Skip to content

Commit

Permalink
Change serial number from bytes to string (#944)
Browse files Browse the repository at this point in the history
* change serial from bytes to string and removed max length validation from the serial number fields
  • Loading branch information
oliveromahony authored Dec 17, 2024
1 parent da6adb1 commit 6a82a2e
Show file tree
Hide file tree
Showing 6 changed files with 132 additions and 140 deletions.
246 changes: 123 additions & 123 deletions api/grpc/mpi/v1/files.pb.go

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions api/grpc/mpi/v1/files.proto
Original file line number Diff line number Diff line change
Expand Up @@ -151,8 +151,8 @@ message UpdateFileResponse {
// Define the certificate message based on https://pkg.go.dev/crypto/x509#Certificate
// and https://github.com/googleapis/googleapis/blob/005df4681b89bd204a90b76168a6dc9d9e7bf4fe/google/cloud/iot/v1/resources.proto#L341
message CertificateMeta {
// Serial number of the certificate, usually a unique identifier, RFC5280 states the upper limit for serial number is 20 octets
bytes serial_number = 1 [(buf.validate.field).bytes.min_len = 0, (buf.validate.field).bytes.max_len = 21];
// Serial number of the certificate, usually a unique identifier, the max length is the length of an interger
string serial_number = 1 [(buf.validate.field).string.min_len = 0];

// Issuer details (who issued the certificate)
X509Name issuer = 2;
Expand Down Expand Up @@ -270,7 +270,7 @@ message X509Name {
repeated string postal_code = 7 [(buf.validate.field).repeated.items.string.min_len = 1];

// Serial Number (SN): Unique identifier or serial number.
string serial_number = 8 [(buf.validate.field).string.min_len = 0, (buf.validate.field).string.max_len = 21];
string serial_number = 8 [(buf.validate.field).string.min_len = 0];

// Common Name (CN): Typically the person’s or entity's full name.
string common_name = 9 [(buf.validate.field).string.min_len = 1];
Expand Down
2 changes: 1 addition & 1 deletion docs/proto/protos.md
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ and https://github.com/googleapis/googleapis/blob/005df4681b89bd204a90b76168a6dc

| Field | Type | Label | Description |
| ----- | ---- | ----- | ----------- |
| serial_number | [bytes](#bytes) | | Serial number of the certificate, usually a unique identifier, RFC5280 states the upper limit for serial number is 20 octets |
| serial_number | [string](#string) | | Serial number of the certificate, usually a unique identifier, the max length is the length of an interger |
| issuer | [X509Name](#mpi-v1-X509Name) | | Issuer details (who issued the certificate) |
| subject | [X509Name](#mpi-v1-X509Name) | | Subject details (to whom the certificate is issued) |
| sans | [SubjectAlternativeNames](#mpi-v1-SubjectAlternativeNames) | | Subject Alternative Names (SAN) including DNS names and IP addresses |
Expand Down
14 changes: 3 additions & 11 deletions internal/file/file_manager_service_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -648,13 +648,13 @@ func TestParseX509Certificates(t *testing.T) {
certName string
certContent string
name string
expectedSerial []byte
expectedSerial string
}{
{
name: "Test 1: generated cert",
certName: "public_cert",
certContent: "",
expectedSerial: []byte{0x1, 0xe0, 0xf3},
expectedSerial: "123123",
},
{
name: "Test 2: open ssl cert",
Expand All @@ -680,15 +680,7 @@ X/vYrzgKRoKSUWUt1ejKTntrVuaJK4NMxANOTTjIXgxyoV3YcgEmL9KzribCqILi
p79Nno9d+kovtX5VKsJ5FCcPw9mEATgZDOQ4nLTk/HHG6bwtpubp6Zb7H1AjzBkz
rQHX6DP4w6IwZY8JB8LS
-----END CERTIFICATE-----`,
expectedSerial: []byte{
0x47, 0xe6, 0x6,
0x81, 0x11, 0xe1,
0x63, 0xa, 0x2d,
0x17, 0x20, 0x4e,
0xbd, 0x27, 0x35,
0x28, 0x3f, 0x5d,
0xe3, 0x99,
},
expectedSerial: "410468082718062724391949173062901619571168240537",
},
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/files/file_helpers.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ func FileMetaWithCertificate(filePath string) (*mpi.FileMeta, error) {
// Populate certificate-specific metadata
fileMeta.FileType = &mpi.FileMeta_CertificateMeta{
CertificateMeta: &mpi.CertificateMeta{
SerialNumber: loadedCert.SerialNumber.Bytes(),
SerialNumber: loadedCert.SerialNumber.String(),
Issuer: &mpi.X509Name{
Country: loadedCert.Issuer.Country,
Organization: loadedCert.Issuer.Organization,
Expand Down
2 changes: 1 addition & 1 deletion test/protos/files.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ func CertMeta(fileName, fileHash string) *mpi.FileMeta {
Permissions: "0600",
FileType: &mpi.FileMeta_CertificateMeta{
CertificateMeta: &mpi.CertificateMeta{
SerialNumber: []byte("12345-67890"),
SerialNumber: "12345-67890",
Issuer: &mpi.X509Name{
Country: []string{"IE"},
Organization: []string{"F5"},
Expand Down

0 comments on commit 6a82a2e

Please sign in to comment.