Skip to content

Commit

Permalink
#502 Add schema version field to entities
Browse files Browse the repository at this point in the history 
- Add unit tests for static validation
- Fix integration test errors

Signed-off-by: Abdulbois <abdulbois.tursunov@dsr-corporation.com>
Signed-off-by: Abdulbois <abdulbois123@gmail.com>
  • Loading branch information
@Abdulbois
Abdulbois committed Mar 23, 2024
1 parent 491994b commit 3774cf8
Show file tree
Hide file tree
Showing 23 changed files with 430 additions and 60 deletions.
42 changes: 21 additions & 21 deletions docs/transactions.md
View file

Large diffs are not rendered by default.

10 changes: 3 additions & 7 deletions integration_tests/cli/pki-demo.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -401,7 +401,6 @@ check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\
check_response "$result" "\"serialNumber\": \"$intermediate_cert_serial_number\""
check_response "$result" "\"subjectAsText\": \"$intermediate_cert_subject_as_text\""
check_response "$result" "\"schemaVersion\": $cert_schema_version_1"
check_response "$result" "\"certSchemaVersion\": $cert_schema_version_1"
check_response "$result" "\"schemaVersion\": $schema_version_2"
check_response "$result" "\"approvals\": \\[\\]"

Expand Down Expand Up @@ -458,7 +457,6 @@ test_divider

echo "$vendor_account add Leaf certificate"
leaf_path="integration_tests/constants/leaf_cert"
cert_schema_version_0=0
schema_version_0=0
result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$leaf_path" --from $vendor_account --yes)
check_response "$result" "\"code\": 0"
Expand All @@ -472,7 +470,6 @@ check_response "$result" "\"subject\": \"$leaf_cert_subject\""
check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\""
check_response "$result" "\"subjectAsText\": \"$leaf_cert_subject_as_text\""
check_response "$result" "\"certSchemaVersion\": $cert_schema_version_0"
check_response "$result" "\"schemaVersion\": $schema_version_0"
check_response "$result" "\"approvals\": \\[\\]"

Expand Down Expand Up @@ -707,7 +704,7 @@ result=$(dcld query pki all-revoked-x509-certs)
echo $result | jq
check_response "$result" "\"subject\": \"$intermediate_cert_subject\""
check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
check_response "$result" "\"schemaVersion\": \"$revoke_schema_version_3\""
check_response "$result" "\"schemaVersion\": $revoke_schema_version_3"
response_does_not_contain "$result" "\"subject\": \"$leaf_cert_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
response_does_not_contain "$result" "\"subject\": \"$root_cert_subject\""
Expand Down Expand Up @@ -836,7 +833,7 @@ result=$(dcld query pki all-proposed-x509-root-certs-to-revoke)
echo $result | jq
check_response "$result" "\"subject\": \"$root_cert_subject\""
check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\""
check_response "$result" "\"schemaVersion\": \"$revoke_schema_version_4\""
check_response "$result" "\"schemaVersion\": $revoke_schema_version_4"
response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
response_does_not_contain "$result" "\"subject\": \"$leaf_cert_subject\""
Expand Down Expand Up @@ -1173,6 +1170,7 @@ test_divider
echo "10. PROPOSE GOOGLE ROOT CERT"
test_divider

cert_schema_version_0=0
echo "$user_account (Not Trustee) propose Root certificate"
google_root_path="integration_tests/constants/google_root_cert"
result=$(echo "$passphrase" | dcld tx pki propose-add-x509-root-cert --certificate="$google_root_path" --from $user_account --vid=$google_cert_vid --yes)
Expand Down Expand Up @@ -1636,7 +1634,6 @@ check_response "$result" "\"code\": 0"

test_divider

reject_schema_version_0=0
echo "$trustee_account (Trustee) cannot reject Root certificate for the second time"
result=$(echo $passphrase | dcld tx pki reject-add-x509-root-cert --subject="$test_cert_subject" --subject-key-id="$test_cert_subject_key_id" --from $trustee_account --yes 2>&1 || true)
response_does_not_contain "$result" "\"code\": 0"
Expand All @@ -1663,7 +1660,6 @@ response_does_not_contain "$result" "\"subject\": \"$test_cert_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$test_cert_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$test_cert_serial_number\""
response_does_not_contain "$result" "\"subjectAsText\": \"$test_cert_subject_as_text\""
check_response "$result" "\"schemaVersion\": $reject_schema_version_0"

test_divider

Expand Down
23 changes: 8 additions & 15 deletions integration_tests/cli/pki-noc-certs.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,12 +147,8 @@ check_response "$result" "\"subject\": \"$noc_root_cert_2_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_2_subject_as_text\""
check_response "$result" "\"schemaVersion\": \"$cert_schema_version_0\""
check_response "$result" "\"schemaVersion\": \"$cert_schema_version_1\""
check_response "$result" "\"certSchemaVersion\": \"$cert_schema_version_0\""
check_response "$result" "\"certSchemaVersion\": \"$cert_schema_version_1\""
check_response "$result" "\"schemaVersion\": \"$schema_version_0\""
check_response "$result" "\"schemaVersion\": \"$schema_version_2\""
check_response "$result" "\"schemaVersion\": $cert_schema_version_0"
check_response "$result" "\"schemaVersion\": $cert_schema_version_1"
check_response "$result" "\"vid\": $vid"

test_divider
Expand Down Expand Up @@ -251,12 +247,9 @@ check_response "$result" "\"subject\": \"$noc_cert_2_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_cert_2_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_cert_2_serial_number\""
check_response "$result" "\"vid\": $vid"
check_response "$result" "\"schemaVersion\": \"$cert_schema_version_0\""
check_response "$result" "\"schemaVersion\": \"$cert_schema_version_3\""
check_response "$result" "\"certSchemaVersion\": \"$cert_schema_version_0\""
check_response "$result" "\"certSchemaVersion\": \"$cert_schema_version_3\""
check_response "$result" "\"schemaVersion\": \"$schema_version_0\""
check_response "$result" "\"schemaVersion\": \"$schema_version_4\""
check_response "$result" "\"schemaVersion\": $cert_schema_version_0"
check_response "$result" "\"schemaVersion\": $cert_schema_version_3"


echo "Request all approved certificates"
result=$(dcld query pki all-x509-certs)
Expand Down Expand Up @@ -313,7 +306,7 @@ check_response "$result" "\"subject\": \"$noc_root_cert_1_subject"
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_serial_number\""
check_response "$result" "\"schemaVersion\": \"$revoke_schema_version_5\""
check_response "$result" "\"schemaVersion\": $revoke_schema_version_5"
response_does_not_contain "$result" "\"subject\": \"$noc_cert_1_subject\""
response_does_not_contain "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""

Expand Down Expand Up @@ -407,7 +400,7 @@ check_response "$result" "\"code\": 439"

revoke_schema_version_6=6
echo "$vendor_account Vendor revokes only NOC certificates, it should not revoke leaf certificates"
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-cert --subject="$noc_cert_1_subject" --subject-key-id="$noc_cert_1_subject_key_id" --schemaVersion=$revoke_schema_version_5 --from=$vendor_account --yes)
result=$(echo "$passphrase" | dcld tx pki revoke-noc-x509-cert --subject="$noc_cert_1_subject" --subject-key-id="$noc_cert_1_subject_key_id" --schemaVersion=$revoke_schema_version_6 --from=$vendor_account --yes)
check_response "$result" "\"code\": 0"

echo "Request all revoked certificates should not contain leaf certificate"
Expand All @@ -420,7 +413,7 @@ check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_serial_numbe
check_response "$result" "\"subject\": \"$noc_cert_1_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_cert_1_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_cert_1_serial_number"
check_response "$result" "\"schemaVersion\": \"$revoke_schema_version_6\""
check_response "$result" "\"schemaVersion\": $revoke_schema_version_6"
response_does_not_contain "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_leaf_cert_1_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$noc_leaf_cert_1_serial_number"
Expand Down
16 changes: 16 additions & 0 deletions x/compliance/types/message_certify_model_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -397,6 +397,22 @@ func TestMsgCertifyModel_ValidateBasic(t *testing.T) {
},
err: ErrInvalidPFCCertificationRoute,
},
{
name: "schemaVersion > 65535",
msg: MsgCertifyModel{
Signer: sample.AccAddress(),
SoftwareVersionString: testconstants.SoftwareVersionString,
Pid: 1,
Vid: 1,
CertificationDate: testconstants.CertificationDate,
CertificationType: testconstants.CertificationType,
SoftwareVersion: testconstants.SoftwareVersion,
CDVersionNumber: uint32(testconstants.CdVersionNumber),
CDCertificateId: testconstants.CDCertificateID,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
17 changes: 17 additions & 0 deletions x/compliance/types/message_provision_model_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -389,6 +389,23 @@ func TestMsgProvisionModel_ValidateBasic(t *testing.T) {
},
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: MsgProvisionModel{
Signer: sample.AccAddress(),
SoftwareVersionString: testconstants.SoftwareVersionString,
Pid: 1,
Vid: 1,
ProvisionalDate: testconstants.CertificationDate,
CertificationType: testconstants.CertificationType,
SoftwareVersion: testconstants.SoftwareVersion,
CDVersionNumber: uint32(testconstants.CdVersionNumber),
Reason: testconstants.Reason,
CDCertificateId: testconstants.CDCertificateID,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
16 changes: 16 additions & 0 deletions x/compliance/types/message_revoke_model_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -220,6 +220,22 @@ func TestMsgRevokeModel_ValidateBasic(t *testing.T) {
},
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: MsgRevokeModel{
Signer: sample.AccAddress(),
SoftwareVersionString: testconstants.SoftwareVersionString,
Pid: 1,
Vid: 1,
RevocationDate: testconstants.CertificationDate,
CertificationType: testconstants.CertificationType,
SoftwareVersion: testconstants.SoftwareVersion,
CDVersionNumber: uint32(testconstants.CdVersionNumber),
Reason: testconstants.Reason,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
15 changes: 15 additions & 0 deletions x/compliance/types/message_update_compliance_info_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,6 +191,21 @@ func TestMsgUpdateComplianceInfo_ValidateBasic(t *testing.T) {
},
err: ErrInvalidUint32ForCdVersionNumber,
},
{
name: "schemaVersion > 65535",
msg: MsgUpdateComplianceInfo{
Creator: sample.AccAddress(),
Pid: 1,
Vid: 1,
Date: testconstants.CertificationDate,
CertificationType: "matter",
SoftwareVersion: testconstants.SoftwareVersion,
CDVersionNumber: "312",
CDCertificateId: testconstants.CDCertificateID,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
Expand Down
18 changes: 18 additions & 0 deletions x/model/types/messages_model_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -325,6 +325,15 @@ func TestMsgCreateModel_ValidateBasic(t *testing.T) {
}(validMsgCreateModel()),
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: func(msg *MsgCreateModel) *MsgCreateModel {
msg.Creator = sample.AccAddress()
msg.SchemaVersion = 65536
return msg

Check failure on line 333 in x/model/types/messages_model_test.go

View workflow job for this annotation

GitHub Actions / Check linter issues with golangci-lint tool 

return with no blank line before (nlreturn)
}(validMsgCreateModel()),
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down Expand Up @@ -879,6 +888,15 @@ func TestMsgUpdateModel_ValidateBasic(t *testing.T) {
}(validMsgUpdateModel()),
err: validator.ErrFieldUpperBoundViolated,
},
{
name: "schemaVersion > 65535",
msg: func(msg *MsgUpdateModel) *MsgUpdateModel {
msg.Creator = sample.AccAddress()
msg.SchemaVersion = 65536
return msg

Check failure on line 896 in x/model/types/messages_model_test.go

View workflow job for this annotation

GitHub Actions / Check linter issues with golangci-lint tool 

return with no blank line before (nlreturn)
}(validMsgUpdateModel()),
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
18 changes: 18 additions & 0 deletions x/model/types/messages_model_version_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,15 @@ func TestMsgCreateModelVersion_ValidateBasic(t *testing.T) {
}(validMsgCreateModelVersion()),
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: func(msg *MsgCreateModelVersion) *MsgCreateModelVersion {
msg.Creator = sample.AccAddress()
msg.SchemaVersion = 65536
return msg

Check failure on line 275 in x/model/types/messages_model_version_test.go

View workflow job for this annotation

GitHub Actions / Check linter issues with golangci-lint tool 

return with no blank line before (nlreturn)
}(validMsgCreateModelVersion()),
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down Expand Up @@ -682,6 +691,15 @@ func TestMsgUpdateModelVersion_ValidateBasic(t *testing.T) {
}(validMsgUpdateModelVersion()),
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: func(msg *MsgUpdateModelVersion) *MsgUpdateModelVersion {
msg.Creator = sample.AccAddress()
msg.SchemaVersion = 65536
return msg
}(validMsgUpdateModelVersion()),
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
20 changes: 20 additions & 0 deletions x/pki/types/message_add_noc_x_509_cert_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,26 @@ func TestMsgAddNocX509Cert_ValidateBasic(t *testing.T) {
},
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: MsgAddNocX509Cert{
Signer: sample.AccAddress(),
Cert: testconstants.NocCert1,
CertSchemaVersion: testconstants.CertSchemaVersion,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
{
name: "certSchemaVersion > 65535",
msg: MsgAddNocX509Cert{
Signer: sample.AccAddress(),
Cert: testconstants.NocCert1,
CertSchemaVersion: 65536,
SchemaVersion: testconstants.SchemaVersion,
},
err: validator.ErrFieldUpperBoundViolated,
},
}
positiveTests := []struct {
name string
Expand Down
20 changes: 20 additions & 0 deletions x/pki/types/message_add_noc_x_509_root_cert_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,26 @@ func TestMsgAddNocX509RootCert_ValidateBasic(t *testing.T) {
},
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: MsgAddNocX509RootCert{
Signer: sample.AccAddress(),
Cert: testconstants.NocRootCert1,
CertSchemaVersion: testconstants.CertSchemaVersion,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
{
name: "certSchemaVersion > 65535",
msg: MsgAddNocX509RootCert{
Signer: sample.AccAddress(),
Cert: testconstants.NocRootCert1,
CertSchemaVersion: 65536,
SchemaVersion: testconstants.SchemaVersion,
},
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
15 changes: 15 additions & 0 deletions x/pki/types/message_add_pki_revocation_distribution_point_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -436,6 +436,21 @@ func TestMsgAddPkiRevocationDistributionPoint_ValidateBasic(t *testing.T) {
},
err: pkitypes.ErrCRLSignerCertificatePidNotEqualMsgPid,
},
{
name: "schemaVersion > 65535",
msg: MsgAddPkiRevocationDistributionPoint{
Signer: sample.AccAddress(),
Vid: testconstants.PAACertWithNumericVidVid,
IsPAA: true,
CrlSignerCertificate: testconstants.PAACertWithNumericVid,
Label: "label",
DataURL: testconstants.DataURL,
IssuerSubjectKeyID: testconstants.SubjectKeyIDWithoutColons,
RevocationType: 1,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
20 changes: 20 additions & 0 deletions x/pki/types/message_add_x_509_cert_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,26 @@ func TestMsgAddX509Cert_ValidateBasic(t *testing.T) {
},
err: validator.ErrFieldMaxLengthExceeded,
},
{
name: "schemaVersion > 65535",
msg: MsgAddX509Cert{
Signer: sample.AccAddress(),
Cert: testconstants.RootCertPem,
CertSchemaVersion: testconstants.CertSchemaVersion,
SchemaVersion: 65536,
},
err: validator.ErrFieldUpperBoundViolated,
},
{
name: "certSchemaVersion > 65535",
msg: MsgAddX509Cert{
Signer: sample.AccAddress(),
Cert: testconstants.RootCertPem,
CertSchemaVersion: 65536,
SchemaVersion: testconstants.SchemaVersion,
},
err: validator.ErrFieldUpperBoundViolated,
},
}

positiveTests := []struct {
Expand Down
Loading

0 comments on commit 3774cf8

Please sign in to comment.