#535 Enable providing serial number while revoking x509 certs

Abdulbois · Abdulbois · commit 7fb9954fb73a · 2024-02-16T15:36:47.000+05:00
Resolve MR comments

Signed-off-by: Abdulbois &lt;abdulbois.tursunov@dsr-corporation.com&gt;
Signed-off-by: Abdulbois &lt;abdulbois123@gmail.com&gt;
diff --git a/integration_tests/cli/pki-revocation-with-serial-number.sh b/integration_tests/cli/pki-revocation-with-serial-number.sh
@@ -18,8 +18,6 @@ intermediate_cert_subject_key_id="2E:13:3B:44:52:2C:30:E9:EC:FB:45:FA:5D:E5:04:0
 trustee_account="jack"
 second_trustee_account="alice"
 
-echo "Create a VendorAdmin Account"
-
 test_divider
 
 echo "REVOKE CERTIFICATES BY SPECIFYING SERIAL NUMBER"
diff --git a/x/pki/keeper/approved_certificates.go b/x/pki/keeper/approved_certificates.go
@@ -52,13 +52,9 @@ func (k Keeper) GetApprovedCertificateBySerialNumber(
 		return val, false
 	}
 
-	for _, cert := range certs.Certs {
-		if cert.SerialNumber == serialNumber {
-			return *cert, true
-		}
-	}
+	cert, found := findCertificate(serialNumber, &certs.Certs)
 
-	return val, false
+	return *cert, found
 }
 
 // RemoveApprovedCertificates removes a approvedCertificates from the store.
diff --git a/x/pki/keeper/msg_server_approve_revoke_x_509_root_cert.go b/x/pki/keeper/msg_server_approve_revoke_x_509_root_cert.go
@@ -60,11 +60,8 @@ func (k msgServer) ApproveRevokeX509RootCert(goCtx context.Context, msg *types.M
 		}
 		k.AddRevokedRootCertificate(ctx, certID)
 		k.RemoveProposedCertificateRevocation(ctx, msg.Subject, msg.SubjectKeyId, msg.SerialNumber)
-
-		certBySerialNumber, _ := findCertificate(msg.SerialNumber, &certificates.Certs)
-		if certBySerialNumber != nil {
-			certBySerialNumber.Approvals = revocation.Approvals
-			k._removeAndRevokeBySerialNumber(ctx, certBySerialNumber, certificates)
+		if msg.SerialNumber != "" {
+			k._removeAndRevokeBySerialNumber(ctx, revocation.Approvals, msg.SerialNumber, certificates)
 		} else {
 			k._removeAndRevoke(ctx, revocation.Approvals, certificates)
 		}
@@ -96,14 +93,18 @@ func (k msgServer) _removeAndRevoke(ctx sdk.Context, approvals []*types.Grant, c
 	// remove from subject key ID -> certificates map
 	k.RemoveApprovedCertificatesBySubjectKeyID(ctx, certificates.Subject, certificates.SubjectKeyId)
 }
-func (k msgServer) _removeAndRevokeBySerialNumber(ctx sdk.Context, cert *types.Certificate, certificates types.ApprovedCertificates) {
+func (k msgServer) _removeAndRevokeBySerialNumber(ctx sdk.Context, approvals []*types.Grant, serialNumber string, certificates types.ApprovedCertificates) {
+	cert, _ := findCertificate(serialNumber, &certificates.Certs)
+	cert.Approvals = approvals
+
 	k.AddRevokedCertificates(ctx,
 		types.ApprovedCertificates{
 			Subject:      cert.Subject,
 			SubjectKeyId: cert.SubjectKeyId,
 			Certs:        []*types.Certificate{cert},
 		})
 	k.removeCertFromList(cert.Issuer, cert.SerialNumber, &certificates)
+
 	if len(certificates.Certs) == 0 {
 		k.RemoveApprovedCertificates(ctx, cert.Subject, cert.SubjectKeyId)
 		k.RevokeChildCertificates(ctx, cert.Subject, cert.SubjectKeyId)

Original file line number	Diff line number	Diff line change
`@@ -52,13 +52,9 @@ func (k Keeper) GetApprovedCertificateBySerialNumber(`
`52`	`52`	`return val, false`
`53`	`53`	`}`
`54`	`54`
`55`		`- for _, cert := range certs.Certs {`
`56`		`- if cert.SerialNumber == serialNumber {`
`57`		`- return *cert, true`
`58`		`- }`
`59`		`- }`
	`55`	`+ cert, found := findCertificate(serialNumber, &certs.Certs)`
`60`	`56`
`61`		`- return val, false`
	`57`	`+ return *cert, found`
`62`	`58`	`}`
`63`	`59`
`64`	`60`	`// RemoveApprovedCertificates removes a approvedCertificates from the store.`