From 2b8cb2dcf653d53168c2d8b298aaca66e22f5a73 Mon Sep 17 00:00:00 2001 From: Abdulbois Date: Thu, 15 Feb 2024 10:37:38 +0500 Subject: [PATCH] #535 Add new txn to remove non-root certificates Signed-off-by: Abdulbois Signed-off-by: Abdulbois --- docs/transactions.md | 18 + .../cli/pki-remove-x506-certificates.sh | 134 ++++ integration_tests/constants/constants.go | 69 +- .../constants/leaf_with_same_subject_and_skid | 20 + integration_tests/grpc_rest/pki/helpers.go | 94 +++ proto/pki/tx.proto | 11 + scripts/starport/upgrade-0.44/07.pki_types.sh | 1 + .../module/index.ts | 5 +- .../module/rest.ts | 2 + .../module/types/pki/tx.ts | 161 ++++- x/pki/client/cli/tx.go | 1 + x/pki/client/cli/tx_remove_x_509_cert.go | 60 ++ x/pki/handler.go | 4 + x/pki/handler_test.go | 106 +++ x/pki/keeper/approved_certificates.go | 20 - x/pki/keeper/msg_server_remove_x_509_cert.go | 78 +++ x/pki/module_simulation.go | 15 + x/pki/simulation/remove_x_509_cert.go | 29 + x/pki/types/codec.go | 4 + x/pki/types/message_remove_x_509_cert.go | 58 ++ x/pki/types/message_remove_x_509_cert_test.go | 105 +++ x/pki/types/tx.pb.go | 630 +++++++++++++++--- 22 files changed, 1505 insertions(+), 120 deletions(-) create mode 100755 integration_tests/cli/pki-remove-x506-certificates.sh create mode 100644 integration_tests/constants/leaf_with_same_subject_and_skid create mode 100644 x/pki/client/cli/tx_remove_x_509_cert.go create mode 100644 x/pki/keeper/msg_server_remove_x_509_cert.go create mode 100644 x/pki/simulation/remove_x_509_cert.go create mode 100644 x/pki/types/message_remove_x_509_cert.go create mode 100644 x/pki/types/message_remove_x_509_cert_test.go diff --git a/docs/transactions.md b/docs/transactions.md index 5cecff887..bb807f67d 100644 --- a/docs/transactions.md +++ b/docs/transactions.md @@ -951,6 +951,24 @@ Root certificates can not be revoked this way, use `PROPOSE_X509_CERT_REVOC` an - CLI command: - `dcld tx pki revoke-x509-cert --subject= --subject-key-id= --from=` +### REMOVE_X509_CERT + +**Status: Implemented** + +Removes the given X509 certificate (either intermediate or leaf) from approved and revoked certificates list. + +Only the owner (sender) can remove the certificate. +Root certificates can not be removed this way. + +- Parameters: + - subject: `string` - certificates's `Subject` is base64 encoded subject DER sequence bytes + - subject_key_id: `string` - certificates's `Subject Key Id` in hex string format, e.g: `5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB` + - serial-number: `optional(string)` - certificate's serial number +- Who can send: + - Any role; owner +- CLI command: + - `dcld tx pki remove-x509-cert --subject= --subject-key-id= --from=` + ### PROPOSE_REVOKE_X509_ROOT_CERT **Status: Implemented** diff --git a/integration_tests/cli/pki-remove-x506-certificates.sh b/integration_tests/cli/pki-remove-x506-certificates.sh new file mode 100755 index 000000000..e48676587 --- /dev/null +++ b/integration_tests/cli/pki-remove-x506-certificates.sh @@ -0,0 +1,134 @@ +set -euo pipefail +source integration_tests/cli/common.sh + +root_cert_subject="MIGCMQswCQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxETAPBgNVBAcMCE5ldyBZb3JrMRgwFgYDVQQKDA9FeGFtcGxlIENvbXBhbnkxGTAXBgNVBAsMEFRlc3RpbmcgRGl2aXNpb24xGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbQ==" +root_cert_subject_key_id="33:5E:0C:07:44:F8:B5:9C:CD:55:01:9B:6D:71:23:83:6F:D0:D4:BE" +root_cert_1_path="integration_tests/constants/root_with_same_subject_and_skid_1" +root_cert_1_serial_number="1" +root_cert_vid=65521 +intermediate_cert_subject="MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQ=" +intermediate_cert_subject_key_id="2E:13:3B:44:52:2C:30:E9:EC:FB:45:FA:5D:E5:04:0A:C1:C6:E6:B9" +intermediate_cert_1_path="integration_tests/constants/intermediate_with_same_subject_and_skid_1" +intermediate_cert_2_path="integration_tests/constants/intermediate_with_same_subject_and_skid_2" +intermediate_cert_1_serial_number="3" +intermediate_cert_2_serial_number="4" +leaf_cert_subject="MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQ" +leaf_cert_subject_key_id="12:16:55:8E:5E:2A:DF:04:D7:E6:FE:D1:53:69:61:98:EF:17:2F:03" +leaf_cert_path="integration_tests/constants/leaf_with_same_subject_and_skid" +leaf_cert_serial_number="5" + +trustee_account="jack" +second_trustee_account="alice" + +test_divider + +echo "REMOVE X509 CERTIFICATES" + +echo "Propose and approve root certificate 1" +result=$(echo "$passphrase" | dcld tx pki propose-add-x509-root-cert --certificate="$root_cert_1_path" --vid "$root_cert_vid" --from $trustee_account --yes) +check_response "$result" "\"code\": 0" +result=$(echo "$passphrase" | dcld tx pki approve-add-x509-root-cert --subject="$root_cert_subject" --subject-key-id="$root_cert_subject_key_id" --from $second_trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Add an intermediate certificate with serialNumber 3" +result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$intermediate_cert_1_path" --from $trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Add an intermediate certificate with serialNumber 4" +result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$intermediate_cert_2_path" --from $trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Add a leaf certificate with serialNumber 5" +result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$leaf_cert_path" --from $trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Request all approved root certificates." +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subject\": \"$root_cert_subject\"" +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\"" + +echo "Remove intermediate certificate with invalid serialNumber" +result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="invalid" --from=$trustee_account --yes) +check_response "$result" "\"code\": 404" + +echo "Remove intermediate certificate with serialNumber 3" +result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="$intermediate_cert_1_serial_number" --from=$trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Request all certificates should not contain intermediate certificate with serialNumber 3" +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subject\": \"$root_cert_subject\"" +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Request all approved intermediate certificates should contain only one certificate with serialNumber 4" +result=$(dcld query pki x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id") +echo $result | jq +check_response "$result" "\"subject\": \"$intermediate_cert_subject\"" +check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Remove intermediate certificate with subject and subjectKeyId" +result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --from=$trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Request all approved intermediate certificates should be empty" +result=$(dcld query pki x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id") +echo $result | jq +check_response "$result" "\[\]" +response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Request all certificates should contain only root and leaf certificates" +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\"" +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" + +echo "Remove leaf certificate" +result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$leaf_cert_subject" --subject-key-id="$leaf_cert_subject_key_id" --from=$trustee_account --yes) +check_response "$result" "\"code\": 0" + +echo "Request all approved leaf certificates should be empty" +result=$(dcld query pki x509-cert --subject="$leaf_cert_subject" --subject-key-id="$leaf_cert_subject_key_id") +echo $result | jq +check_response "$result" "\[\]" +response_does_not_contain "$result" "\"subject\": \"$leaf_cert_subject\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number" + +echo "Request all certificates should contain only root certificate" +result=$(dcld query pki all-x509-certs) +echo $result | jq +check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\"" +check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\"" +response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\"" +response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number" + +test_divider diff --git a/integration_tests/constants/constants.go b/integration_tests/constants/constants.go index 509f6c4b1..bd27ade14 100644 --- a/integration_tests/constants/constants.go +++ b/integration_tests/constants/constants.go @@ -463,47 +463,69 @@ XWQLy4RZmLIkrm7vj3uFWRpi7lOBkAPOgCm04RTYqJJwnI0UeJmvaxoFd42J+k3D xEsSrRoqMgkOX01+kkNn8Ugv3bEfeJ4= -----END CERTIFICATE-----` IntermediateWithSameSubjectAndSKID1 = `-----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx +MIIDlTCCAn2gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx ETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhOZXcgWW9yazEYMBYGA1UECgwP RXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMRgwFgYD -VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE1MTE1MTE1WhgPMzAyMzA2MTgx -MTUxMTVaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE2MDY1NTA0WhgPMzAyMzA2MTkw +NjU1MDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDmdvkss9fh7NRVNAKbrt9zReTNUwMsUxf6ryvepNUxEc6o bGDS8yunS9QVpqf9BVQfM0tCzrewif1EDetdPYIMnC9o34nF095/4E5v+aoKabzG wuyibKjtKVSl+dy0p42UJtScwzZRqLXIZxhmefh2CZT4q9Fs4y2qnCBtFqaWCToT rcNWAQNBZ0E6S2ZulxXsdMoOGJ4iYPjAhqSbejcrN0McBudYq97pvEInG3HbyX2o IGtZznGtwG326l9SV4OvmofxrvLjhx/nOauSBbbJcPWy3L10FWDZZ2h8ddpvx6I6 -oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjQjBAMB0GA1UdDgQW +oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjUDBOMB0GA1UdDgQW BBQuEztEUiww6ez7Rfpd5QQKwcbmuTAfBgNVHSMEGDAWgBQzXgwHRPi1nM1VAZtt -cSODb9DUvjANBgkqhkiG9w0BAQsFAAOCAQEAdKy4xLM2gRWB53LTlbvuGls3bDVD -bTar/qTh3yPHc4ugtfQOlLfVD85nJykogiV9ZcT01OdKPeTbeGB93mlqpqIsirkW -ei6ZuBjnX6e4QXcHAo0om6hylSKjC6NEsIPHRuNeEvtHb7M9eMIXfxpjVuWZoYcq -cDtxXeARbH7QaeiKgN1qqKiuwLY1SnExABr10keLILJYYxCZmyp7GXfh8+eSKc4l -l039fvhGiSmDipcVRwZxVfvu6KUtY1QpL5185bjTeD35QL71Ix69ahEaaMn9Gy+T -TMkW9/LTRgnlWI4+ghvGykOsIbJwpGpfiRO3/ytgh4snUbEsFBLkLujk5w== ------END CERTIFICATE----- -` +cSODb9DUvjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBm1hCN9XFd +2LnrxZkNr0RGMuSsFKIT8B7/gXmgDtkFKb84GcT/rFYGch4Nc6sVXQLFQWGsYCO9 +OKZdiJGx4TOkGZuo1waa3/JzwDxLHh/2d7CLrEuGQnEo2evw+yj8AwkjWml+5zjn +L3bG9iZ1JQSUsGiVIHtUVYTGetyUy+SuJxuVvx359hc5foRuNiKDhQW7mwXWv+ua +xfBPUaspjiGALO8hBKlbVxt0RWv5MGyg2JJbSt9Ijexa6aoLzynq5gpSoEfQABUp +wbfDZe4Cbio4ndASlsbtpo/5ZOuQKn9Wp54meOotFDrFntnD7XFohxMJc5YY0F1q +Yk3FHd02VN0M +-----END CERTIFICATE-----` IntermediateWithSameSubjectAndSKID2 = `-----BEGIN CERTIFICATE----- -MIIDhzCCAm+gAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx +MIIDlTCCAn2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx ETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhOZXcgWW9yazEYMBYGA1UECgwP RXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMRgwFgYD -VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE1MTE1MTIzWhgPMzAyMzA2MTgx -MTUxMjNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE2MDY1NzQ4WhgPMzAyMzA2MTkw +NjU3NDhaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDmdvkss9fh7NRVNAKbrt9zReTNUwMsUxf6ryvepNUxEc6o bGDS8yunS9QVpqf9BVQfM0tCzrewif1EDetdPYIMnC9o34nF095/4E5v+aoKabzG wuyibKjtKVSl+dy0p42UJtScwzZRqLXIZxhmefh2CZT4q9Fs4y2qnCBtFqaWCToT rcNWAQNBZ0E6S2ZulxXsdMoOGJ4iYPjAhqSbejcrN0McBudYq97pvEInG3HbyX2o IGtZznGtwG326l9SV4OvmofxrvLjhx/nOauSBbbJcPWy3L10FWDZZ2h8ddpvx6I6 -oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjQjBAMB0GA1UdDgQW +oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjUDBOMB0GA1UdDgQW BBQuEztEUiww6ez7Rfpd5QQKwcbmuTAfBgNVHSMEGDAWgBQzXgwHRPi1nM1VAZtt -cSODb9DUvjANBgkqhkiG9w0BAQsFAAOCAQEACUrYb9YNJ7ZH+bj99QmczoVEfZ4B -q9gMgwK48RsNV7Zu+JNsMtz0QhSu2coOJx43vZskgzSaMkPTUuThkjUJJifnPVGw -YpWL6RQaQkn8YNCJMWrRvnNnAcJ2sIQgg5fCWf4cO/PepPZRzojMOBX8a1TOs/53 -QTHh3yB5FYrW6ekQayLyoyK+NZ6O2sXEXTgHT9jLlrjnH9d6X18tbWmbglsDk4TL -sjM+VdY9b/3SGHgGObPXkCdACI0v5kfHiUU5Z0zmNNtyNA0qbOBj8BPkOnq/zd2j -3T2pMP5BtRfBLiBJmEJlkDN90xa9A3kdgC+GUNvDCqd3Gv05uGuJYtu0og== +cSODb9DUvjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQClVhy+Gtd7 +5lOwDaT4m+J5FXyxMI6Lh7OydDcpsbUeIKtw0ODgCBFTrwtmYfqlJ35msKOwCOvp +L4LVxnUJGCV6dRuQgGFYnhJDwKdAI9aH2b51ZJoVuHxpoqpwkwFjYEzRzP1otkW9 +b5VmtGeujfP12ptzqhmwmQ/z9yFDkKjwTcq02n1NGzc4CcygkQKZbr64HW17nsq/ +AWNUMVCMnWrkYaFjBH21+RZ+zkdOVQXjtp7EZhQzLPhqrg4phLe1L+SztCJN/VrN +/sptlM3aW8XXI2pLbYAMCNpqQftnkdOOYfnJmf1A7x3eeDQHWiRj3FBHHGqZydmV +OtwplWOnxNQw +-----END CERTIFICATE-----` + + LeafCertWithSameSubjectAndSKID = `-----BEGIN CERTIFICATE----- +MIIDSTCCAjGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJBVTET +MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ +dHkgTHRkMCAXDTI0MDIxNjA2NTkwMloYDzMwMjMwNjE5MDY1OTAyWjBFMQswCQYD +VQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQg +V2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +oCiuqhgIgU89pQ3/nT7ccFbqrmSbyRc/5jfYw83VDuSE4SkPwEml268k8XRoUjdh +sLkDROlR3hab0Ez/eI9LBLXXFWB3qlAJ2OfDkZ+RMLVIGqMxckn2bfnYtUITSVzD +FWWvanb7+wACW6MDH3f/FLLblII21XAcljluzPQbVZoCimh33CS5VOI68y/Esjlz +8HDhXDuxyswIjGMjCnKaFS0vQsySC+M4nqLKdJ0HDPNVMjeUtVIUCKke0rOFDTUZ +nDmBHfdOoHtBiCeZzNH7s2ER4NCwXZmSNXev8CHwmZqaIUSRMsmOxbw3I7KpRBFf +hObeLm55aVS2FEMH68H0FQIDAQABo0IwQDAdBgNVHQ4EFgQUEhZVjl4q3wTX5v7R +U2lhmO8XLwMwHwYDVR0jBBgwFoAULhM7RFIsMOns+0X6XeUECsHG5rkwDQYJKoZI +hvcNAQELBQADggEBAHK9fmY6C9FyzVNh6RTKNT6FL3ozr+WvmKJmE7WcxqAEW6JZ +rtihObu2y1B7e74umOwa1QJd7EFyMm4qnXYT2PepnanxTnz0EST9ZuhM3GpM1FP6 +fjlqLDHoQ1UhBmEnocFTqd7QEZtUbRWPnlJw0ZK2uFK7IYmlnBKkewPCLVGI3ihx +al/8sTx3xx7fWpS+rJ3jviCpHgP+cGV/ANg8hOlyr68u0FE+x6pye00TmxcFzDuo +5/OA9jGQln82Z8inmc05wZPQPpjZxdCQteqJkNl7PrklgO5EevG9JlUArIets2Py +2Vciq5eYOIi+PlP+HI5QzlZYxSqFjJrFcfzYCJ4= -----END CERTIFICATE-----` RootIssuer = "MDQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApzb21lLXN0YXRlMRAwDgYDVQQKDAdyb290LWNh" @@ -521,6 +543,9 @@ sjM+VdY9b/3SGHgGObPXkCdACI0v5kfHiUU5Z0zmNNtyNA0qbOBj8BPkOnq/zd2j IntermediateCertWithSameSubjectAndSKIDSubjectKeyID = "2E:13:3B:44:52:2C:30:E9:EC:FB:45:FA:5D:E5:04:0A:C1:C6:E6:B9" IntermediateCertWithSameSubjectAndSKID1SerialNumber = "3" IntermediateCertWithSameSubjectAndSKID2SerialNumber = "4" + LeafCertWithSameSubjectAndSKIDSubject = "MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQ=" + LeafCertWithSameSubjectAndSKIDSubjectKeyID = "12:16:55:8E:5E:2A:DF:04:D7:E6:FE:D1:53:69:61:98:EF:17:2F:03" + LeafCertWithSameSubjectAndSKIDSerialNumber = "5" IntermediateIssuer = "MDQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApzb21lLXN0YXRlMRAwDgYDVQQKDAdyb290LWNh" IntermediateAuthorityKeyID = "5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB" diff --git a/integration_tests/constants/leaf_with_same_subject_and_skid b/integration_tests/constants/leaf_with_same_subject_and_skid new file mode 100644 index 000000000..2168351d4 --- /dev/null +++ b/integration_tests/constants/leaf_with_same_subject_and_skid @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSTCCAjGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJBVTET +MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ +dHkgTHRkMCAXDTI0MDIxNjA2MzkxN1oYDzMwMjMwNjE5MDYzOTE3WjBFMQswCQYD +VQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQg +V2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +oCiuqhgIgU89pQ3/nT7ccFbqrmSbyRc/5jfYw83VDuSE4SkPwEml268k8XRoUjdh +sLkDROlR3hab0Ez/eI9LBLXXFWB3qlAJ2OfDkZ+RMLVIGqMxckn2bfnYtUITSVzD +FWWvanb7+wACW6MDH3f/FLLblII21XAcljluzPQbVZoCimh33CS5VOI68y/Esjlz +8HDhXDuxyswIjGMjCnKaFS0vQsySC+M4nqLKdJ0HDPNVMjeUtVIUCKke0rOFDTUZ +nDmBHfdOoHtBiCeZzNH7s2ER4NCwXZmSNXev8CHwmZqaIUSRMsmOxbw3I7KpRBFf +hObeLm55aVS2FEMH68H0FQIDAQABo0IwQDAdBgNVHQ4EFgQUEhZVjl4q3wTX5v7R +U2lhmO8XLwMwHwYDVR0jBBgwFoAULhM7RFIsMOns+0X6XeUECsHG5rkwDQYJKoZI +hvcNAQELBQADggEBAODIZAwQrNuwIbF29p6tRmcSEkmMqY2Ktyh+YXfZsjpk26Cd +OrHUGh6GW/lXcDegsMYkx1jIiVAwcYLfMZs0lIgDJUxqERQP51Fw9kuvr4jppJDj +QCSACgWmhXzo+llJy3FxxdaLEtbjpNVDuQ3qZ0JORGGnWHhcZ0dxhaKeos7QVS+i ++4XN4GcehzNtdeDaNoHjKZ0cnmBGh4kBRw5NEoypCHaBMQJJ+XsnIRJ5lhVp0DL9 +I7i9s1CstE9aaFQOAVJAsjvpp1hgAYA22tbs0FX/DIB6FjkhWWKur8EA22dUyPJE +xNI05qeNKVF9AHDgYUgea06xqPD9zx9AX8NURF8= +-----END CERTIFICATE----- diff --git a/integration_tests/grpc_rest/pki/helpers.go b/integration_tests/grpc_rest/pki/helpers.go index 08805ef65..fe01fabda 100644 --- a/integration_tests/grpc_rest/pki/helpers.go +++ b/integration_tests/grpc_rest/pki/helpers.go @@ -1818,4 +1818,98 @@ func Demo(suite *utils.TestSuite) { _, err = GetX509Cert(suite, testconstants.RootCertWithSameSubjectAndSKIDSubject, testconstants.RootCertWithSameSubjectAndSKIDSubjectKeyID) suite.AssertNotFound(err) + + // Remove x509 certificate with invalid serialNumber + msgRemoveX509Cert := pkitypes.MsgRemoveX509Cert{ + Subject: testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + SubjectKeyId: testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + SerialNumber: "invalid", + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveX509Cert}, aliceName, aliceAccount) + require.Error(suite.T, err) + + // Remove revoked x509 certificate by subject and subject key id + msgRemoveX509Cert = pkitypes.MsgRemoveX509Cert{ + Subject: testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + SubjectKeyId: testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + // Check that it's removed from revoked list + _, err = GetRevokedX509Cert(suite, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + suite.AssertNotFound(err) + _, err = GetX509Cert(suite, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + suite.AssertNotFound(err) + + // Remove x509 by subject, subject key id and serial number + + // Add intermediate certificates + msgAddX509Cert = pkitypes.MsgAddX509Cert{ + Cert: testconstants.IntermediateWithSameSubjectAndSKID1, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + + msgAddX509Cert = pkitypes.MsgAddX509Cert{ + Cert: testconstants.IntermediateWithSameSubjectAndSKID2, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + + msgAddX509Cert = pkitypes.MsgAddX509Cert{ + Cert: testconstants.LeafCertWithSameSubjectAndSKID, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgAddX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + + // Remove x509 certificate by serial number + msgRemoveX509Cert = pkitypes.MsgRemoveX509Cert{ + Subject: testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + SubjectKeyId: testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + SerialNumber: testconstants.IntermediateCertWithSameSubjectAndSKID1SerialNumber, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + + // Check that leaf and x509 with different serial number is not removed + certs, _ = GetX509Cert(suite, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.IntermediateCertWithSameSubjectAndSKID2SerialNumber, certs.Certs[0].SerialNumber) + + certs, _ = GetX509Cert(suite, testconstants.LeafCertWithSameSubjectAndSKIDSubject, testconstants.LeafCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber, certs.Certs[0].SerialNumber) + + // Remove revoked x509 certificate by subject and subject key id + msgRemoveX509Cert = pkitypes.MsgRemoveX509Cert{ + Subject: testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + SubjectKeyId: testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + + _, err = GetX509Cert(suite, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + suite.AssertNotFound(err) + certs, _ = GetX509Cert(suite, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber) + require.Equal(suite.T, 1, len(certs.Certs)) + require.Equal(suite.T, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber, certs.Certs[0].SerialNumber) + + // Remove leaf x509 certificate by subject and subject key id + msgRemoveX509Cert = pkitypes.MsgRemoveX509Cert{ + Subject: testconstants.LeafCertWithSameSubjectAndSKIDSubject, + SubjectKeyId: testconstants.LeafCertWithSameSubjectAndSKIDSubjectKeyID, + Signer: aliceAccount.Address, + } + _, err = suite.BuildAndBroadcastTx([]sdk.Msg{&msgRemoveX509Cert}, aliceName, aliceAccount) + require.NoError(suite.T, err) + + _, err = GetX509Cert(suite, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber) + suite.AssertNotFound(err) } diff --git a/proto/pki/tx.proto b/proto/pki/tx.proto index c5aee66bf..3d6a9fff3 100644 --- a/proto/pki/tx.proto +++ b/proto/pki/tx.proto @@ -21,6 +21,7 @@ service Msg { rpc UpdatePkiRevocationDistributionPoint(MsgUpdatePkiRevocationDistributionPoint) returns (MsgUpdatePkiRevocationDistributionPointResponse); rpc DeletePkiRevocationDistributionPoint(MsgDeletePkiRevocationDistributionPoint) returns (MsgDeletePkiRevocationDistributionPointResponse); rpc AssignVid(MsgAssignVid) returns (MsgAssignVidResponse); + rpc RemoveX509Cert(MsgRemoveX509Cert) returns (MsgRemoveX509CertResponse); // this line is used by starport scaffolding # proto/tx/rpc } @@ -156,4 +157,14 @@ message MsgAssignVid { message MsgAssignVidResponse { } +message MsgRemoveX509Cert { + string signer = 1 [(cosmos_proto.scalar) = "cosmos.AddressString", (gogoproto.moretags) = "validate:\"required\""]; + string subject = 2 [(gogoproto.moretags) = "validate:\"required,max=1024\""]; + string subjectKeyId = 3 [(gogoproto.moretags) = "validate:\"required,max=256\""]; + string serialNumber = 4; +} + +message MsgRemoveX509CertResponse { +} + // this line is used by starport scaffolding # proto/tx/message \ No newline at end of file diff --git a/scripts/starport/upgrade-0.44/07.pki_types.sh b/scripts/starport/upgrade-0.44/07.pki_types.sh index ec35186e7..5ffa69f30 100755 --- a/scripts/starport/upgrade-0.44/07.pki_types.sh +++ b/scripts/starport/upgrade-0.44/07.pki_types.sh @@ -12,6 +12,7 @@ starport scaffold --module pki message AddX509Cert cert --signer signer starport scaffold --module pki message ProposeRevokeX509RootCert subject subjectKeyId --signer signer starport scaffold --module pki message ApproveRevokeX509RootCert subject subjectKeyId --signer signer starport scaffold --module pki message RevokeX509Cert subject subjectKeyId --signer signer +starport scaffold --module pki message RemoveX509Cert subject subjectKeyId serialNumber --signer signer starport scaffold --module pki message RejectAddX509RootCert cert --signer signer starport scaffold --module pki message add-pki-revocation-distribution-point vid:uint pid:uint isPAA:bool label crlSignerCertificate issuerSubjectKeyID dataURL dataFileSize:uint dataDigest dataDigestType:uint revocationType:uint --signer signer starport scaffold --module pki message update-pki-revocation-distribution-point vid:uint label crlSignerCertificate issuerSubjectKeyID dataURL dataFileSize:uint dataDigest dataDigestType:uint --signer signer diff --git a/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/index.ts b/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/index.ts index e5867ac96..f95d14131 100755 --- a/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/index.ts +++ b/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/index.ts @@ -15,6 +15,7 @@ import { MsgAddPkiRevocationDistributionPoint } from "./types/pki/tx"; import { MsgAddX509Cert } from "./types/pki/tx"; import { MsgApproveRevokeX509RootCert } from "./types/pki/tx"; import { MsgProposeRevokeX509RootCert } from "./types/pki/tx"; +import { MsgRemoveX509Cert } from "./types/pki/tx"; const types = [ @@ -29,7 +30,7 @@ const types = [ ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddX509Cert", MsgAddX509Cert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgApproveRevokeX509RootCert", MsgApproveRevokeX509RootCert], ["/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", MsgProposeRevokeX509RootCert], - + ["/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", MsgRemoveX509Cert], ]; export const MissingWalletError = new Error("wallet is required"); @@ -72,7 +73,7 @@ const txClient = async (wallet: OfflineSigner, { addr: addr }: TxClientOptions = msgAddX509Cert: (data: MsgAddX509Cert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddX509Cert", value: MsgAddX509Cert.fromPartial( data ) }), msgApproveRevokeX509RootCert: (data: MsgApproveRevokeX509RootCert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgApproveRevokeX509RootCert", value: MsgApproveRevokeX509RootCert.fromPartial( data ) }), msgProposeRevokeX509RootCert: (data: MsgProposeRevokeX509RootCert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", value: MsgProposeRevokeX509RootCert.fromPartial( data ) }), - + msgRemoveX509Cert: (data: MsgRemoveX509Cert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", value: MsgRemoveX509Cert.fromPartial( data ) }), }; }; diff --git a/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/rest.ts b/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/rest.ts index 25ce651e6..d83700f44 100644 --- a/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/rest.ts +++ b/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/rest.ts @@ -94,6 +94,8 @@ export type PkiMsgProposeRevokeX509RootCertResponse = object; export type PkiMsgRejectAddX509RootCertResponse = object; +export type PkiMsgRemoveX509CertResponse = object; + export type PkiMsgRevokeX509CertResponse = object; export type PkiMsgUpdatePkiRevocationDistributionPointResponse = object; diff --git a/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/types/pki/tx.ts b/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/types/pki/tx.ts index b0834fbbb..297bf780a 100644 --- a/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/types/pki/tx.ts +++ b/vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/types/pki/tx.ts @@ -125,6 +125,15 @@ export interface MsgAssignVid { export interface MsgAssignVidResponse {} +export interface MsgRemoveX509Cert { + signer: string + subject: string + subjectKeyId: string + serialNumber: string +} + +export interface MsgRemoveX509CertResponse {} + const baseMsgProposeAddX509RootCert: object = { signer: '', cert: '', info: '', time: 0, vid: 0 } export const MsgProposeAddX509RootCert = { @@ -2106,6 +2115,150 @@ export const MsgAssignVidResponse = { } } +const baseMsgRemoveX509Cert: object = { signer: '', subject: '', subjectKeyId: '', serialNumber: '' } + +export const MsgRemoveX509Cert = { + encode(message: MsgRemoveX509Cert, writer: Writer = Writer.create()): Writer { + if (message.signer !== '') { + writer.uint32(10).string(message.signer) + } + if (message.subject !== '') { + writer.uint32(18).string(message.subject) + } + if (message.subjectKeyId !== '') { + writer.uint32(26).string(message.subjectKeyId) + } + if (message.serialNumber !== '') { + writer.uint32(34).string(message.serialNumber) + } + return writer + }, + + decode(input: Reader | Uint8Array, length?: number): MsgRemoveX509Cert { + const reader = input instanceof Uint8Array ? new Reader(input) : input + let end = length === undefined ? reader.len : reader.pos + length + const message = { ...baseMsgRemoveX509Cert } as MsgRemoveX509Cert + while (reader.pos < end) { + const tag = reader.uint32() + switch (tag >>> 3) { + case 1: + message.signer = reader.string() + break + case 2: + message.subject = reader.string() + break + case 3: + message.subjectKeyId = reader.string() + break + case 4: + message.serialNumber = reader.string() + break + default: + reader.skipType(tag & 7) + break + } + } + return message + }, + + fromJSON(object: any): MsgRemoveX509Cert { + const message = { ...baseMsgRemoveX509Cert } as MsgRemoveX509Cert + if (object.signer !== undefined && object.signer !== null) { + message.signer = String(object.signer) + } else { + message.signer = '' + } + if (object.subject !== undefined && object.subject !== null) { + message.subject = String(object.subject) + } else { + message.subject = '' + } + if (object.subjectKeyId !== undefined && object.subjectKeyId !== null) { + message.subjectKeyId = String(object.subjectKeyId) + } else { + message.subjectKeyId = '' + } + if (object.serialNumber !== undefined && object.serialNumber !== null) { + message.serialNumber = String(object.serialNumber) + } else { + message.serialNumber = '' + } + return message + }, + + toJSON(message: MsgRemoveX509Cert): unknown { + const obj: any = {} + message.signer !== undefined && (obj.signer = message.signer) + message.subject !== undefined && (obj.subject = message.subject) + message.subjectKeyId !== undefined && (obj.subjectKeyId = message.subjectKeyId) + message.serialNumber !== undefined && (obj.serialNumber = message.serialNumber) + return obj + }, + + fromPartial(object: DeepPartial): MsgRemoveX509Cert { + const message = { ...baseMsgRemoveX509Cert } as MsgRemoveX509Cert + if (object.signer !== undefined && object.signer !== null) { + message.signer = object.signer + } else { + message.signer = '' + } + if (object.subject !== undefined && object.subject !== null) { + message.subject = object.subject + } else { + message.subject = '' + } + if (object.subjectKeyId !== undefined && object.subjectKeyId !== null) { + message.subjectKeyId = object.subjectKeyId + } else { + message.subjectKeyId = '' + } + if (object.serialNumber !== undefined && object.serialNumber !== null) { + message.serialNumber = object.serialNumber + } else { + message.serialNumber = '' + } + return message + } +} + +const baseMsgRemoveX509CertResponse: object = {} + +export const MsgRemoveX509CertResponse = { + encode(_: MsgRemoveX509CertResponse, writer: Writer = Writer.create()): Writer { + return writer + }, + + decode(input: Reader | Uint8Array, length?: number): MsgRemoveX509CertResponse { + const reader = input instanceof Uint8Array ? new Reader(input) : input + let end = length === undefined ? reader.len : reader.pos + length + const message = { ...baseMsgRemoveX509CertResponse } as MsgRemoveX509CertResponse + while (reader.pos < end) { + const tag = reader.uint32() + switch (tag >>> 3) { + default: + reader.skipType(tag & 7) + break + } + } + return message + }, + + fromJSON(_: any): MsgRemoveX509CertResponse { + const message = { ...baseMsgRemoveX509CertResponse } as MsgRemoveX509CertResponse + return message + }, + + toJSON(_: MsgRemoveX509CertResponse): unknown { + const obj: any = {} + return obj + }, + + fromPartial(_: DeepPartial): MsgRemoveX509CertResponse { + const message = { ...baseMsgRemoveX509CertResponse } as MsgRemoveX509CertResponse + return message + } +} + /** Msg defines the Msg service. */ export interface Msg { ProposeAddX509RootCert(request: MsgProposeAddX509RootCert): Promise @@ -2118,8 +2271,8 @@ export interface Msg { AddPkiRevocationDistributionPoint(request: MsgAddPkiRevocationDistributionPoint): Promise UpdatePkiRevocationDistributionPoint(request: MsgUpdatePkiRevocationDistributionPoint): Promise DeletePkiRevocationDistributionPoint(request: MsgDeletePkiRevocationDistributionPoint): Promise - /** this line is used by starport scaffolding # proto/tx/rpc */ AssignVid(request: MsgAssignVid): Promise + RemoveX509Cert(request: MsgRemoveX509Cert): Promise } export class MsgClientImpl implements Msg { @@ -2192,6 +2345,12 @@ export class MsgClientImpl implements Msg { const promise = this.rpc.request('zigbeealliance.distributedcomplianceledger.pki.Msg', 'AssignVid', data) return promise.then((data) => MsgAssignVidResponse.decode(new Reader(data))) } + + RemoveX509Cert(request: MsgRemoveX509Cert): Promise { + const data = MsgRemoveX509Cert.encode(request).finish() + const promise = this.rpc.request('zigbeealliance.distributedcomplianceledger.pki.Msg', 'RemoveX509Cert', data) + return promise.then((data) => MsgRemoveX509CertResponse.decode(new Reader(data))) + } } interface Rpc { diff --git a/x/pki/client/cli/tx.go b/x/pki/client/cli/tx.go index 56803106e..63ef89023 100644 --- a/x/pki/client/cli/tx.go +++ b/x/pki/client/cli/tx.go @@ -33,6 +33,7 @@ func GetTxCmd() *cobra.Command { cmd.AddCommand(CmdUpdatePkiRevocationDistributionPoint()) cmd.AddCommand(CmdDeletePkiRevocationDistributionPoint()) cmd.AddCommand(CmdAssignVid()) + cmd.AddCommand(CmdRemoveX509Cert()) // this line is used by starport scaffolding # 1 return cmd diff --git a/x/pki/client/cli/tx_remove_x_509_cert.go b/x/pki/client/cli/tx_remove_x_509_cert.go new file mode 100644 index 000000000..b183606bc --- /dev/null +++ b/x/pki/client/cli/tx_remove_x_509_cert.go @@ -0,0 +1,60 @@ +package cli + +import ( + "strconv" + + "github.com/spf13/cobra" + "github.com/spf13/viper" + + "github.com/cosmos/cosmos-sdk/client" + "github.com/cosmos/cosmos-sdk/client/flags" + "github.com/cosmos/cosmos-sdk/client/tx" + + "github.com/zigbee-alliance/distributed-compliance-ledger/utils/cli" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" +) + +var _ = strconv.Itoa(0) + +func CmdRemoveX509Cert() *cobra.Command { + cmd := &cobra.Command{ + Use: "remove-x509-cert", + Short: "Removes the given intermediate or leaf certificate.", + Args: cobra.ExactArgs(0), + RunE: func(cmd *cobra.Command, args []string) (err error) { + clientCtx, err := client.GetClientTxContext(cmd) + if err != nil { + return err + } + + subject := viper.GetString(FlagSubject) + subjectKeyID := viper.GetString(FlagSubjectKeyID) + serialNumber := viper.GetString(FlagSerialNumber) + + msg := types.NewMsgRemoveX509Cert( + clientCtx.GetFromAddress().String(), + subject, + subjectKeyID, + serialNumber, + ) + // validate basic will be called in GenerateOrBroadcastTxCLI + err = tx.GenerateOrBroadcastTxCLI(clientCtx, cmd.Flags(), msg) + if cli.IsWriteInsteadReadRPCError(err) { + return clientCtx.PrintString(cli.LightClientProxyForWriteRequests) + } + + return err + }, + } + + cmd.Flags().StringP(FlagSubject, FlagSubjectShortcut, "", "Certificate's subject") + cmd.Flags().StringP(FlagSubjectKeyID, FlagSubjectKeyIDShortcut, "", "Certificate's subject key id (hex)") + cmd.Flags().StringP(FlagSerialNumber, FlagSerialNumberShortcut, "", "Certificate's serial number") + cli.AddTxFlagsToCmd(cmd) + + _ = cmd.MarkFlagRequired(FlagSubject) + _ = cmd.MarkFlagRequired(FlagSubjectKeyID) + _ = cmd.MarkFlagRequired(flags.FlagFrom) + + return cmd +} diff --git a/x/pki/handler.go b/x/pki/handler.go index 7ef7098b5..6eba29679 100644 --- a/x/pki/handler.go +++ b/x/pki/handler.go @@ -62,6 +62,10 @@ func NewHandler(k keeper.Keeper) sdk.Handler { case *types.MsgAssignVid: res, err := msgServer.AssignVid(sdk.WrapSDKContext(ctx), msg) + return sdk.WrapServiceResult(ctx, res, err) + case *types.MsgRemoveX509Cert: + res, err := msgServer.RemoveX509Cert(sdk.WrapSDKContext(ctx), msg) + return sdk.WrapServiceResult(ctx, res, err) // this line is used by starport scaffolding # 1 default: diff --git a/x/pki/handler_test.go b/x/pki/handler_test.go index 284e47c26..a6f64130d 100644 --- a/x/pki/handler_test.go +++ b/x/pki/handler_test.go @@ -1676,6 +1676,112 @@ func TestHandler_RevokeX509Cert_BySerialNumber(t *testing.T) { require.Equal(t, testconstants.IntermediateSubjectKeyID, revokedCerts.SubjectKeyId) } +func TestHandler_RemoveX509Cert(t *testing.T) { + setup := Setup(t) + // propose and approve x509 root certificate + rootCertOptions := &rootCertOptions{ + pemCert: testconstants.RootCertWithSameSubjectAndSKID1, + subject: testconstants.RootCertWithSameSubjectAndSKIDSubject, + subjectKeyID: testconstants.RootCertWithSameSubjectAndSKIDSubjectKeyID, + info: testconstants.Info, + vid: 65521, + } + proposeAndApproveRootCertificate(setup, setup.Trustee1, rootCertOptions) + + // Add two intermediate certificates + addIntermediateX509Cert := types.NewMsgAddX509Cert(setup.Trustee1.String(), testconstants.IntermediateWithSameSubjectAndSKID1) + _, err := setup.Handler(setup.Ctx, addIntermediateX509Cert) + require.NoError(t, err) + addIntermediateX509Cert = types.NewMsgAddX509Cert(setup.Trustee1.String(), testconstants.IntermediateWithSameSubjectAndSKID2) + _, err = setup.Handler(setup.Ctx, addIntermediateX509Cert) + require.NoError(t, err) + + // Add a leaf certificate + addLeafX509Cert := types.NewMsgAddX509Cert(setup.Trustee1.String(), testconstants.LeafCertWithSameSubjectAndSKID) + _, err = setup.Handler(setup.Ctx, addLeafX509Cert) + require.NoError(t, err) + + // get certificates for further comparison + allCerts := setup.Keeper.GetAllApprovedCertificates(setup.Ctx) + require.NotNil(t, allCerts) + require.Equal(t, 3, len(allCerts)) + require.Equal(t, 4, len(allCerts[0].Certs)+len(allCerts[1].Certs)+len(allCerts[2].Certs)) + + // remove all intermediate certificates but leave leaf certificate + removeX509Cert := types.NewMsgRemoveX509Cert( + setup.Trustee1.String(), + testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + "", + ) + _, err = setup.Handler(setup.Ctx, removeX509Cert) + require.NoError(t, err) + + // check that only root and leaf certificates exists + allCerts, _ = queryAllApprovedCertificates(setup) + require.Equal(t, 2, len(allCerts)) + require.Equal(t, 2, len(allCerts[0].Certs)+len(allCerts[1].Certs)) + _, err = queryApprovedCertificates(setup, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + leafCerts, _ := queryApprovedCertificates(setup, testconstants.LeafCertWithSameSubjectAndSKIDSubject, testconstants.LeafCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, 1, len(leafCerts.Certs)) + require.Equal(t, testconstants.LeafCertWithSameSubjectAndSKIDSerialNumber, leafCerts.Certs[0].SerialNumber) + + // Add two intermediate certificates again + addIntermediateX509Cert = types.NewMsgAddX509Cert(setup.Trustee1.String(), testconstants.IntermediateWithSameSubjectAndSKID1) + _, err = setup.Handler(setup.Ctx, addIntermediateX509Cert) + require.NoError(t, err) + addIntermediateX509Cert = types.NewMsgAddX509Cert(setup.Trustee1.String(), testconstants.IntermediateWithSameSubjectAndSKID2) + _, err = setup.Handler(setup.Ctx, addIntermediateX509Cert) + require.NoError(t, err) + + intermediateCerts, _ := queryApprovedCertificates(setup, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, 2, len(intermediateCerts.Certs)) + require.Equal(t, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, intermediateCerts.Certs[0].Subject) + require.Equal(t, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, intermediateCerts.Certs[0].SubjectKeyId) + + // remove intermediate certificate by serial number + removeX509Cert = types.NewMsgRemoveX509Cert( + setup.Trustee1.String(), + testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + testconstants.IntermediateCertWithSameSubjectAndSKID1SerialNumber, + ) + _, err = setup.Handler(setup.Ctx, removeX509Cert) + require.NoError(t, err) + + // check that only root, intermediate(with serial number 3) and leaf certificates exists + allCerts, _ = queryAllApprovedCertificates(setup) + require.Equal(t, 3, len(allCerts)) + require.Equal(t, 3, len(allCerts[0].Certs)+len(allCerts[1].Certs)+len(allCerts[2].Certs)) + leafCerts, _ = queryApprovedCertificates(setup, testconstants.LeafCertWithSameSubjectAndSKIDSubject, testconstants.LeafCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, 1, len(leafCerts.Certs)) + + intermediateCerts, _ = queryApprovedCertificates(setup, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, 1, len(intermediateCerts.Certs)) + require.Equal(t, testconstants.IntermediateCertWithSameSubjectAndSKID2SerialNumber, intermediateCerts.Certs[0].SerialNumber) + + // remove intermediate certificate by serial number and check that leaf cert is not removed + removeX509Cert = types.NewMsgRemoveX509Cert( + setup.Trustee1.String(), + testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, + testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID, + testconstants.IntermediateCertWithSameSubjectAndSKID2SerialNumber, + ) + _, err = setup.Handler(setup.Ctx, removeX509Cert) + require.NoError(t, err) + + allCerts, _ = queryAllApprovedCertificates(setup) + require.Equal(t, 2, len(allCerts)) + require.Equal(t, 2, len(allCerts[0].Certs)+len(allCerts[1].Certs)) + + _, err = queryApprovedCertificates(setup, testconstants.IntermediateCertWithSameSubjectAndSKIDSubject, testconstants.IntermediateCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, codes.NotFound, status.Code(err)) + + leafCerts, _ = queryApprovedCertificates(setup, testconstants.LeafCertWithSameSubjectAndSKIDSubject, testconstants.LeafCertWithSameSubjectAndSKIDSubjectKeyID) + require.Equal(t, 1, len(leafCerts.Certs)) +} + func TestHandler_RevokeX509RootCertsBySubjectKeyId(t *testing.T) { setup := Setup(t) diff --git a/x/pki/keeper/approved_certificates.go b/x/pki/keeper/approved_certificates.go index 239efe1b8..8e7c53acc 100644 --- a/x/pki/keeper/approved_certificates.go +++ b/x/pki/keeper/approved_certificates.go @@ -70,26 +70,6 @@ func (k Keeper) RemoveApprovedCertificates( )) } -func (k Keeper) removeCertFromList(serialNumber string, certs *types.ApprovedCertificates) { - certIndex := -1 - - for i, cert := range certs.Certs { - if cert.SerialNumber == serialNumber { - certIndex = i - - break - } - } - if certIndex == -1 { - return - } - if certIndex == len(certs.Certs)-1 { - certs.Certs = certs.Certs[:certIndex] - } else { - certs.Certs = append(certs.Certs[:certIndex], certs.Certs[certIndex+1:]...) - } -} - // GetAllApprovedCertificates returns all approvedCertificates. func (k Keeper) GetAllApprovedCertificates(ctx sdk.Context) (list []types.ApprovedCertificates) { store := prefix.NewStore(ctx.KVStore(k.storeKey), pkitypes.KeyPrefix(types.ApprovedCertificatesKeyPrefix)) diff --git a/x/pki/keeper/msg_server_remove_x_509_cert.go b/x/pki/keeper/msg_server_remove_x_509_cert.go new file mode 100644 index 000000000..83a2cef3a --- /dev/null +++ b/x/pki/keeper/msg_server_remove_x_509_cert.go @@ -0,0 +1,78 @@ +package keeper + +import ( + "context" + "fmt" + + sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" +) + +func (k msgServer) RemoveX509Cert(goCtx context.Context, msg *types.MsgRemoveX509Cert) (*types.MsgRemoveX509CertResponse, error) { + ctx := sdk.UnwrapSDKContext(goCtx) + + certificates, found := k.GetApprovedCertificates(ctx, msg.Subject, msg.SubjectKeyId) + if !found { + return nil, pkitypes.NewErrCertificateDoesNotExist(msg.Subject, msg.SubjectKeyId) + } + + if certificates.Certs[0].IsRoot { + return nil, pkitypes.NewErrInappropriateCertificateType( + fmt.Sprintf("Inappropriate Certificate Type: Certificate with subject=%v and subjectKeyID=%v "+ + "is a root certificate. To propose revocation of a root certificate please use "+ + "`PROPOSE_REVOKE_X509_ROOT_CERT` transaction.", msg.Subject, msg.SubjectKeyId), + ) + } + + if msg.Signer != certificates.Certs[0].Owner { + return nil, sdkerrors.Wrapf(sdkerrors.ErrUnauthorized, + "Only owner can revoke certificate using `REVOKE_X509_CERT`", + ) + } + + certID := types.CertificateIdentifier{ + Subject: msg.Subject, + SubjectKeyId: msg.SubjectKeyId, + } + + if msg.SerialNumber != "" { + certBySerialNumber, found := findCertificate(msg.SerialNumber, &certificates.Certs) + if !found { + return nil, pkitypes.NewErrCertificateBySerialNumberDoesNotExist(msg.Subject, msg.SubjectKeyId, msg.SerialNumber) + } + // remove from subject with serialNumber map + k.RemoveUniqueCertificate(ctx, certBySerialNumber.Issuer, certBySerialNumber.SerialNumber) + + k.removeCertFromList(certBySerialNumber.Issuer, certBySerialNumber.SerialNumber, &certificates) + k._removeX509Cert(ctx, certID, certificates) + } else { + k.RemoveApprovedCertificates(ctx, certID.Subject, certID.SubjectKeyId) + // remove from subject -> subject key ID map + k.RemoveApprovedCertificateBySubject(ctx, certID.Subject, certID.SubjectKeyId) + // remove from subject key ID -> certificates map + k.RemoveApprovedCertificatesBySubjectKeyID(ctx, certID.Subject, certID.SubjectKeyId) + // remove from subject with serialNumber map + for _, cert := range certificates.Certs { + k.RemoveUniqueCertificate(ctx, cert.Issuer, cert.SerialNumber) + } + } + + return &types.MsgRemoveX509CertResponse{}, nil +} + +func (k msgServer) _removeX509Cert(ctx sdk.Context, certID types.CertificateIdentifier, certificates types.ApprovedCertificates) { + if len(certificates.Certs) == 0 { + k.RemoveApprovedCertificates(ctx, certID.Subject, certID.SubjectKeyId) + k.RemoveApprovedCertificateBySubject(ctx, certID.Subject, certID.SubjectKeyId) + k.RemoveApprovedCertificatesBySubjectKeyID(ctx, certID.Subject, certID.SubjectKeyId) + } else { + k.SetApprovedCertificates(ctx, certificates) + k.SetApprovedCertificatesBySubjectKeyID( + ctx, + types.ApprovedCertificatesBySubjectKeyId{SubjectKeyId: certID.SubjectKeyId, Certs: certificates.Certs}, + ) + } +} diff --git a/x/pki/module_simulation.go b/x/pki/module_simulation.go index 3576b6232..8ca9f24ac 100644 --- a/x/pki/module_simulation.go +++ b/x/pki/module_simulation.go @@ -69,6 +69,10 @@ const ( // TODO: Determine the simulation weight value. defaultWeightMsgAssignVid int = 100 + opWeightMsgRemoveX509Cert = "op_weight_msg_create_chain" + // TODO: Determine the simulation weight value. + defaultWeightMsgRemoveX509Cert int = 100 + // this line is used by starport scaffolding # simapp/module/const. ) @@ -223,6 +227,17 @@ func (am AppModule) WeightedOperations(simState module.SimulationState) []simtyp pkisimulation.SimulateMsgAssignVid(am.keeper), )) + var weightMsgRemoveX509Cert int + simState.AppParams.GetOrGenerate(simState.Cdc, opWeightMsgRemoveX509Cert, &weightMsgRemoveX509Cert, nil, + func(_ *rand.Rand) { + weightMsgRemoveX509Cert = defaultWeightMsgRemoveX509Cert + }, + ) + operations = append(operations, simulation.NewWeightedOperation( + weightMsgRemoveX509Cert, + pkisimulation.SimulateMsgRemoveX509Cert(am.keeper), + )) + // this line is used by starport scaffolding # simapp/module/operation return operations diff --git a/x/pki/simulation/remove_x_509_cert.go b/x/pki/simulation/remove_x_509_cert.go new file mode 100644 index 000000000..c55f70c2c --- /dev/null +++ b/x/pki/simulation/remove_x_509_cert.go @@ -0,0 +1,29 @@ +package simulation + +import ( + "math/rand" + + "github.com/cosmos/cosmos-sdk/baseapp" + sdk "github.com/cosmos/cosmos-sdk/types" + simtypes "github.com/cosmos/cosmos-sdk/types/simulation" + + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/keeper" + "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types" +) + +func SimulateMsgRemoveX509Cert( + k keeper.Keeper, +) simtypes.Operation { + return func(r *rand.Rand, app *baseapp.BaseApp, ctx sdk.Context, accs []simtypes.Account, chainID string, + ) (simtypes.OperationMsg, []simtypes.FutureOperation, error) { + simAccount, _ := simtypes.RandomAcc(r, accs) + msg := &types.MsgRemoveX509Cert{ + Signer: simAccount.Address.String(), + } + + // TODO: Handling the RemoveX509Cert simulation + + return simtypes.NoOpMsg(pkitypes.ModuleName, msg.Type(), "RemoveX509Cert simulation not implemented"), nil, nil + } +} diff --git a/x/pki/types/codec.go b/x/pki/types/codec.go index a91b5d20e..8c1e23a66 100644 --- a/x/pki/types/codec.go +++ b/x/pki/types/codec.go @@ -19,6 +19,7 @@ func RegisterCodec(cdc *codec.LegacyAmino) { cdc.RegisterConcrete(&MsgUpdatePkiRevocationDistributionPoint{}, "pki/UpdatePkiRevocationDistributionPoint", nil) cdc.RegisterConcrete(&MsgDeletePkiRevocationDistributionPoint{}, "pki/DeletePkiRevocationDistributionPoint", nil) cdc.RegisterConcrete(&MsgAssignVid{}, "pki/AssignVid", nil) + cdc.RegisterConcrete(&MsgRemoveX509Cert{}, "pki/RemoveX509Cert", nil) // this line is used by starport scaffolding # 2 } @@ -56,6 +57,9 @@ func RegisterInterfaces(registry cdctypes.InterfaceRegistry) { registry.RegisterImplementations((*sdk.Msg)(nil), &MsgAssignVid{}, ) + registry.RegisterImplementations((*sdk.Msg)(nil), + &MsgRemoveX509Cert{}, + ) // this line is used by starport scaffolding # 3 msgservice.RegisterMsgServiceDesc(registry, &_Msg_serviceDesc) diff --git a/x/pki/types/message_remove_x_509_cert.go b/x/pki/types/message_remove_x_509_cert.go new file mode 100644 index 000000000..ead83a44d --- /dev/null +++ b/x/pki/types/message_remove_x_509_cert.go @@ -0,0 +1,58 @@ +package types + +import ( + sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + pkitypes "github.com/zigbee-alliance/distributed-compliance-ledger/types/pki" + "github.com/zigbee-alliance/distributed-compliance-ledger/utils/validator" +) + +const TypeMsgRemoveX509Cert = "remove_x_509_cert" + +var _ sdk.Msg = &MsgRemoveX509Cert{} + +func NewMsgRemoveX509Cert(signer string, subject string, subjectKeyID string, serialNumber string) *MsgRemoveX509Cert { + return &MsgRemoveX509Cert{ + Signer: signer, + Subject: subject, + SubjectKeyId: subjectKeyID, + SerialNumber: serialNumber, + } +} + +func (msg *MsgRemoveX509Cert) Route() string { + return pkitypes.RouterKey +} + +func (msg *MsgRemoveX509Cert) Type() string { + return TypeMsgRemoveX509Cert +} + +func (msg *MsgRemoveX509Cert) GetSigners() []sdk.AccAddress { + signer, err := sdk.AccAddressFromBech32(msg.Signer) + if err != nil { + panic(err) + } + + return []sdk.AccAddress{signer} +} + +func (msg *MsgRemoveX509Cert) GetSignBytes() []byte { + bz := ModuleCdc.MustMarshalJSON(msg) + + return sdk.MustSortJSON(bz) +} + +func (msg *MsgRemoveX509Cert) ValidateBasic() error { + _, err := sdk.AccAddressFromBech32(msg.Signer) + if err != nil { + return sdkerrors.Wrapf(sdkerrors.ErrInvalidAddress, "invalid signer address (%s)", err) + } + + err = validator.Validate(msg) + if err != nil { + return err + } + + return nil +} diff --git a/x/pki/types/message_remove_x_509_cert_test.go b/x/pki/types/message_remove_x_509_cert_test.go new file mode 100644 index 000000000..8b3fc65fd --- /dev/null +++ b/x/pki/types/message_remove_x_509_cert_test.go @@ -0,0 +1,105 @@ +package types + +import ( + "testing" + + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" + "github.com/stretchr/testify/require" + tmrand "github.com/tendermint/tendermint/libs/rand" + + testconstants "github.com/zigbee-alliance/distributed-compliance-ledger/integration_tests/constants" + "github.com/zigbee-alliance/distributed-compliance-ledger/testutil/sample" + "github.com/zigbee-alliance/distributed-compliance-ledger/utils/validator" +) + +func TestMsgRemoveX509Cert_ValidateBasic(t *testing.T) { + negativeTests := []struct { + name string + msg MsgRemoveX509Cert + err error + }{ + { + name: "invalid address", + msg: MsgRemoveX509Cert{ + Signer: "invalid_address", + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + err: sdkerrors.ErrInvalidAddress, + }, + { + name: "empty subject", + msg: MsgRemoveX509Cert{ + Signer: sample.AccAddress(), + Subject: "", + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + err: validator.ErrRequiredFieldMissing, + }, + { + name: "empty SubjectKeyId", + msg: MsgRemoveX509Cert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: "", + }, + err: validator.ErrRequiredFieldMissing, + }, + { + name: "subject len > 1024 (1 KB)", + msg: MsgRemoveX509Cert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject + tmrand.Str(1025-len(testconstants.RootSubject)), + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + err: validator.ErrFieldMaxLengthExceeded, + }, + { + name: "subject key id len > 256", + msg: MsgRemoveX509Cert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID + tmrand.Str(257-len(testconstants.RootSubjectKeyID)), + }, + err: validator.ErrFieldMaxLengthExceeded, + }, + } + + positiveTests := []struct { + name string + msg MsgRemoveX509Cert + }{ + { + name: "valid remove x509cert msg", + msg: MsgRemoveX509Cert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID, + }, + }, + { + name: "valid remove x509cert msg with serial number", + msg: MsgRemoveX509Cert{ + Signer: sample.AccAddress(), + Subject: testconstants.RootSubject, + SubjectKeyId: testconstants.RootSubjectKeyID, + SerialNumber: testconstants.RootSerialNumber, + }, + }, + } + + for _, tt := range negativeTests { + t.Run(tt.name, func(t *testing.T) { + err := tt.msg.ValidateBasic() + require.Error(t, err) + require.ErrorIs(t, err, tt.err) + }) + } + + for _, tt := range positiveTests { + t.Run(tt.name, func(t *testing.T) { + err := tt.msg.ValidateBasic() + require.NoError(t, err) + }) + } +} diff --git a/x/pki/types/tx.pb.go b/x/pki/types/tx.pb.go index 4812fdb4a..50f5af7d9 100644 --- a/x/pki/types/tx.pb.go +++ b/x/pki/types/tx.pb.go @@ -1365,6 +1365,110 @@ func (m *MsgAssignVidResponse) XXX_DiscardUnknown() { var xxx_messageInfo_MsgAssignVidResponse proto.InternalMessageInfo +type MsgRemoveX509Cert struct { + Signer string `protobuf:"bytes,1,opt,name=signer,proto3" json:"signer,omitempty" validate:"required"` + Subject string `protobuf:"bytes,2,opt,name=subject,proto3" json:"subject,omitempty" validate:"required,max=1024"` + SubjectKeyId string `protobuf:"bytes,3,opt,name=subjectKeyId,proto3" json:"subjectKeyId,omitempty" validate:"required,max=256"` + SerialNumber string `protobuf:"bytes,4,opt,name=serialNumber,proto3" json:"serialNumber,omitempty"` +} + +func (m *MsgRemoveX509Cert) Reset() { *m = MsgRemoveX509Cert{} } +func (m *MsgRemoveX509Cert) String() string { return proto.CompactTextString(m) } +func (*MsgRemoveX509Cert) ProtoMessage() {} +func (*MsgRemoveX509Cert) Descriptor() ([]byte, []int) { + return fileDescriptor_badfdb2b39855d16, []int{22} +} +func (m *MsgRemoveX509Cert) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MsgRemoveX509Cert) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MsgRemoveX509Cert.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MsgRemoveX509Cert) XXX_Merge(src proto.Message) { + xxx_messageInfo_MsgRemoveX509Cert.Merge(m, src) +} +func (m *MsgRemoveX509Cert) XXX_Size() int { + return m.Size() +} +func (m *MsgRemoveX509Cert) XXX_DiscardUnknown() { + xxx_messageInfo_MsgRemoveX509Cert.DiscardUnknown(m) +} + +var xxx_messageInfo_MsgRemoveX509Cert proto.InternalMessageInfo + +func (m *MsgRemoveX509Cert) GetSigner() string { + if m != nil { + return m.Signer + } + return "" +} + +func (m *MsgRemoveX509Cert) GetSubject() string { + if m != nil { + return m.Subject + } + return "" +} + +func (m *MsgRemoveX509Cert) GetSubjectKeyId() string { + if m != nil { + return m.SubjectKeyId + } + return "" +} + +func (m *MsgRemoveX509Cert) GetSerialNumber() string { + if m != nil { + return m.SerialNumber + } + return "" +} + +type MsgRemoveX509CertResponse struct { +} + +func (m *MsgRemoveX509CertResponse) Reset() { *m = MsgRemoveX509CertResponse{} } +func (m *MsgRemoveX509CertResponse) String() string { return proto.CompactTextString(m) } +func (*MsgRemoveX509CertResponse) ProtoMessage() {} +func (*MsgRemoveX509CertResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_badfdb2b39855d16, []int{23} +} +func (m *MsgRemoveX509CertResponse) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MsgRemoveX509CertResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MsgRemoveX509CertResponse.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MsgRemoveX509CertResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_MsgRemoveX509CertResponse.Merge(m, src) +} +func (m *MsgRemoveX509CertResponse) XXX_Size() int { + return m.Size() +} +func (m *MsgRemoveX509CertResponse) XXX_DiscardUnknown() { + xxx_messageInfo_MsgRemoveX509CertResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_MsgRemoveX509CertResponse proto.InternalMessageInfo + func init() { proto.RegisterType((*MsgProposeAddX509RootCert)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCert") proto.RegisterType((*MsgProposeAddX509RootCertResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgProposeAddX509RootCertResponse") @@ -1388,86 +1492,90 @@ func init() { proto.RegisterType((*MsgDeletePkiRevocationDistributionPointResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgDeletePkiRevocationDistributionPointResponse") proto.RegisterType((*MsgAssignVid)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgAssignVid") proto.RegisterType((*MsgAssignVidResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgAssignVidResponse") + proto.RegisterType((*MsgRemoveX509Cert)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert") + proto.RegisterType((*MsgRemoveX509CertResponse)(nil), "zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509CertResponse") } func init() { proto.RegisterFile("pki/tx.proto", fileDescriptor_badfdb2b39855d16) } var fileDescriptor_badfdb2b39855d16 = []byte{ - // 1176 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xdf, 0x6f, 0xdb, 0x54, - 0x14, 0xae, 0xf3, 0xa3, 0x3f, 0xce, 0x4a, 0x05, 0x97, 0xd2, 0xb9, 0x6e, 0x95, 0x64, 0x5e, 0xb5, - 0x55, 0xa2, 0x4d, 0xd2, 0xae, 0x29, 0xeb, 0x44, 0x41, 0xe9, 0xa2, 0x8d, 0x6a, 0x2d, 0x2a, 0x6e, - 0x07, 0x08, 0x21, 0x26, 0x27, 0xbe, 0x33, 0x97, 0x3a, 0xb9, 0xc6, 0xd7, 0xa9, 0xda, 0xfd, 0x13, - 0x20, 0x21, 0x5e, 0x00, 0xf1, 0x06, 0xff, 0x00, 0x88, 0x57, 0x24, 0x9e, 0x78, 0x41, 0x9a, 0x10, - 0x12, 0x3c, 0x45, 0x53, 0xfb, 0x1f, 0xe4, 0x1d, 0x09, 0xd9, 0x4e, 0xec, 0xba, 0xb3, 0xd3, 0xc4, - 0x4d, 0x1f, 0xe8, 0xfa, 0x66, 0xdf, 0xdc, 0xef, 0xbb, 0xe7, 0x7c, 0xe7, 0xb3, 0xef, 0x3d, 0x0e, - 0x8c, 0xea, 0xbb, 0x24, 0x67, 0xee, 0x67, 0x75, 0x83, 0x9a, 0x14, 0x65, 0x9f, 0x10, 0xb5, 0x8c, - 0xb1, 0xac, 0x69, 0x44, 0xae, 0x55, 0x70, 0x56, 0x21, 0xcc, 0x34, 0x48, 0xb9, 0x6e, 0x62, 0xa5, - 0x42, 0xab, 0xba, 0x33, 0xaa, 0x61, 0x45, 0xc5, 0x46, 0x56, 0xdf, 0x25, 0xc2, 0x64, 0x85, 0xb2, - 0x2a, 0x65, 0x8f, 0x6c, 0x74, 0xce, 0xb9, 0x71, 0xa8, 0x84, 0x71, 0x95, 0xaa, 0xd4, 0x19, 0xb7, - 0xae, 0x9c, 0x51, 0xf1, 0x9b, 0x18, 0x4c, 0x6e, 0x32, 0x75, 0xcb, 0xa0, 0x3a, 0x65, 0xb8, 0xa8, - 0x28, 0x1f, 0x16, 0xf2, 0x2b, 0x12, 0xa5, 0xe6, 0x5d, 0x6c, 0x98, 0xe8, 0x3e, 0x0c, 0x32, 0xa2, - 0xd6, 0xb0, 0xc1, 0x73, 0x19, 0x6e, 0x76, 0x64, 0x2d, 0xd7, 0x6c, 0xa4, 0x5f, 0xdd, 0x93, 0x35, - 0xa2, 0xc8, 0x26, 0xbe, 0x23, 0x1a, 0xf8, 0xf3, 0x3a, 0x31, 0xb0, 0x22, 0xfe, 0xf9, 0xf3, 0xfc, - 0x78, 0x6b, 0xb1, 0xa2, 0xa2, 0x18, 0x98, 0xb1, 0x6d, 0xd3, 0x20, 0x35, 0x55, 0x6a, 0xc1, 0xd1, - 0x6d, 0x48, 0x54, 0xb0, 0x61, 0xf2, 0x31, 0x9b, 0x66, 0xa6, 0xd9, 0x48, 0x67, 0x9e, 0xa7, 0x99, - 0xab, 0xca, 0xfb, 0xab, 0x0b, 0xf9, 0xa5, 0xdb, 0x85, 0x37, 0x96, 0xf3, 0xa2, 0x64, 0x23, 0xd0, - 0xeb, 0x90, 0x20, 0xb5, 0xc7, 0x94, 0x8f, 0xdb, 0xc8, 0xab, 0xfe, 0x00, 0x2c, 0xc0, 0x52, 0x7e, - 0x65, 0x59, 0x94, 0xec, 0x49, 0x08, 0x41, 0xc2, 0x24, 0x55, 0xcc, 0x27, 0x32, 0xdc, 0x6c, 0x5c, - 0xb2, 0xaf, 0xd1, 0x0a, 0xc4, 0xf7, 0x88, 0xc2, 0x27, 0x33, 0xdc, 0x6c, 0x72, 0xed, 0x66, 0xb3, - 0x91, 0xbe, 0xee, 0xe1, 0x55, 0x13, 0xaf, 0x2e, 0xcc, 0x69, 0x26, 0x5e, 0x5d, 0x2e, 0x14, 0x6e, - 0x15, 0xe6, 0xdc, 0x84, 0x24, 0x0b, 0x23, 0x5e, 0x87, 0x6b, 0xa1, 0xda, 0x48, 0x98, 0xe9, 0xb4, - 0xc6, 0xb0, 0xf8, 0xa3, 0xa3, 0x60, 0x51, 0xd7, 0x0d, 0xba, 0x77, 0x7e, 0x0a, 0xde, 0x81, 0x21, - 0x56, 0x2f, 0x7f, 0x86, 0x2b, 0x6d, 0x11, 0x33, 0xcd, 0x46, 0x7a, 0x3a, 0x54, 0xc4, 0xc5, 0x25, - 0x51, 0x6a, 0x03, 0xd0, 0x5d, 0x18, 0x6d, 0x5d, 0x3e, 0xc0, 0x07, 0xeb, 0x4a, 0x4b, 0xcb, 0x74, - 0xb3, 0x91, 0x9e, 0x0a, 0x21, 0x58, 0x2c, 0x2c, 0x8b, 0x92, 0x0f, 0xe4, 0x16, 0x22, 0xd1, 0x4b, - 0x21, 0x92, 0x5e, 0x21, 0x5a, 0x6a, 0x06, 0xeb, 0xe4, 0xaa, 0xf9, 0x17, 0x07, 0x63, 0xd6, 0x2c, - 0xe7, 0xe7, 0x8b, 0x62, 0x42, 0x91, 0x87, 0x09, 0x7f, 0x56, 0x6e, 0xc2, 0x7f, 0xc4, 0x60, 0xda, - 0x33, 0x99, 0x84, 0xf7, 0xe8, 0x2e, 0xbe, 0x74, 0x50, 0xa0, 0x83, 0x90, 0x08, 0xa3, 0x0c, 0x1b, - 0x44, 0xd6, 0xde, 0xad, 0x57, 0xcb, 0xd8, 0xe0, 0x07, 0x2d, 0x22, 0xc9, 0x37, 0x26, 0xde, 0x80, - 0x99, 0x4e, 0x72, 0x9e, 0xd4, 0xbd, 0x65, 0xc7, 0x17, 0x42, 0xf7, 0x64, 0x2f, 0xba, 0x0f, 0x76, - 0xd0, 0x7d, 0x28, 0x54, 0xf7, 0x50, 0x39, 0x5d, 0xdd, 0x7f, 0x8b, 0xc1, 0x2b, 0x9b, 0x4c, 0xf5, - 0x66, 0x5c, 0x9a, 0xbc, 0x77, 0x93, 0x4f, 0xd9, 0x5b, 0x8e, 0x5f, 0x43, 0x57, 0xe1, 0x1f, 0x62, - 0xc0, 0xdb, 0xbf, 0x5a, 0x41, 0x5d, 0xee, 0x47, 0xa1, 0xfb, 0x91, 0x08, 0x99, 0x30, 0x99, 0x5c, - 0x2d, 0xbf, 0x4d, 0x3a, 0xb6, 0x56, 0x94, 0xad, 0x5d, 0x62, 0xe9, 0x5d, 0x91, 0x4d, 0x42, 0x6b, - 0xa5, 0xf6, 0x31, 0x8c, 0xd0, 0xda, 0x16, 0x25, 0xb5, 0x3e, 0xea, 0xda, 0x3a, 0xae, 0xc4, 0x7a, - 0x3f, 0xae, 0xa0, 0x3c, 0xc4, 0x75, 0xe2, 0xa8, 0x99, 0x5c, 0x4b, 0x35, 0x1b, 0x69, 0xc1, 0x0f, - 0xcd, 0x7b, 0x50, 0x51, 0xb2, 0xa6, 0xa2, 0x71, 0x48, 0x12, 0xb6, 0x55, 0x2c, 0xda, 0x22, 0x0e, - 0x4b, 0xce, 0x0d, 0x9a, 0x87, 0xa4, 0x26, 0x97, 0xb1, 0x16, 0xfc, 0xc2, 0xf0, 0x16, 0x75, 0x66, - 0xa1, 0x07, 0x30, 0x5e, 0x31, 0xb4, 0x6d, 0x3b, 0x7c, 0x4b, 0x3c, 0xf2, 0x98, 0x54, 0x64, 0xd3, - 0x79, 0x83, 0x74, 0x40, 0x07, 0x82, 0xd0, 0x7d, 0x40, 0x84, 0xb1, 0x3a, 0x36, 0xb6, 0xbd, 0x5a, - 0x97, 0x9c, 0x17, 0x4e, 0x38, 0x55, 0x00, 0x04, 0x15, 0x60, 0x48, 0x91, 0x4d, 0xf9, 0xa1, 0xb4, - 0xc1, 0x0f, 0xdb, 0xe8, 0xa9, 0x66, 0x23, 0x7d, 0x35, 0xc0, 0x5e, 0x75, 0x43, 0x13, 0xa5, 0xf6, - 0x5c, 0xeb, 0xe9, 0xb3, 0x2e, 0xef, 0x11, 0x0d, 0x6f, 0x93, 0x27, 0x98, 0x1f, 0xc9, 0x70, 0xb3, - 0x09, 0xc9, 0x37, 0x86, 0x52, 0x00, 0xd6, 0x7d, 0x89, 0xa8, 0x98, 0x99, 0x3c, 0xd8, 0xcf, 0xe7, - 0xb1, 0x11, 0x74, 0x03, 0xc6, 0xbc, 0xbb, 0x9d, 0x03, 0x1d, 0xf3, 0x57, 0x32, 0xdc, 0xec, 0x4b, - 0xd2, 0x89, 0x51, 0xf4, 0x36, 0x8c, 0x19, 0xae, 0xa5, 0xec, 0x79, 0xa3, 0xd6, 0xbc, 0xf0, 0x3c, - 0x4f, 0x4c, 0x17, 0xb3, 0x30, 0xd7, 0x8d, 0x39, 0x5d, 0x37, 0xff, 0x1b, 0x87, 0x9b, 0x9b, 0x4c, - 0x7d, 0xa8, 0x5b, 0xc4, 0xff, 0x03, 0x43, 0xbb, 0x46, 0x8c, 0x77, 0x65, 0xc4, 0xc5, 0x10, 0x23, - 0xda, 0x6f, 0x88, 0x9e, 0xfc, 0x96, 0xec, 0xdd, 0x6f, 0xcb, 0x9e, 0xdf, 0x1c, 0xe3, 0x4f, 0x37, - 0x1b, 0x69, 0xde, 0x43, 0xd3, 0x2a, 0x31, 0x71, 0x55, 0x37, 0x0f, 0x4e, 0x31, 0xdc, 0xd0, 0xa9, - 0x86, 0x1b, 0xee, 0xc2, 0x70, 0x23, 0x41, 0x86, 0x13, 0x17, 0x20, 0xd7, 0x65, 0xf9, 0x8f, 0x6f, - 0x26, 0x96, 0x65, 0x4a, 0x58, 0xc3, 0x17, 0xd1, 0x32, 0xc1, 0xe5, 0x4f, 0xf4, 0x5c, 0xfe, 0x96, - 0xb4, 0xdd, 0xc8, 0xe4, 0x4a, 0xfb, 0x55, 0x0c, 0x46, 0xad, 0xc7, 0x97, 0x59, 0x59, 0xbf, 0x4f, - 0x94, 0x0b, 0xb4, 0x37, 0xb7, 0x0a, 0x98, 0x88, 0xd0, 0x73, 0x4f, 0xc0, 0xf8, 0x71, 0x51, 0xda, - 0x6a, 0x2d, 0x7e, 0xf7, 0x32, 0xc4, 0x37, 0x99, 0x8a, 0x7e, 0xe1, 0x60, 0x22, 0xe4, 0x6b, 0xc5, - 0x7a, 0x8f, 0x5f, 0x4b, 0xb2, 0xa1, 0xcd, 0xbd, 0xf0, 0x5e, 0xdf, 0xa8, 0xda, 0x09, 0xd8, 0x81, - 0x87, 0x7c, 0x24, 0x88, 0x12, 0x78, 0x30, 0x55, 0xa4, 0xc0, 0x3b, 0xb7, 0xe4, 0xe8, 0x6b, 0x0e, - 0xae, 0x1c, 0xef, 0xc7, 0xdf, 0x8a, 0xb2, 0x84, 0x87, 0x17, 0xee, 0x9d, 0x0d, 0xef, 0xc6, 0xf5, - 0x2b, 0x07, 0x93, 0xe1, 0x6d, 0xf3, 0x46, 0xf4, 0x0a, 0x3e, 0xcf, 0x26, 0xec, 0xf4, 0x93, 0xcd, - 0x97, 0x41, 0x78, 0x03, 0xba, 0x11, 0xbd, 0x94, 0x7d, 0xca, 0xe0, 0xd4, 0x6e, 0x0e, 0x7d, 0xcf, - 0xc1, 0xd8, 0x89, 0x56, 0xae, 0x18, 0x61, 0x21, 0x3f, 0x85, 0xb0, 0x7e, 0x66, 0x0a, 0x37, 0xc0, - 0x9f, 0x38, 0x78, 0x2d, 0xb8, 0x13, 0x7a, 0x27, 0xd2, 0x22, 0x01, 0x4c, 0xc2, 0x56, 0xbf, 0x98, - 0xdc, 0xa8, 0xff, 0xe6, 0xe0, 0xda, 0xe9, 0x3d, 0xc7, 0x4e, 0xb4, 0x07, 0xa9, 0x33, 0xab, 0xf0, - 0xf1, 0x79, 0xb0, 0xba, 0x99, 0x3d, 0xe3, 0x60, 0xa6, 0xab, 0xf3, 0xe7, 0x07, 0x11, 0xc2, 0xe8, - 0x86, 0x58, 0x78, 0x74, 0x4e, 0xc4, 0xbe, 0x14, 0xbb, 0x3a, 0x2f, 0x45, 0x49, 0xb1, 0x1b, 0xe2, - 0x48, 0x29, 0xf6, 0x72, 0x74, 0x41, 0x5f, 0x70, 0x30, 0xe2, 0x9d, 0x5b, 0xde, 0x8c, 0xe2, 0x98, - 0x36, 0x5a, 0x28, 0x9d, 0x05, 0xdd, 0x8e, 0x68, 0xed, 0x93, 0xdf, 0x0f, 0x53, 0xdc, 0xd3, 0xc3, - 0x14, 0xf7, 0xec, 0x30, 0xc5, 0x7d, 0x79, 0x94, 0x1a, 0x78, 0x7a, 0x94, 0x1a, 0xf8, 0xe7, 0x28, - 0x35, 0xf0, 0x51, 0x49, 0x25, 0xe6, 0xa7, 0xf5, 0x72, 0xb6, 0x42, 0xab, 0x39, 0x67, 0xa5, 0xf9, - 0xf6, 0x52, 0xb9, 0x63, 0x4b, 0xcd, 0x7b, 0x6b, 0xcd, 0x3b, 0x8b, 0xe5, 0xf6, 0x73, 0xf6, 0x7f, - 0x31, 0x07, 0x3a, 0x66, 0xe5, 0x41, 0xfb, 0xef, 0x92, 0x5b, 0xff, 0x05, 0x00, 0x00, 0xff, 0xff, - 0xda, 0x6b, 0x4c, 0x0a, 0x9f, 0x19, 0x00, 0x00, + // 1214 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xdf, 0x6f, 0xdb, 0x44, + 0x1c, 0x9f, 0xf3, 0xa3, 0x5d, 0xbf, 0x2b, 0x95, 0x76, 0x94, 0xce, 0x75, 0xab, 0x24, 0xf3, 0xaa, + 0xad, 0x12, 0x6d, 0x92, 0x76, 0x4d, 0x59, 0x27, 0x0a, 0x4a, 0x17, 0x6d, 0x54, 0x6b, 0x51, 0x71, + 0x3b, 0x40, 0x08, 0x31, 0x39, 0xf1, 0xcd, 0x1c, 0x75, 0x72, 0xc6, 0xe7, 0x54, 0xed, 0xde, 0xf8, + 0x0b, 0x40, 0x42, 0xbc, 0x80, 0xc4, 0x1b, 0xfc, 0x03, 0x20, 0xde, 0x10, 0x12, 0x4f, 0xbc, 0x20, + 0x4d, 0x08, 0x09, 0x9e, 0xa2, 0xa9, 0xfd, 0x0f, 0xf2, 0x8e, 0x84, 0x6c, 0x27, 0x76, 0x9c, 0xd9, + 0x69, 0xe2, 0xb6, 0x0f, 0x94, 0xbe, 0xd9, 0x97, 0xfb, 0x7c, 0xee, 0xbe, 0x9f, 0xef, 0xc7, 0x77, + 0xdf, 0xbb, 0xc0, 0xa8, 0xbe, 0x4b, 0x72, 0xe6, 0x7e, 0x56, 0x37, 0xa8, 0x49, 0x51, 0xf6, 0x29, + 0x51, 0xcb, 0x18, 0xcb, 0x9a, 0x46, 0xe4, 0x5a, 0x05, 0x67, 0x15, 0xc2, 0x4c, 0x83, 0x94, 0xeb, + 0x26, 0x56, 0x2a, 0xb4, 0xaa, 0x3b, 0xad, 0x1a, 0x56, 0x54, 0x6c, 0x64, 0xf5, 0x5d, 0x22, 0x4c, + 0x56, 0x28, 0xab, 0x52, 0xf6, 0xd8, 0x46, 0xe7, 0x9c, 0x17, 0x87, 0x4a, 0x18, 0x57, 0xa9, 0x4a, + 0x9d, 0x76, 0xeb, 0xc9, 0x69, 0x15, 0xbf, 0x8e, 0xc1, 0xe4, 0x26, 0x53, 0xb7, 0x0c, 0xaa, 0x53, + 0x86, 0x8b, 0x8a, 0xf2, 0x7e, 0x21, 0xbf, 0x22, 0x51, 0x6a, 0xde, 0xc3, 0x86, 0x89, 0x1e, 0xc0, + 0x10, 0x23, 0x6a, 0x0d, 0x1b, 0x3c, 0x97, 0xe1, 0x66, 0x47, 0xd6, 0x72, 0xcd, 0x46, 0xfa, 0xe5, + 0x3d, 0x59, 0x23, 0x8a, 0x6c, 0xe2, 0xbb, 0xa2, 0x81, 0x3f, 0xad, 0x13, 0x03, 0x2b, 0xe2, 0x1f, + 0x3f, 0xce, 0x8f, 0xb7, 0x06, 0x2b, 0x2a, 0x8a, 0x81, 0x19, 0xdb, 0x36, 0x0d, 0x52, 0x53, 0xa5, + 0x16, 0x1c, 0xdd, 0x81, 0x44, 0x05, 0x1b, 0x26, 0x1f, 0xb3, 0x69, 0x66, 0x9a, 0x8d, 0x74, 0xe6, + 0x45, 0x9a, 0xb9, 0xaa, 0xbc, 0xbf, 0xba, 0x90, 0x5f, 0xba, 0x53, 0x78, 0x6d, 0x39, 0x2f, 0x4a, + 0x36, 0x02, 0xbd, 0x0a, 0x09, 0x52, 0x7b, 0x42, 0xf9, 0xb8, 0x8d, 0xbc, 0xe6, 0x9f, 0x80, 0x05, + 0x58, 0xca, 0xaf, 0x2c, 0x8b, 0x92, 0xdd, 0x09, 0x21, 0x48, 0x98, 0xa4, 0x8a, 0xf9, 0x44, 0x86, + 0x9b, 0x8d, 0x4b, 0xf6, 0x33, 0x5a, 0x81, 0xf8, 0x1e, 0x51, 0xf8, 0x64, 0x86, 0x9b, 0x4d, 0xae, + 0xdd, 0x6a, 0x36, 0xd2, 0x37, 0x3c, 0xbc, 0x6a, 0xe2, 0xd5, 0x85, 0x39, 0xcd, 0xc4, 0xab, 0xcb, + 0x85, 0xc2, 0xed, 0xc2, 0x9c, 0x1b, 0x90, 0x64, 0x61, 0xc4, 0x1b, 0x70, 0x3d, 0x54, 0x1b, 0x09, + 0x33, 0x9d, 0xd6, 0x18, 0x16, 0xbf, 0x77, 0x14, 0x2c, 0xea, 0xba, 0x41, 0xf7, 0xce, 0x4e, 0xc1, + 0xbb, 0x30, 0xcc, 0xea, 0xe5, 0x4f, 0x70, 0xa5, 0x2d, 0x62, 0xa6, 0xd9, 0x48, 0x4f, 0x87, 0x8a, + 0xb8, 0xb8, 0x24, 0x4a, 0x6d, 0x00, 0xba, 0x07, 0xa3, 0xad, 0xc7, 0x87, 0xf8, 0x60, 0x5d, 0x69, + 0x69, 0x99, 0x6e, 0x36, 0xd2, 0x53, 0x21, 0x04, 0x8b, 0x85, 0x65, 0x51, 0xf2, 0x81, 0xdc, 0x44, + 0x24, 0x06, 0x49, 0x44, 0xd2, 0x4b, 0x44, 0x4b, 0xcd, 0x60, 0x9d, 0x5c, 0x35, 0xff, 0xe4, 0x60, + 0xcc, 0xea, 0xe5, 0xfc, 0x7c, 0x5e, 0x4c, 0x28, 0xf2, 0x30, 0xe1, 0x8f, 0xca, 0x0d, 0xf8, 0xf7, + 0x18, 0x4c, 0x7b, 0x26, 0x93, 0xf0, 0x1e, 0xdd, 0xc5, 0x17, 0x0e, 0x0a, 0x74, 0x10, 0x12, 0x61, + 0x94, 0x61, 0x83, 0xc8, 0xda, 0xdb, 0xf5, 0x6a, 0x19, 0x1b, 0xfc, 0x90, 0x45, 0x24, 0xf9, 0xda, + 0xc4, 0x9b, 0x30, 0xd3, 0x4b, 0xce, 0x6e, 0xdd, 0x5b, 0x76, 0xfc, 0x5f, 0xe8, 0x9e, 0x1c, 0x44, + 0xf7, 0xa1, 0x1e, 0xba, 0x0f, 0x87, 0xea, 0x1e, 0x2a, 0xa7, 0xab, 0xfb, 0xaf, 0x31, 0xb8, 0xba, + 0xc9, 0x54, 0xaf, 0xc7, 0x85, 0xc9, 0x07, 0x37, 0xf9, 0x94, 0xbd, 0xe5, 0xf8, 0x35, 0x74, 0x15, + 0xfe, 0x2e, 0x06, 0xbc, 0xfd, 0xab, 0x35, 0xa9, 0x8b, 0xfd, 0x28, 0x74, 0x3f, 0x12, 0x21, 0x13, + 0x26, 0x93, 0xab, 0xe5, 0x37, 0x49, 0xc7, 0xd6, 0x8a, 0xb2, 0xb5, 0x4b, 0x2c, 0xbd, 0x2b, 0xb2, + 0x49, 0x68, 0xad, 0xd4, 0x2e, 0xc3, 0x08, 0xad, 0x6d, 0x51, 0x52, 0x3b, 0x45, 0x5d, 0x5b, 0xe5, + 0x4a, 0x6c, 0xf0, 0x72, 0x05, 0xe5, 0x21, 0xae, 0x13, 0x47, 0xcd, 0xe4, 0x5a, 0xaa, 0xd9, 0x48, + 0x0b, 0x7e, 0x68, 0xde, 0x83, 0x8a, 0x92, 0xd5, 0x15, 0x8d, 0x43, 0x92, 0xb0, 0xad, 0x62, 0xd1, + 0x16, 0xf1, 0xb2, 0xe4, 0xbc, 0xa0, 0x79, 0x48, 0x6a, 0x72, 0x19, 0x6b, 0xc1, 0x0b, 0x86, 0x37, + 0xa8, 0xd3, 0x0b, 0x3d, 0x84, 0xf1, 0x8a, 0xa1, 0x6d, 0xdb, 0xd3, 0xb7, 0xc4, 0x23, 0x4f, 0x48, + 0x45, 0x36, 0x9d, 0x15, 0xa4, 0x07, 0x3a, 0x10, 0x84, 0x1e, 0x00, 0x22, 0x8c, 0xd5, 0xb1, 0xb1, + 0xed, 0xe5, 0xba, 0xe4, 0x2c, 0x38, 0xe1, 0x54, 0x01, 0x10, 0x54, 0x80, 0x61, 0x45, 0x36, 0xe5, + 0x47, 0xd2, 0x06, 0x7f, 0xd9, 0x46, 0x4f, 0x35, 0x1b, 0xe9, 0x6b, 0x01, 0xf6, 0xaa, 0x1b, 0x9a, + 0x28, 0xb5, 0xfb, 0x5a, 0x5f, 0x9f, 0xf5, 0x78, 0x9f, 0x68, 0x78, 0x9b, 0x3c, 0xc5, 0xfc, 0x48, + 0x86, 0x9b, 0x4d, 0x48, 0xbe, 0x36, 0x94, 0x02, 0xb0, 0xde, 0x4b, 0x44, 0xc5, 0xcc, 0xe4, 0xc1, + 0xfe, 0x3e, 0x3b, 0x5a, 0xd0, 0x4d, 0x18, 0xf3, 0xde, 0x76, 0x0e, 0x74, 0xcc, 0x5f, 0xc9, 0x70, + 0xb3, 0x2f, 0x49, 0x5d, 0xad, 0xe8, 0x4d, 0x18, 0x33, 0x5c, 0x4b, 0xd9, 0xfd, 0x46, 0xad, 0x7e, + 0xe1, 0x71, 0x76, 0x75, 0x17, 0xb3, 0x30, 0xd7, 0x8f, 0x39, 0x5d, 0x37, 0xff, 0x13, 0x87, 0x5b, + 0x9b, 0x4c, 0x7d, 0xa4, 0x5b, 0xc4, 0xff, 0x01, 0x43, 0xbb, 0x46, 0x8c, 0xf7, 0x65, 0xc4, 0xc5, + 0x10, 0x23, 0xda, 0x2b, 0xc4, 0x40, 0x7e, 0x4b, 0x0e, 0xee, 0xb7, 0x65, 0xcf, 0x6f, 0x8e, 0xf1, + 0xa7, 0x9b, 0x8d, 0x34, 0xef, 0xa1, 0x69, 0x95, 0x98, 0xb8, 0xaa, 0x9b, 0x07, 0xc7, 0x18, 0x6e, + 0xf8, 0x58, 0xc3, 0x5d, 0xee, 0xc3, 0x70, 0x23, 0x41, 0x86, 0x13, 0x17, 0x20, 0xd7, 0x67, 0xfa, + 0x3b, 0x37, 0x13, 0xcb, 0x32, 0x25, 0xac, 0xe1, 0xf3, 0x68, 0x99, 0xe0, 0xf4, 0x27, 0x06, 0x4e, + 0x7f, 0x4b, 0xda, 0x7e, 0x64, 0x72, 0xa5, 0xfd, 0x32, 0x06, 0xa3, 0xd6, 0xe7, 0xcb, 0xac, 0xa8, + 0xdf, 0x25, 0xca, 0x39, 0xda, 0x9b, 0x5b, 0x09, 0x4c, 0x44, 0x38, 0x73, 0x4f, 0xc0, 0x78, 0xa7, + 0x28, 0xae, 0x5a, 0x9f, 0xb5, 0xeb, 0xc6, 0x2a, 0xdd, 0x3b, 0x8f, 0x75, 0x63, 0x77, 0xd9, 0x97, + 0xe8, 0x51, 0xf6, 0x75, 0x4a, 0xd0, 0x16, 0x68, 0xf1, 0xe7, 0xab, 0x10, 0xdf, 0x64, 0x2a, 0xfa, + 0x89, 0x83, 0x89, 0x90, 0xeb, 0x9c, 0xf5, 0x01, 0xaf, 0x93, 0xb2, 0xa1, 0xb7, 0x1f, 0xc2, 0x3b, + 0xa7, 0x46, 0xd5, 0x0e, 0xc0, 0x9e, 0x78, 0xc8, 0x2d, 0x4a, 0x94, 0x89, 0x07, 0x53, 0x45, 0x9a, + 0x78, 0xef, 0x3b, 0x0b, 0xf4, 0x15, 0x07, 0x57, 0x3a, 0x2f, 0x2c, 0xde, 0x88, 0x32, 0x84, 0x87, + 0x17, 0xee, 0x9f, 0x0c, 0xef, 0xce, 0xeb, 0x17, 0x0e, 0x26, 0xc3, 0xef, 0x15, 0x36, 0xa2, 0x67, + 0xf0, 0x45, 0x36, 0x61, 0xe7, 0x34, 0xd9, 0x7c, 0x11, 0x84, 0x9f, 0xd0, 0x37, 0xa2, 0xa7, 0xf2, + 0x94, 0x22, 0x38, 0xf6, 0xb8, 0x8b, 0xbe, 0xe5, 0x60, 0xac, 0xeb, 0xac, 0x5b, 0x8c, 0x30, 0x90, + 0x9f, 0x42, 0x58, 0x3f, 0x31, 0x85, 0x3b, 0xc1, 0x1f, 0x38, 0x78, 0x25, 0xf8, 0xa8, 0xf8, 0x56, + 0xa4, 0x41, 0x02, 0x98, 0x84, 0xad, 0xd3, 0x62, 0x72, 0x67, 0xfd, 0x17, 0x07, 0xd7, 0x8f, 0x3f, + 0x94, 0xed, 0x44, 0xfb, 0x90, 0x7a, 0xb3, 0x0a, 0x1f, 0x9e, 0x05, 0xab, 0x1b, 0xd9, 0x73, 0x0e, + 0x66, 0xfa, 0x2a, 0xd0, 0xdf, 0x8b, 0x30, 0x8d, 0x7e, 0x88, 0x85, 0xc7, 0x67, 0x44, 0xec, 0x0b, + 0xb1, 0xaf, 0x82, 0x32, 0x4a, 0x88, 0xfd, 0x10, 0x47, 0x0a, 0x71, 0x90, 0xda, 0x0e, 0x7d, 0xce, + 0xc1, 0x88, 0x57, 0xd8, 0xbd, 0x1e, 0xc5, 0x31, 0x6d, 0xb4, 0x50, 0x3a, 0x09, 0xba, 0x6b, 0x21, + 0xf2, 0x15, 0x4f, 0xd1, 0x16, 0xa2, 0x4e, 0x8a, 0x88, 0x0b, 0x51, 0x50, 0xfd, 0xb2, 0xf6, 0xd1, + 0x6f, 0x87, 0x29, 0xee, 0xd9, 0x61, 0x8a, 0x7b, 0x7e, 0x98, 0xe2, 0xbe, 0x38, 0x4a, 0x5d, 0x7a, + 0x76, 0x94, 0xba, 0xf4, 0xf7, 0x51, 0xea, 0xd2, 0x07, 0x25, 0x95, 0x98, 0x1f, 0xd7, 0xcb, 0xd9, + 0x0a, 0xad, 0xe6, 0x9c, 0xe1, 0xe6, 0xdb, 0xe3, 0xe5, 0x3a, 0xc6, 0x9b, 0xf7, 0x06, 0x9c, 0x77, + 0x46, 0xcc, 0xed, 0xe7, 0xec, 0x7f, 0xd3, 0x0e, 0x74, 0xcc, 0xca, 0x43, 0xf6, 0x1f, 0x5e, 0xb7, + 0xff, 0x0d, 0x00, 0x00, 0xff, 0xff, 0x8b, 0x0b, 0x81, 0x59, 0x61, 0x1b, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -1493,6 +1601,7 @@ type MsgClient interface { UpdatePkiRevocationDistributionPoint(ctx context.Context, in *MsgUpdatePkiRevocationDistributionPoint, opts ...grpc.CallOption) (*MsgUpdatePkiRevocationDistributionPointResponse, error) DeletePkiRevocationDistributionPoint(ctx context.Context, in *MsgDeletePkiRevocationDistributionPoint, opts ...grpc.CallOption) (*MsgDeletePkiRevocationDistributionPointResponse, error) AssignVid(ctx context.Context, in *MsgAssignVid, opts ...grpc.CallOption) (*MsgAssignVidResponse, error) + RemoveX509Cert(ctx context.Context, in *MsgRemoveX509Cert, opts ...grpc.CallOption) (*MsgRemoveX509CertResponse, error) } type msgClient struct { @@ -1602,6 +1711,15 @@ func (c *msgClient) AssignVid(ctx context.Context, in *MsgAssignVid, opts ...grp return out, nil } +func (c *msgClient) RemoveX509Cert(ctx context.Context, in *MsgRemoveX509Cert, opts ...grpc.CallOption) (*MsgRemoveX509CertResponse, error) { + out := new(MsgRemoveX509CertResponse) + err := c.cc.Invoke(ctx, "/zigbeealliance.distributedcomplianceledger.pki.Msg/RemoveX509Cert", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // MsgServer is the server API for Msg service. type MsgServer interface { ProposeAddX509RootCert(context.Context, *MsgProposeAddX509RootCert) (*MsgProposeAddX509RootCertResponse, error) @@ -1615,6 +1733,7 @@ type MsgServer interface { UpdatePkiRevocationDistributionPoint(context.Context, *MsgUpdatePkiRevocationDistributionPoint) (*MsgUpdatePkiRevocationDistributionPointResponse, error) DeletePkiRevocationDistributionPoint(context.Context, *MsgDeletePkiRevocationDistributionPoint) (*MsgDeletePkiRevocationDistributionPointResponse, error) AssignVid(context.Context, *MsgAssignVid) (*MsgAssignVidResponse, error) + RemoveX509Cert(context.Context, *MsgRemoveX509Cert) (*MsgRemoveX509CertResponse, error) } // UnimplementedMsgServer can be embedded to have forward compatible implementations. @@ -1654,6 +1773,9 @@ func (*UnimplementedMsgServer) DeletePkiRevocationDistributionPoint(ctx context. func (*UnimplementedMsgServer) AssignVid(ctx context.Context, req *MsgAssignVid) (*MsgAssignVidResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method AssignVid not implemented") } +func (*UnimplementedMsgServer) RemoveX509Cert(ctx context.Context, req *MsgRemoveX509Cert) (*MsgRemoveX509CertResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method RemoveX509Cert not implemented") +} func RegisterMsgServer(s grpc1.Server, srv MsgServer) { s.RegisterService(&_Msg_serviceDesc, srv) @@ -1857,6 +1979,24 @@ func _Msg_AssignVid_Handler(srv interface{}, ctx context.Context, dec func(inter return interceptor(ctx, in, info, handler) } +func _Msg_RemoveX509Cert_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(MsgRemoveX509Cert) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(MsgServer).RemoveX509Cert(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/zigbeealliance.distributedcomplianceledger.pki.Msg/RemoveX509Cert", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(MsgServer).RemoveX509Cert(ctx, req.(*MsgRemoveX509Cert)) + } + return interceptor(ctx, in, info, handler) +} + var _Msg_serviceDesc = grpc.ServiceDesc{ ServiceName: "zigbeealliance.distributedcomplianceledger.pki.Msg", HandlerType: (*MsgServer)(nil), @@ -1905,6 +2045,10 @@ var _Msg_serviceDesc = grpc.ServiceDesc{ MethodName: "AssignVid", Handler: _Msg_AssignVid_Handler, }, + { + MethodName: "RemoveX509Cert", + Handler: _Msg_RemoveX509Cert_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "pki/tx.proto", @@ -2845,6 +2989,80 @@ func (m *MsgAssignVidResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { return len(dAtA) - i, nil } +func (m *MsgRemoveX509Cert) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MsgRemoveX509Cert) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MsgRemoveX509Cert) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if len(m.SerialNumber) > 0 { + i -= len(m.SerialNumber) + copy(dAtA[i:], m.SerialNumber) + i = encodeVarintTx(dAtA, i, uint64(len(m.SerialNumber))) + i-- + dAtA[i] = 0x22 + } + if len(m.SubjectKeyId) > 0 { + i -= len(m.SubjectKeyId) + copy(dAtA[i:], m.SubjectKeyId) + i = encodeVarintTx(dAtA, i, uint64(len(m.SubjectKeyId))) + i-- + dAtA[i] = 0x1a + } + if len(m.Subject) > 0 { + i -= len(m.Subject) + copy(dAtA[i:], m.Subject) + i = encodeVarintTx(dAtA, i, uint64(len(m.Subject))) + i-- + dAtA[i] = 0x12 + } + if len(m.Signer) > 0 { + i -= len(m.Signer) + copy(dAtA[i:], m.Signer) + i = encodeVarintTx(dAtA, i, uint64(len(m.Signer))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *MsgRemoveX509CertResponse) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MsgRemoveX509CertResponse) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MsgRemoveX509CertResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + return len(dAtA) - i, nil +} + func encodeVarintTx(dAtA []byte, offset int, v uint64) int { offset -= sovTx(v) base := offset @@ -3299,6 +3517,40 @@ func (m *MsgAssignVidResponse) Size() (n int) { return n } +func (m *MsgRemoveX509Cert) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Signer) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + l = len(m.Subject) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + l = len(m.SubjectKeyId) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + l = len(m.SerialNumber) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + return n +} + +func (m *MsgRemoveX509CertResponse) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + return n +} + func sovTx(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -6271,6 +6523,234 @@ func (m *MsgAssignVidResponse) Unmarshal(dAtA []byte) error { } return nil } +func (m *MsgRemoveX509Cert) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MsgRemoveX509Cert: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MsgRemoveX509Cert: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Signer", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Signer = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Subject", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Subject = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SubjectKeyId", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.SubjectKeyId = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 4: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field SerialNumber", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.SerialNumber = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipTx(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTx + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *MsgRemoveX509CertResponse) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MsgRemoveX509CertResponse: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MsgRemoveX509CertResponse: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + default: + iNdEx = preIndex + skippy, err := skipTx(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTx + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipTx(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0