d, - 0xa7, 0x83, 0xbe, 0x64, 0x60, 0x64, 0xf3, 0x85, 0xce, 0x5b, 0x51, 0x86, 0xf0, 0xec, 0xb9, 0x2b, - 0xfd, 0xd9, 0xd3, 0x79, 0xfd, 0xc2, 0xc0, 0xe1, 0xf0, 0x3b, 0x8e, 0xa5, 0xe8, 0x0c, 0x76, 0xa2, - 0x71, 0x37, 0xe3, 0x44, 0xf3, 0xad, 0x20, 0xbc, 0x8a, 0xbf, 0x14, 0x9d, 0xca, 0x98, 0x56, 0xb0, - 0x6d, 0x49, 0x1c, 0x7d, 0xc5, 0xc0, 0x58, 0x5b, 0x3d, 0x7c, 0x3e, 0xc2, 0x40, 0x7e, 0x08, 0x6e, - 0xb1, 0x6f, 0x08, 0x3a, 0xc1, 0x1f, 0x18, 0x38, 0x18, 0x5c, 0xe6, 0xbd, 0x16, 0x69, 0x90, 0x00, - 0x24, 0x6e, 0x25, 0x2e, 0x24, 0x3a, 0xeb, 0x3f, 0x18, 0x38, 0xb6, 0x7d, 0x29, 0xf4, 0x66, 0xb4, - 0x40, 0xda, 0x1a, 0x95, 0xfb, 0x68, 0x27, 0x50, 0xe9, 0xca, 0x9e, 0x31, 0x70, 0xa2, 0xab, 0x1a, - 0xd4, 0xfb, 0x11, 0xa6, 0xd1, 0x0d, 0x30, 0x77, 0x67, 0x87, 0x80, 0x7d, 0x4b, 0xec, 0xaa, 0x40, - 0x11, 0x65, 0x89, 0xdd, 0x00, 0x47, 0x5a, 0x62, 0x2f, 0xb5, 0x02, 0xf4, 0x39, 0x03, 0xc3, 0x5e, - 0xa1, 0xe0, 0xcd, 0x28, 0x8a, 0x69, 0x59, 0x73, 0xa5, 0x7e, 0xac, 0xe9, 0x8c, 0x1e, 0x31, 0x80, - 0x02, 0x92, 0xf1, 0x77, 0xa2, 0x89, 0xb9, 0x0d, 0x86, 0x5b, 0x8e, 0x05, 0xa6, 0x6d, 0xd7, 0xf4, - 0xe5, 0xb9, 0xd1, 0x76, 0xcd, 0xcd, 0x10, 0x11, 0x77, 0xcd, 0xa0, 0x54, 0x13, 0x7d, 0xcb, 0xc0, - 0x81, 0xce, 0x3c, 0xb3, 0xd4, 0x97, 0x17, 0x5c, 0x14, 0x6e, 0x29, 0x0e, 0x94, 0xb6, 0xfd, 0x3d, - 0x28, 0x83, 0xbb, 0x16, 0xf9, 0x25, 0xd2, 0xce, 0xfe, 0x4a, 0x5c, 0x48, 0x74, 0xd6, 0x4f, 0x18, - 0x18, 0x0f, 0xce, 0x4f, 0xfa, 0x1d, 0xaa, 0xe5, 0xe5, 0x77, 0x63, 0x02, 0x6a, 0x4d, 0x79, 0xe1, - 0xe3, 0x5f, 0x9f, 0x67, 0x98, 0xa7, 0xcf, 0x33, 0xcc, 0xb3, 0xe7, 0x19, 0xe6, 0xe1, 0x8b, 0xcc, - 0xbe, 0xa7, 0x2f, 0x32, 0xfb, 0xfe, 0x7c, 0x91, 0xd9, 0xf7, 0x61, 0x49, 0x26, 0xe6, 0xbd, 0x7a, - 0x39, 0x5f, 0x51, 0xab, 0x05, 0x67, 0xd0, 0xe9, 0xa0, 0xaf, 0xf7, 0xa6, 0xbd, 0x61, 0xa7, 0xdd, - 0xef, 0xf7, 0xee, 0x3b, 0x5f, 0xf0, 0x6d, 0x68, 0xd8, 0x28, 0x0f, 0xd8, 0x1f, 0xd9, 0x9d, 0xf9, - 0x37, 0x00, 0x00, 0xff, 0xff, 0x33, 0xd2, 0xda, 0xfb, 0x00, 0x28, 0x00, 0x00, + // 1546 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x5a, 0xcd, 0x6f, 0xd4, 0xc6, + 0x1b, 0xc6, 0xfb, 0x91, 0x8f, 0x37, 0x21, 0x12, 0xf3, 0x0b, 0x60, 0x0c, 0xbf, 0xdd, 0xc5, 0x20, + 0x88, 0xd4, 0x64, 0x37, 0x04, 0x36, 0x7c, 0xa8, 0xb4, 0x4a, 0xd8, 0x02, 0x11, 0x09, 0x4d, 0x1d, + 0xa0, 0x55, 0x55, 0x15, 0x79, 0xd7, 0x83, 0x99, 0xc6, 0xbb, 0x76, 0x6d, 0x6f, 0x44, 0xb8, 0xf5, + 0xd4, 0x63, 0x91, 0xaa, 0x5e, 0x7b, 0x6b, 0x2b, 0x21, 0x15, 0x51, 0xf5, 0xe3, 0xda, 0x6b, 0x2f, + 0x95, 0x50, 0x2f, 0xed, 0x69, 0x85, 0xe0, 0x52, 0xa9, 0xb7, 0xfd, 0x0b, 0x2a, 0x7f, 0xec, 0x38, + 0xde, 0xb5, 0x93, 0x5d, 0xaf, 0x53, 0x85, 0x90, 0xdb, 0x7a, 0x76, 0xde, 0x67, 0x66, 0xde, 0xe7, + 0x79, 0x5f, 0xcf, 0x3b, 0x63, 0x38, 0xff, 0x90, 0xc8, 0x65, 0x8c, 0x45, 0x45, 0x21, 0x62, 0xad, + 0x82, 0x0b, 0x12, 0x31, 0x4c, 0x9d, 0x94, 0xeb, 0x26, 0x96, 0x2a, 0x6a, 0x55, 0x73, 0x5a, 0x15, + 0x2c, 0xc9, 0x58, 0x2f, 0x68, 0xab, 0xa4, 0x60, 0x3e, 0xc8, 0x6b, 0xba, 0x6a, 0xaa, 0x28, 0xef, + 0x37, 0xcc, 0x6f, 0x62, 0x98, 0xd7, 0x56, 0x09, 0x77, 0xa4, 0xa2, 0x1a, 0x55, 0xd5, 0xb8, 0x6b, + 0x5b, 0x17, 0x9c, 0x07, 0x07, 0x8a, 0x1b, 0x97, 0x55, 0x59, 0x75, 0xda, 0xad, 0x5f, 0x4e, 0x2b, + 0xff, 0x24, 0x09, 0x47, 0x96, 0x0c, 0x79, 0x59, 0x57, 0x35, 0xd5, 0xc0, 0x73, 0x92, 0xf4, 0x41, + 0x71, 0xfa, 0xa2, 0xa0, 0xaa, 0xe6, 0x15, 0xac, 0x9b, 0xe8, 0x1a, 0x0c, 0x18, 0x44, 0xae, 0x61, + 0x9d, 0x65, 0x72, 0xcc, 0xc4, 0xf0, 0x7c, 0xa1, 0xd9, 0xc8, 0xfe, 0x6f, 0x4d, 0x54, 0x88, 0x24, + 0x9a, 0xf8, 0x12, 0xaf, 0xe3, 0x4f, 0xeb, 0x44, 0xc7, 0x12, 0xff, 0xc7, 0x4f, 0x53, 0xe3, 0xee, + 0x60, 0x73, 0x92, 0xa4, 0x63, 0xc3, 0x58, 0x31, 0x75, 0x52, 0x93, 0x05, 0xd7, 0x1c, 0x5d, 0x80, + 0x54, 0x05, 0xeb, 0x26, 0x9b, 0xb0, 0x61, 0x4e, 0x36, 0x1b, 0xd9, 0x5c, 0x27, 0xcc, 0x64, 0x55, + 0x7c, 0x70, 0xf9, 0xcc, 0xf4, 0xb9, 0x0b, 0xc5, 0xf3, 0xb3, 0xd3, 0xbc, 0x60, 0x5b, 0xa0, 0x37, + 0x20, 0x45, 0x6a, 0xf7, 0x54, 0x36, 0x69, 0x5b, 0x1e, 0xf6, 0x4f, 0xc0, 0x32, 0x38, 0x37, 0x7d, + 0x71, 0x96, 0x17, 0xec, 0x4e, 0x08, 0x41, 0xca, 0x24, 0x55, 0xcc, 0xa6, 0x72, 0xcc, 0x44, 0x52, + 0xb0, 0x7f, 0xa3, 0x8b, 0x90, 0x5c, 0x23, 0x12, 0x9b, 0xce, 0x31, 0x13, 0xe9, 0xf9, 0xd3, 0xcd, + 0x46, 0xf6, 0x84, 0x67, 0x2f, 0x9b, 0xf8, 0xf2, 0x99, 0x49, 0xc5, 0xc4, 0x97, 0x67, 0x8b, 0xc5, + 0xb3, 0xc5, 0x49, 0xba, 0x20, 0xc1, 0xb2, 0x41, 0x8b, 0x70, 0xc0, 0x9a, 0xc3, 0x4a, 0xe5, 0x3e, + 0xae, 0x8a, 0x77, 0xb0, 0x6e, 0x10, 0xb5, 0xc6, 0x0e, 0xe4, 0x98, 0x89, 0xfd, 0xf3, 0x99, 0x66, + 0x23, 0xcb, 0xf9, 0x81, 0xa6, 0x3d, 0x20, 0x5e, 0xe8, 0x34, 0x44, 0x25, 0xd8, 0x6f, 0xf8, 0x90, + 0x06, 0xbb, 0x42, 0xf2, 0x1b, 0xf1, 0x27, 0xe0, 0x78, 0x28, 0x5f, 0x02, 0x36, 0x34, 0xb5, 0x66, + 0x60, 0xfe, 0xdb, 0x84, 0xcd, 0xea, 0x9c, 0xa6, 0xe9, 0xea, 0xda, 0xf6, 0xb1, 0x7a, 0x09, 0x06, + 0x8d, 0x7a, 0xf9, 0x13, 0x5c, 0x69, 0x11, 0x9b, 0x6b, 0x36, 0xb2, 0xc7, 0x42, 0x89, 0x9d, 0x39, + 0xc7, 0x0b, 0x2d, 0x03, 0x74, 0x05, 0x46, 0xdd, 0x9f, 0x37, 0xf0, 0xfa, 0x82, 0xe4, 0xf2, 0x9b, + 0x6d, 0x36, 0xb2, 0x47, 0x43, 0x00, 0x66, 0x8a, 0xb3, 0xbc, 0xe0, 0x33, 0xa2, 0xe2, 0x48, 0xf5, + 0x22, 0x8e, 0xb4, 0x27, 0x0e, 0xd7, 0x9b, 0xc1, 0x7e, 0xa2, 0xde, 0xfc, 0x3b, 0x01, 0x63, 0x56, + 0x2f, 0xe7, 0xef, 0x5d, 0x13, 0x18, 0x81, 0xea, 0x4e, 0xc7, 0xa6, 0xee, 0x81, 0x28, 0xea, 0x66, + 0xe1, 0x90, 0xdf, 0xd3, 0x94, 0x84, 0x9f, 0x93, 0x70, 0xcc, 0x13, 0xbe, 0x80, 0xd7, 0xd4, 0x55, + 0xbc, 0xa7, 0xea, 0x40, 0x55, 0x23, 0x1e, 0x46, 0x0d, 0xac, 0x13, 0x51, 0xb9, 0x59, 0xaf, 0x96, + 0xb1, 0x6e, 0x53, 0x31, 0x2c, 0xf8, 0xda, 0x50, 0x0e, 0x46, 0x74, 0xdb, 0x89, 0x57, 0xee, 0x13, + 0x45, 0xb2, 0x73, 0xd1, 0x90, 0xb0, 0xb1, 0xa9, 0x93, 0xd1, 0xa1, 0x28, 0x8c, 0x9e, 0x82, 0x93, + 0x9b, 0xd1, 0x46, 0xf9, 0xfd, 0x3d, 0x61, 0xf3, 0xeb, 0x86, 0xe2, 0x6b, 0xc1, 0x6f, 0xba, 0x17, + 0x7e, 0x07, 0x36, 0xe1, 0x77, 0xb0, 0x93, 0x5f, 0xd7, 0xef, 0xa1, 0xee, 0xa4, 0x7e, 0x7f, 0x9c, + 0x84, 0x03, 0x4b, 0x86, 0xec, 0xf5, 0xd8, 0x0b, 0xa6, 0x9d, 0x1b, 0x4c, 0x47, 0xed, 0xd7, 0xba, + 0x9f, 0x2b, 0xca, 0xe4, 0x3f, 0x09, 0x60, 0xed, 0x7f, 0xad, 0xc5, 0xef, 0xbd, 0xf3, 0x43, 0x09, + 0x8d, 0xe7, 0x4d, 0xc5, 0x43, 0x2e, 0xcc, 0xd9, 0x94, 0x91, 0x27, 0x03, 0x4e, 0x10, 0x4a, 0xd2, + 0xf2, 0x2a, 0xb1, 0x58, 0xab, 0x88, 0x26, 0x51, 0x6b, 0xa5, 0xd6, 0x26, 0x9e, 0xa8, 0xb5, 0x65, + 0x95, 0xd4, 0x62, 0x64, 0xc7, 0xdd, 0xec, 0x26, 0x22, 0x6c, 0x76, 0xa7, 0x21, 0xa9, 0x11, 0x87, + 0x93, 0xf4, 0x96, 0xce, 0xb0, 0xba, 0xa2, 0x71, 0x48, 0x13, 0x63, 0x79, 0x6e, 0xce, 0xa6, 0x62, + 0x48, 0x70, 0x1e, 0xd0, 0x14, 0xa4, 0x15, 0xb1, 0x8c, 0x95, 0xe0, 0xf4, 0xe6, 0x0d, 0xea, 0xf4, + 0x42, 0x37, 0x60, 0xbc, 0xa2, 0x2b, 0x2b, 0xf6, 0xf4, 0x2d, 0xe7, 0x91, 0x7b, 0xa4, 0x22, 0x9a, + 0x4e, 0xbe, 0xdb, 0xc4, 0x3a, 0xd0, 0x08, 0x5d, 0x03, 0x44, 0x0c, 0xa3, 0x8e, 0xf5, 0x15, 0x4f, + 0x31, 0x25, 0x27, 0x3d, 0x86, 0x43, 0x05, 0x98, 0xa0, 0x22, 0x0c, 0x4a, 0xa2, 0x29, 0xde, 0x16, + 0x16, 0xed, 0x40, 0x1d, 0x9e, 0x3f, 0xda, 0x6c, 0x64, 0x0f, 0x07, 0x88, 0xb4, 0xae, 0x2b, 0xbc, + 0xd0, 0xea, 0x6b, 0xe5, 0x0a, 0xeb, 0xe7, 0x55, 0xa2, 0xe0, 0x15, 0xf2, 0x10, 0xb3, 0xc3, 0x39, + 0x66, 0x22, 0x25, 0xf8, 0xda, 0x50, 0x06, 0xc0, 0x7a, 0x2e, 0x11, 0x19, 0x1b, 0x26, 0x0b, 0x76, + 0x36, 0xd9, 0xd0, 0x82, 0x4e, 0xc1, 0x98, 0xf7, 0x74, 0x6b, 0x5d, 0xc3, 0xec, 0x88, 0xa5, 0x4f, + 0xa1, 0xad, 0x15, 0xbd, 0x0d, 0x63, 0x3a, 0x95, 0x94, 0xdd, 0x6f, 0xd4, 0xd6, 0x71, 0xe8, 0x3a, + 0xdb, 0xba, 0x77, 0xc6, 0xc1, 0xfe, 0x08, 0x71, 0x80, 0x6e, 0x00, 0xa2, 0x54, 0x94, 0xb0, 0x82, + 0x65, 0xd1, 0x54, 0x75, 0x76, 0x2c, 0xc8, 0x69, 0xfe, 0x5d, 0x6c, 0x80, 0x19, 0x9f, 0x87, 0xc9, + 0x6e, 0xe2, 0x85, 0x06, 0xd8, 0xa3, 0x34, 0x9c, 0x5e, 0x32, 0xe4, 0xdb, 0x9a, 0x35, 0xc0, 0x2b, + 0x10, 0x63, 0x34, 0x36, 0x92, 0x5d, 0xc5, 0xc6, 0x4c, 0x48, 0x6c, 0xd8, 0xa9, 0xaf, 0xa7, 0x10, + 0x48, 0xf7, 0x1e, 0x02, 0xb3, 0x5e, 0x08, 0x38, 0xb1, 0x78, 0xac, 0xd9, 0xc8, 0xb2, 0x9e, 0xb5, + 0x5a, 0x25, 0x26, 0xae, 0x6a, 0xe6, 0xfa, 0x16, 0x31, 0x30, 0xb8, 0x65, 0x0c, 0x0c, 0x75, 0x11, + 0x03, 0xc3, 0x81, 0x31, 0xd0, 0x21, 0x61, 0x88, 0x4f, 0xc2, 0x23, 0xd1, 0x24, 0x7c, 0x06, 0x0a, + 0x5d, 0x2a, 0x92, 0xaa, 0xf8, 0x9b, 0x84, 0xad, 0x62, 0x0b, 0x63, 0x37, 0xaa, 0x38, 0x58, 0x91, + 0xa9, 0x9e, 0x15, 0xe9, 0xba, 0xb6, 0x1b, 0x37, 0x51, 0xd7, 0x7e, 0x99, 0x80, 0x51, 0x2b, 0xa3, + 0x18, 0xd6, 0xaa, 0xef, 0x10, 0x69, 0x17, 0xed, 0x83, 0x5c, 0x02, 0x53, 0xbd, 0x13, 0xc8, 0x1f, + 0x82, 0xf1, 0x8d, 0x4e, 0xf1, 0xf6, 0x2b, 0x09, 0x38, 0xe8, 0xe4, 0xdf, 0x9b, 0x6a, 0x65, 0xa7, + 0x1d, 0x04, 0x06, 0x1e, 0x57, 0xa4, 0x62, 0x3b, 0xae, 0x48, 0x47, 0xd9, 0x04, 0x66, 0xe1, 0xff, + 0x81, 0xfe, 0xa2, 0x1e, 0xfd, 0x2c, 0xe1, 0x56, 0x57, 0x55, 0x75, 0x6d, 0x37, 0x56, 0x57, 0xed, + 0xc5, 0x51, 0x2a, 0xa0, 0x12, 0x6d, 0x15, 0x2d, 0x1b, 0x5d, 0x40, 0x1d, 0xf4, 0x7d, 0xc2, 0xd1, + 0x22, 0x75, 0xe1, 0x42, 0x45, 0xdc, 0xd1, 0x8a, 0x4b, 0xc6, 0xa6, 0xb8, 0x54, 0x14, 0xc5, 0x65, + 0x9c, 0x53, 0x92, 0x76, 0x77, 0x51, 0x7f, 0xfe, 0x90, 0x74, 0x8b, 0x40, 0xab, 0x44, 0xdc, 0xb6, + 0x28, 0x7e, 0x15, 0x74, 0xd7, 0xff, 0x31, 0xcb, 0x7f, 0x55, 0xd5, 0xb7, 0x4a, 0xc9, 0x00, 0xca, + 0x28, 0xaf, 0x4f, 0x93, 0x70, 0xb8, 0xbd, 0x53, 0xec, 0xa1, 0xb2, 0x47, 0x6b, 0x9c, 0xb4, 0x1e, + 0x87, 0x6c, 0x08, 0x63, 0x94, 0xd5, 0xcf, 0x13, 0x2e, 0xab, 0x56, 0x6e, 0x7c, 0x9d, 0x59, 0xa5, + 0xce, 0xea, 0x74, 0x44, 0xcb, 0x59, 0x33, 0x4f, 0x59, 0x48, 0x2e, 0x19, 0x32, 0xfa, 0x85, 0x81, + 0x43, 0x21, 0xf7, 0x95, 0x0b, 0x3d, 0xde, 0x97, 0xe6, 0x43, 0xaf, 0xd2, 0xb8, 0xf7, 0x62, 0x83, + 0x6a, 0x2d, 0xc0, 0x9e, 0x78, 0xc8, 0x95, 0x5c, 0x94, 0x89, 0x07, 0x43, 0x45, 0x9a, 0xf8, 0xe6, + 0x17, 0x60, 0xe8, 0x2b, 0x06, 0x46, 0x36, 0xde, 0x7e, 0xbd, 0x15, 0x65, 0x08, 0xcf, 0x9e, 0xbb, + 0xda, 0x9f, 0x3d, 0x9d, 0xd7, 0xaf, 0x0c, 0x1c, 0x09, 0xbf, 0x10, 0x5a, 0x8c, 0xce, 0x60, 0x27, + 0x1a, 0x77, 0x2b, 0x4e, 0x34, 0xdf, 0x0a, 0xc2, 0xaf, 0x3c, 0x16, 0xa3, 0x53, 0x19, 0xd3, 0x0a, + 0xb6, 0xbc, 0x3f, 0x40, 0x5f, 0x33, 0x30, 0xd6, 0x76, 0x79, 0x30, 0x17, 0x61, 0x20, 0x3f, 0x04, + 0xb7, 0xd0, 0x37, 0x04, 0x9d, 0xe0, 0x8f, 0x0c, 0x1c, 0x0c, 0x3e, 0x13, 0xbf, 0x1e, 0x69, 0x90, + 0x00, 0x24, 0x6e, 0x39, 0x2e, 0x24, 0x3a, 0xeb, 0x3f, 0x19, 0x38, 0xbe, 0xf5, 0xb9, 0xf1, 0xad, + 0x68, 0x81, 0xb4, 0x39, 0x2a, 0xf7, 0xd1, 0x76, 0xa0, 0xd2, 0x95, 0x3d, 0x67, 0xe0, 0x64, 0x57, + 0x07, 0x76, 0xef, 0x47, 0x98, 0x46, 0x37, 0xc0, 0xdc, 0xdd, 0x6d, 0x02, 0xf6, 0x2d, 0xb1, 0xab, + 0xd3, 0x9c, 0x28, 0x4b, 0xec, 0x06, 0x38, 0xd2, 0x12, 0x7b, 0x39, 0x58, 0x41, 0x5f, 0x30, 0x30, + 0xec, 0x9d, 0xaa, 0xbc, 0x19, 0x45, 0x31, 0x2d, 0x6b, 0xae, 0xd4, 0x8f, 0x35, 0x9d, 0xd1, 0x63, + 0x06, 0x50, 0xc0, 0xc9, 0xc5, 0x3b, 0xd1, 0xc4, 0xdc, 0x06, 0xc3, 0x2d, 0xc5, 0x02, 0xd3, 0x96, + 0x35, 0x7d, 0x87, 0x02, 0xd1, 0xb2, 0xe6, 0x46, 0x88, 0x88, 0x59, 0x33, 0xa8, 0x2e, 0x47, 0xdf, + 0x31, 0x70, 0xa0, 0xb3, 0x28, 0x2f, 0xf5, 0xe5, 0x05, 0x17, 0x85, 0x5b, 0x8c, 0x03, 0xa5, 0x2d, + 0xbf, 0x07, 0x95, 0xbb, 0xd7, 0x23, 0xbf, 0x44, 0xda, 0xd9, 0x5f, 0x8e, 0x0b, 0x89, 0xce, 0xfa, + 0x29, 0x03, 0xe3, 0xc1, 0xc5, 0x5c, 0xbf, 0x43, 0xb5, 0xbc, 0xfc, 0x6e, 0x4c, 0x40, 0x6d, 0x53, + 0x0e, 0xaa, 0x54, 0x22, 0xcb, 0x2e, 0x96, 0x29, 0x87, 0x97, 0x0c, 0xf3, 0x1f, 0xff, 0xf6, 0x22, + 0xc3, 0x3c, 0x7b, 0x91, 0x61, 0x9e, 0xbf, 0xc8, 0x30, 0x8f, 0x5e, 0x66, 0xf6, 0x3d, 0x7b, 0x99, + 0xd9, 0xf7, 0xd7, 0xcb, 0xcc, 0xbe, 0x0f, 0x4b, 0x32, 0x31, 0xef, 0xd7, 0xcb, 0xf9, 0x8a, 0x5a, + 0x2d, 0x38, 0x83, 0x4e, 0x05, 0x7d, 0x9d, 0x39, 0xe5, 0x0d, 0x3b, 0xe5, 0x7e, 0x9f, 0xf9, 0xc0, + 0xf9, 0x42, 0x73, 0x5d, 0xc3, 0x46, 0x79, 0xc0, 0xfe, 0x88, 0xf2, 0xec, 0xbf, 0x01, 0x00, 0x00, + 0xff, 0xff, 0x5b, 0x2e, 0x99, 0x48, 0xe0, 0x29, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -2219,6 +2327,7 @@ type MsgClient interface { AddNocX509IcaCert(ctx context.Context, in *MsgAddNocX509IcaCert, opts ...grpc.CallOption) (*MsgAddNocX509IcaCertResponse, error) RevokeNocX509RootCert(ctx context.Context, in *MsgRevokeNocX509RootCert, opts ...grpc.CallOption) (*MsgRevokeNocX509RootCertResponse, error) RevokeNocX509IcaCert(ctx context.Context, in *MsgRevokeNocX509IcaCert, opts ...grpc.CallOption) (*MsgRevokeNocX509IcaCertResponse, error) + RemoveNocX509IcaCert(ctx context.Context, in *MsgRemoveNocX509IcaCert, opts ...grpc.CallOption) (*MsgRemoveNocX509IcaCertResponse, error) } type msgClient struct { @@ -2373,6 +2482,15 @@ func (c *msgClient) RevokeNocX509IcaCert(ctx context.Context, in *MsgRevokeNocX5 return out, nil } +func (c *msgClient) RemoveNocX509IcaCert(ctx context.Context, in *MsgRemoveNocX509IcaCert, opts ...grpc.CallOption) (*MsgRemoveNocX509IcaCertResponse, error) { + out := new(MsgRemoveNocX509IcaCertResponse) + err := c.cc.Invoke(ctx, "/zigbeealliance.distributedcomplianceledger.pki.Msg/RemoveNocX509IcaCert", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // MsgServer is the server API for Msg service. type MsgServer interface { ProposeAddX509RootCert(context.Context, *MsgProposeAddX509RootCert) (*MsgProposeAddX509RootCertResponse, error) @@ -2391,6 +2509,7 @@ type MsgServer interface { AddNocX509IcaCert(context.Context, *MsgAddNocX509IcaCert) (*MsgAddNocX509IcaCertResponse, error) RevokeNocX509RootCert(context.Context, *MsgRevokeNocX509RootCert) (*MsgRevokeNocX509RootCertResponse, error) RevokeNocX509IcaCert(context.Context, *MsgRevokeNocX509IcaCert) (*MsgRevokeNocX509IcaCertResponse, error) + RemoveNocX509IcaCert(context.Context, *MsgRemoveNocX509IcaCert) (*MsgRemoveNocX509IcaCertResponse, error) } // UnimplementedMsgServer can be embedded to have forward compatible implementations. @@ -2445,6 +2564,9 @@ func (*UnimplementedMsgServer) RevokeNocX509RootCert(ctx context.Context, req *M func (*UnimplementedMsgServer) RevokeNocX509IcaCert(ctx context.Context, req *MsgRevokeNocX509IcaCert) (*MsgRevokeNocX509IcaCertResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method RevokeNocX509IcaCert not implemented") } +func (*UnimplementedMsgServer) RemoveNocX509IcaCert(ctx context.Context, req *MsgRemoveNocX509IcaCert) (*MsgRemoveNocX509IcaCertResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveNocX509IcaCert not implemented") +} func RegisterMsgServer(s grpc1.Server, srv MsgServer) { s.RegisterService(&_Msg_serviceDesc, srv) @@ -2738,6 +2860,24 @@ func _Msg_RevokeNocX509IcaCert_Handler(srv interface{}, ctx context.Context, dec return interceptor(ctx, in, info, handler) } +func _Msg_RemoveNocX509IcaCert_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(MsgRemoveNocX509IcaCert) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(MsgServer).RemoveNocX509IcaCert(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/zigbeealliance.distributedcomplianceledger.pki.Msg/RemoveNocX509IcaCert", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(MsgServer).RemoveNocX509IcaCert(ctx, req.(*MsgRemoveNocX509IcaCert)) + } + return interceptor(ctx, in, info, handler) +} + var _Msg_serviceDesc = grpc.ServiceDesc{ ServiceName: "zigbeealliance.distributedcomplianceledger.pki.Msg", HandlerType: (*MsgServer)(nil), @@ -2806,6 +2946,10 @@ var _Msg_serviceDesc = grpc.ServiceDesc{ MethodName: "RevokeNocX509IcaCert", Handler: _Msg_RevokeNocX509IcaCert_Handler, }, + { + MethodName: "RemoveNocX509IcaCert", + Handler: _Msg_RemoveNocX509IcaCert_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "zigbeealliance/distributedcomplianceledger/pki/tx.proto", @@ -4241,6 +4385,80 @@ func (m *MsgRevokeNocX509IcaCertResponse) MarshalToSizedBuffer(dAtA []byte) (int return len(dAtA) - i, nil } +func (m *MsgRemoveNocX509IcaCert) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MsgRemoveNocX509IcaCert) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MsgRemoveNocX509IcaCert) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.SerialNumber) > 0 { + i -= len(m.SerialNumber) + copy(dAtA[i:], m.SerialNumber) + i = encodeVarintTx(dAtA, i, uint64(len(m.SerialNumber))) + i-- + dAtA[i] = 0x22 + } + if len(m.SubjectKeyId) > 0 { + i -= len(m.SubjectKeyId) + copy(dAtA[i:], m.SubjectKeyId) + i = encodeVarintTx(dAtA, i, uint64(len(m.SubjectKeyId))) + i-- + dAtA[i] = 0x1a + } + if len(m.Subject) > 0 { + i -= len(m.Subject) + copy(dAtA[i:], m.Subject) + i = encodeVarintTx(dAtA, i, uint64(len(m.Subject))) + i-- + dAtA[i] = 0x12 + } + if len(m.Signer) > 0 { + i -= len(m.Signer) + copy(dAtA[i:], m.Signer) + i = encodeVarintTx(dAtA, i, uint64(len(m.Signer))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *MsgRemoveNocX509IcaCertResponse) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MsgRemoveNocX509IcaCertResponse) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MsgRemoveNocX509IcaCertResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + return len(dAtA) - i, nil +} + func encodeVarintTx(dAtA []byte, offset int, v uint64) int { offset -= sovTx(v) base := offset @@ -4928,6 +5146,40 @@ func (m *MsgRevokeNocX509IcaCertResponse) Size() (n int) { return n } +func (m *MsgRemoveNocX509IcaCert) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Signer) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + l = len(m.Subject) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + l = len(m.SubjectKeyId) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + l = len(m.SerialNumber) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + return n +} + +func (m *MsgRemoveNocX509IcaCertResponse) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + return n +} + func sovTx(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -9443,6 +9695,234 @@ func (m *MsgRevokeNocX509IcaCertResponse) Unmarshal(dAtA []byte) error { } return nil } +func (m *MsgRemoveNocX509IcaCert) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MsgRemoveNocX509IcaCert: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MsgRemoveNocX509IcaCert: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Signer", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Signer = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Subject", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Subject = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SubjectKeyId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.SubjectKeyId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SerialNumber", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.SerialNumber = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipTx(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTx + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *MsgRemoveNocX509IcaCertResponse) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MsgRemoveNocX509IcaCertResponse: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MsgRemoveNocX509IcaCertResponse: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + default: + iNdEx = preIndex + skippy, err := skipTx(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTx + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipTx(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0