#524 Revocation of NOC root certificates

Enable revoking NOC Root certs

Signed-off-by: Abdulbois <abdulbois.tursunov@dsr-corporation.com>
Signed-off-by: Abdulbois <abdulbois123@gmail.com>

Author: Abdulbois

proto/pki/genesis.proto

@@ -16,6 +16,7 @@ import "pki/pki_revocation_distribution_points_by_issuer_subject_key_id.proto";
 import "pki/approved_certificates_by_subject_key_id.proto";
 import "pki/noc_root_certificates.proto";
 import "pki/noc_certificates.proto";
+import "pki/revoked_noc_root_certificates.proto";
 // this line is used by starport scaffolding # genesis/proto/import
 import "gogoproto/gogo.proto";
 
@@ -38,5 +39,6 @@ message GenesisState {
   repeated ApprovedCertificatesBySubjectKeyId approvedCertificatesBySubjectKeyIdList = 13 [(gogoproto.nullable) = false];
   repeated NocRootCertificates nocRootCertificatesList = 14 [(gogoproto.nullable) = false];
   repeated NocCertificates nocCertificatesList = 15 [(gogoproto.nullable) = false];
+  repeated RevokedNocRootCertificates revokedNocRootCertificatesList = 16 [(gogoproto.nullable) = false];
   // this line is used by starport scaffolding # genesis/proto/state
 }

proto/pki/query.proto

@@ -16,6 +16,7 @@ import "pki/pki_revocation_distribution_point.proto";
 import "pki/pki_revocation_distribution_points_by_issuer_subject_key_id.proto";
 import "pki/noc_root_certificates.proto";
 import "pki/noc_certificates.proto";
+import "pki/revoked_noc_root_certificates.proto";
 // this line is used by starport scaffolding # 1
 import "gogoproto/gogo.proto";
 
@@ -131,6 +132,16 @@ service Query {
 		option (google.api.http).get = "/dcl/pki/noc-certificates";
 	}
 
+// Queries a RevokedNocRootCertificates by index.
+	rpc RevokedNocRootCertificates(QueryGetRevokedNocRootCertificatesRequest) returns (QueryGetRevokedNocRootCertificatesResponse) {
+		option (google.api.http).get = "/dcl/pki/revoked-noc-root-certificates/{subject}/{subjectKeyId}";
+	}
+
+	// Queries a list of RevokedNocRootCertificates items.
+	rpc RevokedNocRootCertificatesAll(QueryAllRevokedNocRootCertificatesRequest) returns (QueryAllRevokedNocRootCertificatesResponse) {
+		option (google.api.http).get = "/dcl/pki/revoked-noc-root-certificates";
+	}
+
 // this line is used by starport scaffolding # 2
 }
 
@@ -323,4 +334,22 @@ message QueryAllNocCertificatesResponse {
 	cosmos.base.query.v1beta1.PageResponse pagination = 2;
 }
 
+message QueryGetRevokedNocRootCertificatesRequest {
+	string subject = 1;
+	string subjectKeyId = 2;
+}
+
+message QueryGetRevokedNocRootCertificatesResponse {
+	RevokedNocRootCertificates revokedNocRootCertificates = 1 [(gogoproto.nullable) = false];
+}
+
+message QueryAllRevokedNocRootCertificatesRequest {
+	cosmos.base.query.v1beta1.PageRequest pagination = 1;
+}
+
+message QueryAllRevokedNocRootCertificatesResponse {
+	repeated RevokedNocRootCertificates revokedNocRootCertificates = 1 [(gogoproto.nullable) = false];
+	cosmos.base.query.v1beta1.PageResponse pagination = 2;
+}
+
 // this line is used by starport scaffolding # 3

proto/pki/revoked_noc_root_certificates.proto

@@ -0,0 +1,12 @@
+syntax = "proto3";
+package zigbeealliance.distributedcomplianceledger.pki;
+
+option go_package = "github.com/zigbee-alliance/distributed-compliance-ledger/x/pki/types";
+
+import "pki/certificate.proto";
+
+message RevokedNocRootCertificates {
+  string subject = 1; 
+  string subjectKeyId = 2; 
+  repeated Certificate certs = 3; 
+}

proto/pki/tx.proto

@@ -24,6 +24,7 @@ service Msg {
   rpc AddNocX509RootCert(MsgAddNocX509RootCert) returns (MsgAddNocX509RootCertResponse);
   rpc RemoveX509Cert(MsgRemoveX509Cert) returns (MsgRemoveX509CertResponse);
   rpc AddNocX509Cert(MsgAddNocX509Cert) returns (MsgAddNocX509CertResponse);
+  rpc RevokeNocRootX509Cert(MsgRevokeNocRootX509Cert) returns (MsgRevokeNocRootX509CertResponse);
 // this line is used by starport scaffolding # proto/tx/rpc
 }
 
@@ -187,4 +188,17 @@ message MsgAddNocX509Cert {
 message MsgAddNocX509CertResponse {
 }
 
+message MsgRevokeNocRootX509Cert {
+  string signer = 1 [(cosmos_proto.scalar) = "cosmos.AddressString", (gogoproto.moretags) = "validate:\"required\""];
+  string subject = 2 [(gogoproto.moretags) = "validate:\"required,max=1024\""];
+  string subjectKeyId = 3 [(gogoproto.moretags) = "validate:\"required,max=256\""];
+  string serialNumber = 4;
+  string info = 5 [(gogoproto.moretags) = "validate:\"max=4096\""];
+  int64 time = 6;
+  bool revokeChild = 7;
+}
+
+message MsgRevokeNocRootX509CertResponse {
+}
+
 // this line is used by starport scaffolding # proto/tx/message

scripts/starport/upgrade-0.44/07.pki_types.sh

@@ -19,6 +19,7 @@ starport scaffold --module pki message update-pki-revocation-distribution-point
 starport scaffold --module pki message delete-pki-revocation-distribution-point vid:uint label issuerSubjectKeyID --signer signer
 starport scaffold --module pki message AddNocX509RootCert  cert --signer signer
 starport scaffold --module pki message AddNocX509Cert  cert --signer signer
+starport scaffold --module pki message RevokeNocRootX509Cert subject subjectKeyId serialNumber info time:uint revokeChild:bool --signer signer
 
 # CRUD data types
 starport scaffold --module pki map ApprovedCertificates certs:strings --index subject,subjectKeyId --no-message
@@ -37,6 +38,7 @@ starport scaffold --module pki map RejectedCertificate pemCert serialNumber owne
 #starport scaffold --module pki map AllProposedCertificates --index subject,subjectKeyId --no-message
 starport scaffold --module pki map NocRootCertificates certs:strings --index vid:uint --no-message
 starport scaffold --module pki map NocCertificates certs:strings --index vid:uint --no-message
+starport scaffold --module pki map RevokedNocRootCertificates certs:strings --index subject,subjectKeyId --no-message
 
 # Allow colons (:) in subject ID part in REST URLs
 # TODO: need to copy the generated query.pb.gw.go into the correct folder

vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/index.ts

@@ -18,11 +18,12 @@ import { ProposedCertificate } from "./module/types/pki/proposed_certificate"
 import { ProposedCertificateRevocation } from "./module/types/pki/proposed_certificate_revocation"
 import { RejectedCertificate } from "./module/types/pki/rejected_certificate"
 import { RevokedCertificates } from "./module/types/pki/revoked_certificates"
+import { RevokedNocRootCertificates } from "./module/types/pki/revoked_noc_root_certificates"
 import { RevokedRootCertificates } from "./module/types/pki/revoked_root_certificates"
 import { UniqueCertificate } from "./module/types/pki/unique_certificate"
 
 
-export { ApprovedCertificates, ApprovedCertificatesBySubject, ApprovedCertificatesBySubjectKeyId, ApprovedRootCertificates, Certificate, CertificateIdentifier, ChildCertificates, Grant, NocCertificates, NocRootCertificates, PkiRevocationDistributionPoint, PkiRevocationDistributionPointsByIssuerSubjectKeyID, ProposedCertificate, ProposedCertificateRevocation, RejectedCertificate, RevokedCertificates, RevokedRootCertificates, UniqueCertificate };
+export { ApprovedCertificates, ApprovedCertificatesBySubject, ApprovedCertificatesBySubjectKeyId, ApprovedRootCertificates, Certificate, CertificateIdentifier, ChildCertificates, Grant, NocCertificates, NocRootCertificates, PkiRevocationDistributionPoint, PkiRevocationDistributionPointsByIssuerSubjectKeyID, ProposedCertificate, ProposedCertificateRevocation, RejectedCertificate, RevokedCertificates, RevokedNocRootCertificates, RevokedRootCertificates, UniqueCertificate };
 
 async function initTxClient(vuexGetters) {
 	return await txClient(vuexGetters['common/wallet/signer'], {
@@ -81,6 +82,8 @@ const getDefaultState = () => {
 				NocRootCertificatesAll: {},
 				NocCertificates: {},
 				NocCertificatesAll: {},
+				RevokedNocRootCertificates: {},
+				RevokedNocRootCertificatesAll: {},
 
 				_Structure: {
 						ApprovedCertificates: getStructure(ApprovedCertificates.fromPartial({})),
@@ -99,6 +102,7 @@ const getDefaultState = () => {
 						ProposedCertificateRevocation: getStructure(ProposedCertificateRevocation.fromPartial({})),
 						RejectedCertificate: getStructure(RejectedCertificate.fromPartial({})),
 						RevokedCertificates: getStructure(RevokedCertificates.fromPartial({})),
+						RevokedNocRootCertificates: getStructure(RevokedNocRootCertificates.fromPartial({})),
 						RevokedRootCertificates: getStructure(RevokedRootCertificates.fromPartial({})),
 						UniqueCertificate: getStructure(UniqueCertificate.fromPartial({})),
 
@@ -255,6 +259,18 @@ export default {
 					}
 			return state.NocCertificatesAll[JSON.stringify(params)] ?? {}
 		},
+				getRevokedNocRootCertificates: (state) => (params = { params: {}}) => {
+					if (!(<any> params).query) {
+						(<any> params).query=null
+					}
+			return state.RevokedNocRootCertificates[JSON.stringify(params)] ?? {}
+		},
+				getRevokedNocRootCertificatesAll: (state) => (params = { params: {}}) => {
+					if (!(<any> params).query) {
+						(<any> params).query=null
+					}
+			return state.RevokedNocRootCertificatesAll[JSON.stringify(params)] ?? {}
+		},
 
 		getTypeStructure: (state) => (type) => {
 			return state._Structure[type].fields
@@ -787,7 +803,55 @@ export default {
 		},
 
 
-		async sendMsgRevokeX509Cert({ rootGetters }, { value, fee = [], memo = '' }) {
+		
+		
+		 		
+		
+		
+		async QueryRevokedNocRootCertificates({ commit, rootGetters, getters }, { options: { subscribe, all} = { subscribe:false, all:false}, params, query=null }) {
+			try {
+				const key = params ?? {};
+				const queryClient=await initQueryClient(rootGetters)
+				let value= (await queryClient.queryRevokedNocRootCertificates( key.subject,  key.subjectKeyId)).data
+				
+					
+				commit('QUERY', { query: 'RevokedNocRootCertificates', key: { params: {...key}, query}, value })
+				if (subscribe) commit('SUBSCRIBE', { action: 'QueryRevokedNocRootCertificates', payload: { options: { all }, params: {...key},query }})
+				return getters['getRevokedNocRootCertificates']( { params: {...key}, query}) ?? {}
+			} catch (e) {
+				throw new SpVuexError('QueryClient:QueryRevokedNocRootCertificates', 'API Node Unavailable. Could not perform query: ' + e.message)
+				
+			}
+		},
+		
+		
+		
+		
+		 		
+		
+		
+		async QueryRevokedNocRootCertificatesAll({ commit, rootGetters, getters }, { options: { subscribe, all} = { subscribe:false, all:false}, params, query=null }) {
+			try {
+				const key = params ?? {};
+				const queryClient=await initQueryClient(rootGetters)
+				let value= (await queryClient.queryRevokedNocRootCertificatesAll(query)).data
+				
+					
+				while (all && (<any> value).pagination && (<any> value).pagination.next_key!=null) {
+					let next_values=(await queryClient.queryRevokedNocRootCertificatesAll({...query, 'pagination.key':(<any> value).pagination.next_key})).data
+					value = mergeResults(value, next_values);
+				}
+				commit('QUERY', { query: 'RevokedNocRootCertificatesAll', key: { params: {...key}, query}, value })
+				if (subscribe) commit('SUBSCRIBE', { action: 'QueryRevokedNocRootCertificatesAll', payload: { options: { all }, params: {...key},query }})
+				return getters['getRevokedNocRootCertificatesAll']( { params: {...key}, query}) ?? {}
+			} catch (e) {
+				throw new SpVuexError('QueryClient:QueryRevokedNocRootCertificatesAll', 'API Node Unavailable. Could not perform query: ' + e.message)
+				
+			}
+		},
+		
+
+		async sendMsgAddNocX509Cert({ rootGetters }, { value, fee = [], memo = '' }) {
 			try {
 				const txClient=await initTxClient(rootGetters)
 				const msg = await txClient.msgRejectAddX509RootCert(value)

vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/index.ts

@@ -18,6 +18,7 @@ import { MsgApproveRevokeX509RootCert } from "./types/pki/tx";
 import { MsgProposeRevokeX509RootCert } from "./types/pki/tx";
 import { MsgRemoveX509Cert } from "./types/pki/tx";
 import { MsgAddNocX509Cert } from "./types/pki/tx";
+import { MsgRevokeNocRootX509Cert } from "./types/pki/tx";
 
 
 const types = [
@@ -35,6 +36,7 @@ const types = [
   ["/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", MsgProposeRevokeX509RootCert],
   ["/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", MsgRemoveX509Cert],
   ["/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509Cert", MsgAddNocX509Cert],
+  ["/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocRootX509Cert", MsgRevokeNocRootX509Cert],
 ];
 export const MissingWalletError = new Error("wallet is required");
 
@@ -80,6 +82,7 @@ const txClient = async (wallet: OfflineSigner, { addr: addr }: TxClientOptions =
     msgProposeRevokeX509RootCert: (data: MsgProposeRevokeX509RootCert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgProposeRevokeX509RootCert", value: MsgProposeRevokeX509RootCert.fromPartial( data ) }),
     msgRemoveX509Cert: (data: MsgRemoveX509Cert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRemoveX509Cert", value: MsgRemoveX509Cert.fromPartial( data ) }),
     msgAddNocX509Cert: (data: MsgAddNocX509Cert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgAddNocX509Cert", value: MsgAddNocX509Cert.fromPartial( data ) }),
+    msgRevokeNocRootX509Cert: (data: MsgRevokeNocRootX509Cert): EncodeObject => ({ typeUrl: "/zigbeealliance.distributedcomplianceledger.pki.MsgRevokeNocRootX509Cert", value: MsgRevokeNocRootX509Cert.fromPartial( data ) }),
   };
 };
 

vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/rest.ts

@@ -36,6 +36,12 @@ export interface PkiNocCertificates {
   certs?: PkiCertificate[];
 }
 
+export interface PkiRevokedNocRootCertificates {
+  subject?: string;
+  subjectKeyId?: string;
+  certs?: PkiCertificate[];
+}
+
 export interface PkiCertificate {
   pemCert?: string;
   serialNumber?: string;
@@ -99,6 +105,8 @@ export type PkiMsgRejectAddX509RootCertResponse = object;
 
 export type PkiMsgRemoveX509CertResponse = object;
 
+export type PkiMsgRevokeNocRootX509CertResponse = object;
+
 export type PkiMsgRevokeX509CertResponse = object;
 
 export type PkiMsgUpdatePkiRevocationDistributionPointResponse = object;
@@ -274,6 +282,21 @@ export interface PkiQueryAllRevokedCertificatesResponse {
   pagination?: V1Beta1PageResponse;
 }
 
+export interface PkiQueryAllRevokedNocRootCertificatesResponse {
+  revokedNocRootCertificates?: PkiRevokedNocRootCertificates[];
+
+  /**
+   * PageResponse is to be embedded in gRPC response messages where the
+   * corresponding request message has used PageRequest.
+   *
+   *  message SomeResponse {
+   *          repeated Bar results = 1;
+   *          PageResponse page = 2;
+   *  }
+   */
+  pagination?: V1Beta1PageResponse;
+}
+
 export interface PkiQueryGetApprovedCertificatesBySubjectResponse {
   approvedCertificatesBySubject?: PkiApprovedCertificatesBySubject;
 }
@@ -294,6 +317,9 @@ export interface PkiQueryGetNocRootCertificatesResponse {
   nocRootCertificates?: PkiNocRootCertificates;
 }
 
+export interface PkiQueryGetRevokedNocRootCertificatesResponse {
+  revokedNocRootCertificates?: PkiRevokedNocRootCertificates;
+}
 export interface PkiQueryGetNocCertificatesResponse {
   nocCertificates?: PkiNocRootCertificates;
 }
@@ -1008,6 +1034,48 @@ export class Api<SecurityDataType extends unknown> extends HttpClient<SecurityDa
       ...params,
     });
 
+  /**
+   * No description
+   *
+   * @tags Query
+   * @name QueryRevokedNocRootCertificatesAll
+   * @summary Queries a list of RevokedNocRootCertificates items.
+   * @request GET:/dcl/pki/revoked-noc-root-certificates
+   */
+  queryRevokedNocRootCertificatesAll = (
+    query?: {
+      "pagination.key"?: string;
+      "pagination.offset"?: string;
+      "pagination.limit"?: string;
+      "pagination.count_total"?: boolean;
+      "pagination.reverse"?: boolean;
+    },
+    params: RequestParams = {},
+  ) =>
+    this.request<PkiQueryAllRevokedNocRootCertificatesResponse, RpcStatus>({
+      path: `/dcl/pki/revoked-noc-root-certificates`,
+      method: "GET",
+      query: query,
+      format: "json",
+      ...params,
+    });
+
+  /**
+   * No description
+   *
+   * @tags Query
+   * @name QueryRevokedNocRootCertificates
+   * @summary Queries a RevokedNocRootCertificates by index.
+   * @request GET:/dcl/pki/revoked-noc-root-certificates/{subject}/{subjectKeyId}
+   */
+  queryRevokedNocRootCertificates = (subject: string, subjectKeyId: string, params: RequestParams = {}) =>
+    this.request<PkiQueryGetRevokedNocRootCertificatesResponse, RpcStatus>({
+      path: `/dcl/pki/revoked-noc-root-certificates/${subject}/${subjectKeyId}`,
+      method: "GET",
+      format: "json",
+      ...params,
+    });
+
   /**
    * No description
    *