Skip to content

Commit a093608

Browse files
akarabashovakarabashov
committed
Merge branch 'master' into #531-Publish-PAI-certificates-for-CRLSignerCertificate-verification
# Conflicts: # docs/transactions.md # vue/src/store/generated/zigbee-alliance/distributed-compliance-ledger/zigbeealliance.distributedcomplianceledger.pki/module/rest.ts # x/pki/types/tx.pb.go
2 parents a1b9a20 + 1933bad commit a093608

File tree

57 files changed

+2173
-2072
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

57 files changed

+2173
-2072
lines changed

docs/static/openapi.yml

+13-13
Original file line numberDiff line numberDiff line change
@@ -9297,17 +9297,17 @@ paths:
92979297
type: string
92989298
tags:
92999299
- Query
9300-
/dcl/pki/noc-certificates:
9300+
/dcl/pki/noc-ica-certificates:
93019301
get:
9302-
summary: Queries a list of NocCertificates items.
9303-
operationId: NocCertificatesAll
9302+
summary: Queries a list of NocIcaCertificates items.
9303+
operationId: NocIcaCertificatesAll
93049304
responses:
93059305
'200':
93069306
description: A successful response.
93079307
schema:
93089308
type: object
93099309
properties:
9310-
nocCertificates:
9310+
nocIcaCertificates:
93119311
type: array
93129312
items:
93139313
type: object
@@ -9482,17 +9482,17 @@ paths:
94829482
type: boolean
94839483
tags:
94849484
- Query
9485-
/dcl/pki/noc-certificates/{vid}:
9485+
/dcl/pki/noc-ica-certificates/{vid}:
94869486
get:
9487-
summary: Queries a NocCertificates by index.
9488-
operationId: NocCertificates
9487+
summary: Queries a NocIcaCertificates by index.
9488+
operationId: NocIcaCertificates
94899489
responses:
94909490
'200':
94919491
description: A successful response.
94929492
schema:
94939493
type: object
94949494
properties:
9495-
nocCertificates:
9495+
nocIcaCertificates:
94969496
type: object
94979497
properties:
94989498
vid:
@@ -21684,7 +21684,7 @@ definitions:
2168421684
format: int64
2168521685
info:
2168621686
type: string
21687-
zigbeealliance.distributedcomplianceledger.pki.NocCertificates:
21687+
zigbeealliance.distributedcomplianceledger.pki.NocIcaCertificates:
2168821688
type: object
2168921689
properties:
2169021690
vid:
@@ -22066,10 +22066,10 @@ definitions:
2206622066
repeated Bar results = 1;
2206722067
PageResponse page = 2;
2206822068
}
22069-
zigbeealliance.distributedcomplianceledger.pki.QueryAllNocCertificatesResponse:
22069+
zigbeealliance.distributedcomplianceledger.pki.QueryAllNocIcaCertificatesResponse:
2207022070
type: object
2207122071
properties:
22072-
nocCertificates:
22072+
nocIcaCertificates:
2207322073
type: array
2207422074
items:
2207522075
type: object
@@ -22869,10 +22869,10 @@ definitions:
2286922869
type: string
2287022870
subjectKeyId:
2287122871
type: string
22872-
zigbeealliance.distributedcomplianceledger.pki.QueryGetNocCertificatesResponse:
22872+
zigbeealliance.distributedcomplianceledger.pki.QueryGetNocIcaCertificatesResponse:
2287322873
type: object
2287422874
properties:
22875-
nocCertificates:
22875+
nocIcaCertificates:
2287622876
type: object
2287722877
properties:
2287822878
vid:

docs/transactions.md

+447-392
Large diffs are not rendered by default.

integration_tests/cli/pki-noc-certs.sh

+14-14
Original file line numberDiff line numberDiff line change
@@ -200,12 +200,12 @@ check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
200200
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
201201
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
202202

203-
echo "Add first NOC certificate by vendor with VID = $vid"
204-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_1_path" --from $vendor_account --yes)
203+
echo "Add first intermidiate NOC certificate by vendor with VID = $vid"
204+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_1_path" --from $vendor_account --yes)
205205
check_response "$result" "\"code\": 0"
206206

207-
echo "Request NOC certificate by VID = $vid"
208-
result=$(dcld query pki noc-x509-certs --vid="$vid")
207+
echo "Request intermidiate NOC certificate by VID = $vid"
208+
result=$(dcld query pki noc-x509-ica-certs --vid="$vid")
209209
echo $result | jq
210210
check_response "$result" "\"subject\": \"$noc_cert_1_subject\""
211211
check_response "$result" "\"subjectKeyId\": \"$noc_cert_1_subject_key_id\""
@@ -221,23 +221,23 @@ check_response "$result" "\"subject\": \"$noc_cert_1_subject\""
221221
check_response "$result" "\"subjectKeyId\": \"$noc_cert_1_subject_key_id\""
222222

223223
echo "Try to add intermediate with different VID = $vid_2"
224-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_2_path" --from $vendor_account_2 --yes)
224+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_2_path" --from $vendor_account_2 --yes)
225225
check_response "$result" "\"code\": 439"
226226

227227
test_divider
228228

229229
cert_schema_version_3=3
230230
schema_version_4=4
231231
echo "Add second NOC certificate by vendor with VID = $vid"
232-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_2_path" --certificate-schema-version=$cert_schema_version_3 --schemaVersion=$schema_version_4 --from $vendor_account --yes)
232+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_2_path" --certificate-schema-version=$cert_schema_version_3 --schemaVersion=$schema_version_4 --from $vendor_account --yes)
233233
check_response "$result" "\"code\": 0"
234234

235235
echo "Add third NOC certificate by vendor with VID = $vid"
236-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_1_copy_path" --from $vendor_account --yes)
236+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_1_copy_path" --from $vendor_account --yes)
237237
check_response "$result" "\"code\": 0"
238238

239239
echo "Request all NOC certificates"
240-
result=$(dcld query pki all-noc-x509-certs)
240+
result=$(dcld query pki all-noc-x509-ica-certs)
241241
echo $result | jq
242242
check_response "$result" "\"subject\": \"$noc_cert_1_subject\""
243243
check_response "$result" "\"subjectKeyId\": \"$noc_cert_1_subject_key_id\""
@@ -272,7 +272,7 @@ result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="
272272
check_response "$result" "\"code\": 0"
273273

274274
echo "Add NOC leaf certificate by vendor with VID = $vid"
275-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_leaf_cert_1_path" --from $vendor_account --yes)
275+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_leaf_cert_1_path" --from $vendor_account --yes)
276276
check_response "$result" "\"code\": 0"
277277

278278
echo "Request All NOC root certificate"
@@ -283,7 +283,7 @@ check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_serial_numbe
283283
check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
284284

285285
echo "Request all NOC certificates"
286-
result=$(dcld query pki all-noc-x509-certs)
286+
result=$(dcld query pki all-noc-x509-ica-certs)
287287
echo $result | jq
288288
check_response "$result" "\"serialNumber\": \"$noc_cert_1_serial_number\""
289289
check_response "$result" "\"serialNumber\": \"$noc_cert_1_copy_serial_number\""
@@ -365,7 +365,7 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_s
365365
echo $result | jq
366366

367367
echo "Request NOC certificate by VID = $vid should contain intermediate and leaf certificates"
368-
result=$(dcld query pki noc-x509-certs --vid="$vid")
368+
result=$(dcld query pki noc-x509-ica-certs --vid="$vid")
369369
echo $result | jq
370370
check_response "$result" "\"subject\": \"$noc_cert_1_subject\""
371371
check_response "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""
@@ -395,12 +395,12 @@ test_divider
395395
echo "REVOCATION OF NON-ROOT NOC CERTIFICATES"
396396

397397
echo "Try to revoke NOC certificate with different VID = $vid_2"
398-
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-cert --subject="$noc_cert_1_subject" --subject-key-id="$noc_cert_1_subject_key_id" --from $vendor_account_2 --yes)
398+
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-ica-cert --subject="$noc_cert_1_subject" --subject-key-id="$noc_cert_1_subject_key_id" --from $vendor_account_2 --yes)
399399
check_response "$result" "\"code\": 439"
400400

401401
revoke_schema_version_6=6
402402
echo "$vendor_account Vendor revokes only NOC certificates, it should not revoke leaf certificates"
403-
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-cert --subject="$noc_cert_1_subject" --subject-key-id="$noc_cert_1_subject_key_id" --schemaVersion=$revoke_schema_version_6 --from=$vendor_account --yes)
403+
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-ica-cert --subject="$noc_cert_1_subject" --subject-key-id="$noc_cert_1_subject_key_id" --schemaVersion=$revoke_schema_version_6 --from=$vendor_account --yes)
404404
check_response "$result" "\"code\": 0"
405405

406406
echo "Request all revoked certificates should not contain leaf certificate"
@@ -440,7 +440,7 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_cert_1_copy_serial
440440
echo $result | jq
441441

442442
echo "Request NOC certificate by VID = $vid should contain one leaf certificate"
443-
result=$(dcld query pki noc-x509-certs --vid="$vid")
443+
result=$(dcld query pki noc-x509-ica-certs --vid="$vid")
444444
echo $result | jq
445445
check_response "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""
446446
check_response "$result" "\"subjectKeyId\": \"$noc_leaf_cert_1_subject_key_id\""

integration_tests/cli/pki-noc-revocation-with-revoking-child.sh

+13-13
Original file line numberDiff line numberDiff line change
@@ -57,11 +57,11 @@ result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="
5757
check_response "$result" "\"code\": 0"
5858

5959
echo "Add first NOC certificate by vendor with VID = $vid"
60-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_1_path" --from $vendor_account --yes)
60+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_1_path" --from $vendor_account --yes)
6161
check_response "$result" "\"code\": 0"
6262

6363
echo "Add NOC leaf certificate by vendor with VID = $vid"
64-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_leaf_cert_1_path" --from $vendor_account --yes)
64+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_leaf_cert_1_path" --from $vendor_account --yes)
6565
check_response "$result" "\"code\": 0"
6666

6767
test_divider
@@ -73,7 +73,7 @@ check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
7373
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_serial_number\""
7474

7575
echo "Request all NOC certificates"
76-
result=$(dcld query pki all-noc-x509-certs)
76+
result=$(dcld query pki all-noc-x509-ica-certs)
7777
echo $result | jq
7878
check_response "$result" "\"serialNumber\": \"$noc_cert_1_serial_number\""
7979
check_response "$result" "\"serialNumber\": \"$noc_leaf_cert_1_serial_number\""
@@ -146,7 +146,7 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_serial
146146
echo $result | jq
147147

148148
echo "Request NOC certificate by VID = $vid should be empty"
149-
result=$(dcld query pki noc-x509-certs --vid="$vid")
149+
result=$(dcld query pki noc-x509-ica-certs --vid="$vid")
150150
echo $result | jq
151151
check_response "$result" "Not Found"
152152
response_does_not_contain "$result" "\"subject\": \"$noc_cert_1_subject\""
@@ -180,32 +180,32 @@ echo "Add NOC root certificate by vendor with VID = $vid"
180180
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="$noc_root_cert_2_path" --from $vendor_account --yes)
181181
check_response "$result" "\"code\": 0"
182182

183-
echo "Add NOC certificate by vendor with VID = $vid"
184-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_2_path" --from $vendor_account --yes)
183+
echo "Add intermidiate NOC certificate by vendor with VID = $vid"
184+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_2_path" --from $vendor_account --yes)
185185
check_response "$result" "\"code\": 0"
186186

187-
echo "Add second NOC certificate by vendor with VID = $vid"
188-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_cert_2_copy_path" --from $vendor_account --yes)
187+
echo "Add second intermidiate NOC certificate by vendor with VID = $vid"
188+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_cert_2_copy_path" --from $vendor_account --yes)
189189
check_response "$result" "\"code\": 0"
190190

191191
echo "Add leaf certificate by vendor with VID = $vid"
192-
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-cert --certificate="$noc_leaf_cert_2_path" --from $vendor_account --yes)
192+
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-ica-cert --certificate="$noc_leaf_cert_2_path" --from $vendor_account --yes)
193193
check_response "$result" "\"code\": 0"
194194

195195
echo "Request All NOC root certificate"
196196
result=$(dcld query pki all-noc-x509-root-certs)
197197
echo $result | jq
198198
check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
199199

200-
echo "Request all NOC certificates"
201-
result=$(dcld query pki all-noc-x509-certs)
200+
echo "Request all intermidiate NOC certificates"
201+
result=$(dcld query pki all-noc-x509-ica-certs)
202202
echo $result | jq
203203
check_response "$result" "\"serialNumber\": \"$noc_cert_2_serial_number\""
204204
check_response "$result" "\"serialNumber\": \"$noc_cert_2_copy_serial_number\""
205205
check_response "$result" "\"serialNumber\": \"$noc_leaf_cert_2_serial_number\""
206206

207207
echo "$vendor_account Vendor revokes non-root NOC certificate by setting \"revoke-child\" flag to true, it should revoke child certificates too"
208-
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-cert --subject="$noc_cert_2_subject" --subject-key-id="$noc_cert_2_subject_key_id" --revoke-child=true --from=$vendor_account --yes)
208+
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-ica-cert --subject="$noc_cert_2_subject" --subject-key-id="$noc_cert_2_subject_key_id" --revoke-child=true --from=$vendor_account --yes)
209209
check_response "$result" "\"code\": 0"
210210

211211
echo "Request all revoked certificates should two intermediate and one leaf certificates"
@@ -239,7 +239,7 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_cert_2_copy_serial
239239
echo $result | jq
240240

241241
echo "Request NOC certificate by VID = $vid should not contain intermediate and leaf certificates"
242-
result=$(dcld query pki noc-x509-certs --vid="$vid")
242+
result=$(dcld query pki noc-x509-ica-certs --vid="$vid")
243243
echo $result | jq
244244
response_does_not_contain "$result" "\"subject\": \"$noc_cert_2_subject\""
245245
response_does_not_contain "$result" "\"subject\": \"$noc_leaf_cert_2_subject\""

0 commit comments

Comments
 (0)