Merge pull request #564 from zigbee-alliance/feature/query_noc_root_by_vid_and_ski

Query NOC Root certificates by VID and SKID

Author: Abdulbois

docs/static/openapi.yml

@@ -9877,6 +9877,120 @@ paths:
           format: int32
       tags:
         - Query
+  /dcl/pki/noc-root-certificates/{vid}/{subjectKeyId}:
+    get:
+      summary: Queries a NocRootCertificatesByVidAndSkid by index.
+      operationId: NocRootCertificatesByVidAndSkid
+      responses:
+        '200':
+          description: A successful response.
+          schema:
+            type: object
+            properties:
+              nocRootCertificatesByVidAndSkid:
+                type: object
+                properties:
+                  vid:
+                    type: integer
+                    format: int32
+                  subjectKeyId:
+                    type: string
+                  certs:
+                    type: array
+                    items:
+                      type: object
+                      properties:
+                        pemCert:
+                          type: string
+                        serialNumber:
+                          type: string
+                        issuer:
+                          type: string
+                        authorityKeyId:
+                          type: string
+                        rootSubject:
+                          type: string
+                        rootSubjectKeyId:
+                          type: string
+                        isRoot:
+                          type: boolean
+                        owner:
+                          type: string
+                        subject:
+                          type: string
+                        subjectKeyId:
+                          type: string
+                        approvals:
+                          type: array
+                          items:
+                            type: object
+                            properties:
+                              address:
+                                type: string
+                              time:
+                                type: string
+                                format: int64
+                              info:
+                                type: string
+                        subjectAsText:
+                          type: string
+                        rejects:
+                          type: array
+                          items:
+                            type: object
+                            properties:
+                              address:
+                                type: string
+                              time:
+                                type: string
+                                format: int64
+                              info:
+                                type: string
+                        vid:
+                          type: integer
+                          format: int32
+                        isNoc:
+                          type: boolean
+                        schemaVersion:
+                          type: integer
+                          format: int64
+                  tq:
+                    type: number
+                    format: float
+        default:
+          description: An unexpected error response.
+          schema:
+            type: object
+            properties:
+              error:
+                type: string
+              code:
+                type: integer
+                format: int32
+              message:
+                type: string
+              details:
+                type: array
+                items:
+                  type: object
+                  properties:
+                    type_url:
+                      type: string
+                    value:
+                      type: string
+                      format: byte
+      parameters:
+        - name: vid
+          in: path
+          required: true
+          type: integer
+          format: int32
+        - name: subjectKeyId
+          in: path
+          required: true
+          type: string
+      tags:
+        - Query
   /dcl/pki/proposed-certificates:
     get:
       summary: Queries a list of ProposedCertificate items.
@@ -21814,6 +21928,76 @@ definitions:
             schemaVersion:
               type: integer
               format: int64
+  zigbeealliance.distributedcomplianceledger.pki.NocRootCertificatesByVidAndSkid:
+    type: object
+    properties:
+      vid:
+        type: integer
+        format: int32
+      subjectKeyId:
+        type: string
+      certs:
+        type: array
+        items:
+          type: object
+          properties:
+            pemCert:
+              type: string
+            serialNumber:
+              type: string
+            issuer:
+              type: string
+            authorityKeyId:
+              type: string
+            rootSubject:
+              type: string
+            rootSubjectKeyId:
+              type: string
+            isRoot:
+              type: boolean
+            owner:
+              type: string
+            subject:
+              type: string
+            subjectKeyId:
+              type: string
+            approvals:
+              type: array
+              items:
+                type: object
+                properties:
+                  address:
+                    type: string
+                  time:
+                    type: string
+                    format: int64
+                  info:
+                    type: string
+            subjectAsText:
+              type: string
+            rejects:
+              type: array
+              items:
+                type: object
+                properties:
+                  address:
+                    type: string
+                  time:
+                    type: string
+                    format: int64
+                  info:
+                    type: string
+            vid:
+              type: integer
+              format: int32
+            isNoc:
+              type: boolean
+            schemaVersion:
+              type: integer
+              format: int64
+      tq:
+        type: number
+        format: float
   zigbeealliance.distributedcomplianceledger.pki.PkiRevocationDistributionPoint:
     type: object
     properties:
@@ -22937,6 +23121,79 @@ definitions:
                 schemaVersion:
                   type: integer
                   format: int64
+  zigbeealliance.distributedcomplianceledger.pki.QueryGetNocRootCertificatesByVidAndSkidResponse:
+    type: object
+    properties:
+      nocRootCertificatesByVidAndSkid:
+        type: object
+        properties:
+          vid:
+            type: integer
+            format: int32
+          subjectKeyId:
+            type: string
+          certs:
+            type: array
+            items:
+              type: object
+              properties:
+                pemCert:
+                  type: string
+                serialNumber:
+                  type: string
+                issuer:
+                  type: string
+                authorityKeyId:
+                  type: string
+                rootSubject:
+                  type: string
+                rootSubjectKeyId:
+                  type: string
+                isRoot:
+                  type: boolean
+                owner:
+                  type: string
+                subject:
+                  type: string
+                subjectKeyId:
+                  type: string
+                approvals:
+                  type: array
+                  items:
+                    type: object
+                    properties:
+                      address:
+                        type: string
+                      time:
+                        type: string
+                        format: int64
+                      info:
+                        type: string
+                subjectAsText:
+                  type: string
+                rejects:
+                  type: array
+                  items:
+                    type: object
+                    properties:
+                      address:
+                        type: string
+                      time:
+                        type: string
+                        format: int64
+                      info:
+                        type: string
+                vid:
+                  type: integer
+                  format: int32
+                isNoc:
+                  type: boolean
+                schemaVersion:
+                  type: integer
+                  format: int64
+          tq:
+            type: number
+            format: float
   zigbeealliance.distributedcomplianceledger.pki.QueryGetNocRootCertificatesResponse:
     type: object
     properties:

docs/transactions.md

@@ -1482,6 +1482,25 @@ Use [GET_ALL_REVOKED_NOC_ROOT](#get_revoked_noc_root) to get a list of all revok
 - REST API:
   - GET `/dcl/pki/noc-root-certificates/{vid}`
 
+#### GET_NOC_ROOT_BY_VID_AND_SKID
+
+**Status: Implemented**
+
+Retrieve NOC root certificates associated with a specific VID and subject key ID.
+This request also returns the Trust Quotient (TQ) value of the certificate
+
+Revoked NOC root certificates are not returned.
+Use [GET_ALL_REVOKED_NOC_ROOT](#get_revoked_noc_root) to get a list of all revoked NOC root certificates.
+
+- Who can send: Any account
+- Parameters:
+  - vid: `uint16` - Vendor ID (positive non-zero)
+  - subject_key_id: `string` - Certificate's `Subject Key Id` in hex string format, e.g., `5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB`
+- CLI Command:
+  - `dcld query pki noc-x509-root-certs --vid=<uint16> --subject-key-id=<hex string>`
+- REST API:
+  - GET `/dcl/pki/noc-root-certificates/{vid}/{subject_key_id}`
+
 #### GET_NOC_ICA_BY_VID
 
 **Status: Implemented**