Query NOC Intermediate by VID+SKID

docs/transactions.md

@@ -1525,24 +1525,24 @@ Use [GET_ALL_REVOKED_NOC_ROOT](#get_revoked_noc_root) to get a list of all revok
 - REST API:
   - GET `/dcl/pki/noc-root-certificates/{vid}`
 
-#### GET_NOC_ROOT_BY_VID_AND_SKID
+#### GET_NOC_BY_VID_AND_SKID
 
 **Status: Implemented**
 
-Retrieve NOC root certificates associated with a specific VID and subject key ID.
+Retrieve NOC (Root/ICA) certificates associated with a specific VID and subject key ID.
 This request also returns the Trust Quotient (TQ) value of the certificate
 
-Revoked NOC root certificates are not returned.
+Revoked NOC certificates are not returned.
 Use [GET_ALL_REVOKED_NOC_ROOT](#get_revoked_noc_root) to get a list of all revoked NOC root certificates.
 
 - Who can send: Any account
 - Parameters:
   - vid: `uint16` - Vendor ID (positive non-zero)
   - subject_key_id: `string` - Certificate's `Subject Key Id` in hex string format, e.g., `5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB`
 - CLI Command:
-  - `dcld query pki noc-x509-root-certs --vid=<uint16> --subject-key-id=<hex string>`
+  - `dcld query pki noc-x509-certs --vid=<uint16> --subject-key-id=<hex string>`
 - REST API:
-  - GET `/dcl/pki/noc-root-certificates/{vid}/{subject_key_id}`
+  - GET `/dcl/pki/noc-certificates/{vid}/{subject_key_id}`
 
 #### GET_NOC_ICA_BY_VID
 

integration_tests/cli/pki-noc-certs.sh

@@ -72,7 +72,7 @@ echo $result | jq
 test_divider
 
 echo "Request NOC root certificate by VID = $vid and SKID = $noc_root_cert_1_subject_key_id must be empty"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
 check_response "$result" "Not Found"
 response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
@@ -83,7 +83,7 @@ echo $result | jq
 test_divider
 
 echo "Request NOC root certificate by VID = $vid and SKID = $noc_root_cert_2_subject_key_id must be empty"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
 check_response "$result" "Not Found"
 response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_2_subject\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
@@ -94,7 +94,7 @@ echo $result | jq
 test_divider
 
 echo "Request NOC root certificate by VID = $vid and SKID = $noc_root_cert_3_subject_key_id must be empty"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_3_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_3_subject_key_id")
 check_response "$result" "Not Found"
 response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_3_subject\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_3_subject_key_id\""
@@ -191,7 +191,7 @@ check_response "$result" "\"vid\": $vid"
 test_divider
 
 echo "Request NOC root certificate by VID = "$vid" and SKID = $noc_root_cert_1_subject_key_id"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
 echo $result | jq
 check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
 check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
@@ -204,7 +204,7 @@ check_response "$result" "\"tq\": 1"
 test_divider
 
 echo "Request NOC root certificate by VID = "$vid" and SKID = $noc_root_cert_2_subject_key_id"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
 echo $result | jq
 check_response "$result" "\"subject\": \"$noc_root_cert_2_subject\""
 check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
@@ -420,7 +420,7 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_s
 echo $result | jq
 
 echo "Request NOC root certificate by VID = $vid and SKID = $noc_root_cert_1_subject must be empty"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
 check_response "$result" "Not Found"
 response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
@@ -429,7 +429,7 @@ response_does_not_contain "$result" "\"subjectAsText\": \"$noc_root_cert_1_subje
 echo $result | jq
 
 echo "Request NOC root certificate by VID = "$vid" and SKID = $noc_root_cert_2_subject_key_id"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
 check_response "$result" "\"subject\": \"$noc_root_cert_2_subject\""
 check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
 check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
@@ -538,6 +538,17 @@ check_response "$result" "\"subjectKeyId\": \"$noc_leaf_cert_1_subject_key_id\""
 response_does_not_contain "$result" "\"subject\": \"$noc_cert_1_subject\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_cert_1_subject_key_id\""
 
+echo "Request NOC certificate by VID = $vid and SKID = $noc_cert_1_subject_key_id should be empty"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_cert_1_subject_key_id")
+echo $result | jq
+check_response "$result" "Not Found"
+
+echo "Request NOC certificate by VID = $vid and SKID = $noc_leaf_cert_1_subject_key_id should contain one leaf certificate"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_leaf_cert_1_subject_key_id")
+echo $result | jq
+check_response "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""
+check_response "$result" "\"subjectKeyId\": \"$noc_leaf_cert_1_subject_key_id\""
+
 echo "Request all approved certificates should not contain revoked NOC certificates"
 result=$(dcld query pki all-x509-certs)
 check_response "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""

integration_tests/cli/pki-noc-revocation-with-revoking-child.sh

@@ -155,7 +155,6 @@ result=$(dcld query pki noc-x509-ica-certs --vid="$vid")
 echo $result | jq
 check_response "$result" "Not Found"
 response_does_not_contain "$result" "\"subject\": \"$noc_cert_1_subject\""
-response_does_not_contain "$result" "\"subject\": \"$noc_cert_1_subject\""
 response_does_not_contain "$result" "\"subject\": \"$noc_leaf_cert_1_subject\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_cert_1_subject_key_id\""
 response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_leaf_cert_1_subject_key_id\""
@@ -177,6 +176,16 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_cert_1_serial_numb
 response_does_not_contain "$result" "\"serialNumber\": \"$noc_leaf_cert_1_serial_number\""
 echo $result | jq
 
+echo "Request NOC certificate by VID = $vid and SKID = $noc_cert_1_subject_key_id should be empty"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_cert_1_subject_key_id")
+echo $result | jq
+check_response "$result" "Not Found"
+
+echo "Request NOC certificate by VID = $vid and SKID = $noc_leaf_cert_1_subject_key_id should be empty"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_leaf_cert_1_subject_key_id")
+echo $result | jq
+check_response "$result" "Not Found"
+
 test_divider
 
 echo "REVOCATION OF NOC NON-ROOT CERTIFICATES"
@@ -270,4 +279,21 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_cert_2_copy_serial
 response_does_not_contain "$result" "\"serialNumber\": \"$noc_leaf_cert_2_serial_number\""
 echo $result | jq
 
+echo "Request NOC certificate by VID = $vid and SKID = $noc_root_cert_2_subject_key_id should not be empty"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_2_subject_key_id")
+echo $result | jq
+check_response "$result" "\"subject\": \"$noc_root_cert_2_subject\""
+check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
+check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
+
+echo "Request NOC certificate by VID = $vid and SKID = $noc_cert_2_subject_key_id should be empty"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_cert_2_subject_key_id")
+echo $result | jq
+check_response "$result" "Not Found"
+
+echo "Request NOC certificate by VID = $vid and SKID = $noc_leaf_cert_2_subject_key_id should be empty"
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_leaf_cert_2_subject_key_id")
+echo $result | jq
+check_response "$result" "Not Found"
+
 test_divider

integration_tests/cli/pki-noc-revocation-with-serial-number.sh

@@ -71,7 +71,7 @@ check_response "$result" "\"code\": 0"
 test_divider
 
 echo "Request NOC root certificate by VID = $vid and SKID=$noc_root_cert_1_subject_key_id"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
 check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
 check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
 check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
@@ -144,7 +144,7 @@ response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_serial
 echo $result | jq
 
 echo "Request NOC root certificate by VID = $vid and SKID=$noc_root_cert_1_subject_key_id should contain only one root certificate with serialNumber=$noc_root_cert_1_copy_serial_number"
-result=$(dcld query pki noc-x509-root-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
+result=$(dcld query pki noc-x509-certs --vid="$vid" --subject-key-id="$noc_root_cert_1_subject_key_id")
 check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
 check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
 check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_copy_serial_number\""

integration_tests/cli/pki-remove-noc-certificates.sh

@@ -313,4 +313,14 @@ check_response "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number
 response_does_not_contain "$result" "\"serialNumber\": \"$root_cert_1_serial_number"
 response_does_not_contain "$result" "\"serialNumber\": \"$root_cert_1_copy_serial_number"
 
+echo "Request NOC certificate by VID = $root_cert_vid and SKID = $intermediate_cert_subject_key_id should not be empty"
+result=$(dcld query pki noc-x509-certs --vid="$root_cert_vid" --subject-key-id="$intermediate_cert_subject_key_id")
+echo $result | jq
+check_response "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""
+
+echo "Request NOC certificate by VID = $root_cert_vid and SKID = $root_cert_subject_key_id should be empty"
+result=$(dcld query pki noc-x509-certs --vid="$root_cert_vid" --subject-key-id="$root_cert_subject_key_id")
+echo $result | jq
+check_response "$result" "Not Found"
+
 test_divider