diff --git a/core/proto/core.pb.go b/core/proto/core.pb.go index c8acf30f91a..3dfa4c05afe 100644 --- a/core/proto/core.pb.go +++ b/core/proto/core.pb.go @@ -614,7 +614,6 @@ func (x *Registration) GetStatus() string { type Authorization struct { state protoimpl.MessageState `protogen:"open.v1"` - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // TODO(#8722): reserve IdInt int64 `protobuf:"varint,12,opt,name=idInt,proto3" json:"idInt,omitempty"` // TODO(#8722): rename RegistrationID int64 `protobuf:"varint,3,opt,name=registrationID,proto3" json:"registrationID,omitempty"` Identifier *Identifier `protobuf:"bytes,11,opt,name=identifier,proto3" json:"identifier,omitempty"` @@ -656,13 +655,6 @@ func (*Authorization) Descriptor() ([]byte, []int) { return file_core_proto_rawDescGZIP(), []int{7} } -func (x *Authorization) GetId() string { - if x != nil { - return x.Id - } - return "" -} - func (x *Authorization) GetIdInt() int64 { if x != nil { return x.IdInt @@ -1018,9 +1010,8 @@ var file_core_proto_rawDesc = string([]byte{ 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x06, 0x10, - 0x07, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x22, 0xde, 0x02, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68, - 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x69, 0x64, 0x49, + 0x07, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x22, 0xd4, 0x02, 0x0a, 0x0d, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, 0x69, 0x64, 0x49, 0x6e, 0x74, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x69, 0x64, 0x49, 0x6e, 0x74, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, @@ -1039,52 +1030,53 @@ var file_core_proto_rawDesc = string([]byte{ 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, - 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x07, 0x10, 0x08, 0x4a, 0x04, 0x08, 0x08, - 0x10, 0x09, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x93, 0x04, 0x0a, 0x05, 0x4f, 0x72, 0x64, - 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, - 0x69, 0x64, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, - 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, - 0x61, 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, - 0x75, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x18, 0x0c, 0x20, + 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x07, + 0x10, 0x08, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x02, 0x10, 0x03, 0x22, 0x93, + 0x04, 0x0a, 0x05, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x26, 0x0a, 0x0e, 0x72, 0x65, 0x67, 0x69, + 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, + 0x52, 0x0e, 0x72, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, + 0x12, 0x16, 0x0a, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x34, 0x0a, 0x07, 0x65, 0x78, 0x70, 0x69, + 0x72, 0x65, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, + 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x12, 0x32, + 0x0a, 0x0b, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x73, 0x18, 0x10, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x49, 0x64, 0x65, 0x6e, 0x74, + 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x0b, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, + 0x72, 0x73, 0x12, 0x2a, 0x0a, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, + 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2a, + 0x0a, 0x10, 0x76, 0x32, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x03, 0x52, 0x10, 0x76, 0x32, 0x41, 0x75, 0x74, 0x68, + 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x2c, 0x0a, 0x11, 0x63, 0x65, + 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x11, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, + 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x34, 0x0a, 0x07, 0x63, 0x72, 0x65, 0x61, + 0x74, 0x65, 0x64, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, + 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x12, 0x36, + 0x0a, 0x16, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, + 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, + 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, + 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, + 0x65, 0x73, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, + 0x65, 0x73, 0x12, 0x28, 0x0a, 0x0f, 0x62, 0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63, 0x65, + 0x73, 0x73, 0x69, 0x6e, 0x67, 0x18, 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x62, 0x65, 0x67, + 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x4a, 0x04, 0x08, 0x03, + 0x10, 0x04, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x4a, 0x04, + 0x08, 0x08, 0x10, 0x09, 0x22, 0x7a, 0x0a, 0x08, 0x43, 0x52, 0x4c, 0x45, 0x6e, 0x74, 0x72, 0x79, + 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x61, 0x73, + 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, + 0x12, 0x38, 0x0a, 0x09, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, - 0x07, 0x65, 0x78, 0x70, 0x69, 0x72, 0x65, 0x73, 0x12, 0x32, 0x0a, 0x0b, 0x69, 0x64, 0x65, 0x6e, - 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x73, 0x18, 0x10, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x10, 0x2e, - 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, - 0x0b, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x73, 0x12, 0x2a, 0x0a, 0x05, - 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x63, 0x6f, - 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, - 0x73, 0x52, 0x05, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x2a, 0x0a, 0x10, 0x76, 0x32, 0x41, 0x75, - 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x0b, 0x20, 0x03, - 0x28, 0x03, 0x52, 0x10, 0x76, 0x32, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x2c, 0x0a, 0x11, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, - 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x11, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x53, 0x65, 0x72, 0x69, - 0x61, 0x6c, 0x12, 0x34, 0x0a, 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x18, 0x0d, 0x20, - 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, - 0x07, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x12, 0x36, 0x0a, 0x16, 0x63, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, - 0x6d, 0x65, 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x16, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, - 0x69, 0x63, 0x61, 0x74, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x4e, 0x61, 0x6d, 0x65, - 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x73, 0x18, 0x0f, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x70, 0x6c, 0x61, 0x63, 0x65, 0x73, 0x12, 0x28, 0x0a, 0x0f, - 0x62, 0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x18, - 0x09, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0f, 0x62, 0x65, 0x67, 0x61, 0x6e, 0x50, 0x72, 0x6f, 0x63, - 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x4a, 0x04, 0x08, 0x06, - 0x10, 0x07, 0x4a, 0x04, 0x08, 0x0a, 0x10, 0x0b, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x22, 0x7a, - 0x0a, 0x08, 0x43, 0x52, 0x4c, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x65, - 0x72, 0x69, 0x61, 0x6c, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x65, 0x72, 0x69, - 0x61, 0x6c, 0x12, 0x16, 0x0a, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x05, 0x52, 0x06, 0x72, 0x65, 0x61, 0x73, 0x6f, 0x6e, 0x12, 0x38, 0x0a, 0x09, 0x72, 0x65, - 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, - 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, - 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x72, 0x65, 0x76, 0x6f, 0x6b, - 0x65, 0x64, 0x41, 0x74, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, 0x42, 0x2b, 0x5a, 0x29, 0x67, 0x69, - 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, - 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x63, 0x6f, 0x72, - 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x09, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x41, 0x74, 0x4a, 0x04, 0x08, 0x03, 0x10, 0x04, + 0x42, 0x2b, 0x5a, 0x29, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, + 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, + 0x65, 0x72, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, }) var ( diff --git a/core/proto/core.proto b/core/proto/core.proto index 66d576f9bde..de7e876980a 100644 --- a/core/proto/core.proto +++ b/core/proto/core.proto @@ -94,8 +94,7 @@ message Registration { message Authorization { // Next unused field number: 13 - reserved 5, 7, 8; - string id = 1; // TODO(#8722): reserve + reserved 1, 5, 7, 8; int64 idInt = 12; // TODO(#8722): rename int64 registrationID = 3; // Fields specified by RFC 8555, Section 7.1.4 diff --git a/grpc/pb-marshalling.go b/grpc/pb-marshalling.go index 18e5e4aedb4..a2909563897 100644 --- a/grpc/pb-marshalling.go +++ b/grpc/pb-marshalling.go @@ -8,7 +8,6 @@ package grpc import ( "fmt" "net/netip" - "strconv" "time" "github.com/go-jose/go-jose/v4" @@ -292,7 +291,6 @@ func AuthzToPB(authz core.Authorization) (*corepb.Authorization, error) { } return &corepb.Authorization{ - Id: fmt.Sprintf("%d", authz.ID), IdInt: authz.ID, Identifier: authz.Identifier.ToProto(), RegistrationID: authz.RegistrationID, @@ -304,6 +302,10 @@ func AuthzToPB(authz core.Authorization) (*corepb.Authorization, error) { } func PBToAuthz(pb *corepb.Authorization) (core.Authorization, error) { + if pb.IdInt == 0 { + return core.Authorization{}, ErrMissingParameters + } + challs := make([]core.Challenge, len(pb.Challenges)) for i, c := range pb.Challenges { chall, err := PBToChallenge(c) @@ -318,21 +320,8 @@ func PBToAuthz(pb *corepb.Authorization) (core.Authorization, error) { expires = &c } - // TODO(#8722): remove this series of checks when pb.Id is int64-only - var authzIDInt int64 - if pb.IdInt != 0 { - authzIDInt = pb.IdInt - } else if pb.Id != "" { - parsed, err := strconv.ParseInt(pb.Id, 10, 64) - if err != nil { - return core.Authorization{}, ErrInvalidParameters - } - authzIDInt = parsed - } else { - return core.Authorization{}, ErrMissingParameters - } authz := core.Authorization{ - ID: authzIDInt, + ID: pb.IdInt, Identifier: identifier.FromProto(pb.Identifier), RegistrationID: pb.RegistrationID, Status: core.AcmeStatus(pb.Status), diff --git a/grpc/pb-marshalling_test.go b/grpc/pb-marshalling_test.go index 196418f077b..b4b6a42f446 100644 --- a/grpc/pb-marshalling_test.go +++ b/grpc/pb-marshalling_test.go @@ -242,33 +242,6 @@ func TestAuthz(t *testing.T) { outAuthz2, err := PBToAuthz(pbAuthz2) test.AssertNotError(t, err, "PBToAuthz failed") test.AssertDeepEquals(t, inAuthzNilExpires, outAuthz2) - - // Manipulate pbAuthz to test Authz marshalling with various ID combinations - // TODO(#8722): clean up these tests when authz IDs are int-only - pbAuthz3 := pbAuthz - - pbAuthz3.Id = "" - pbAuthz3.IdInt = 0 - _, err = PBToAuthz(pbAuthz3) - test.AssertError(t, err, "PBToAuthz with empty ID and empty IDInt unexpectedly succeeded") - - pbAuthz3.Id = "1" - pbAuthz3.IdInt = 0 - outAuthz3, err := PBToAuthz(pbAuthz3) - test.AssertNotError(t, err, "PBToAuthz with only string ID failed") - test.AssertDeepEquals(t, inAuthz, outAuthz3) - - pbAuthz3.Id = "1" - pbAuthz3.IdInt = 1 - outAuthz3, err = PBToAuthz(pbAuthz3) - test.AssertNotError(t, err, "PBToAuthz with both string ID and int IDInt failed") - test.AssertDeepEquals(t, inAuthz, outAuthz3) - - pbAuthz3.Id = "" - pbAuthz3.IdInt = 1 - outAuthz3, err = PBToAuthz(pbAuthz3) - test.AssertNotError(t, err, "PBToAuthz with only int IDInt failed") - test.AssertDeepEquals(t, inAuthz, outAuthz3) } func TestOrderValid(t *testing.T) { diff --git a/ra/ra.go b/ra/ra.go index e6a8651598b..ce6dc74cc16 100644 --- a/ra/ra.go +++ b/ra/ra.go @@ -689,7 +689,6 @@ func (ra *RegistrationAuthorityImpl) recheckCAA(ctx context.Context, authzs []*c Identifier: authz.Identifier.ToProto(), ValidationMethod: method, AccountURIID: authz.RegistrationID, - AuthzID: fmt.Sprintf("%d", authz.ID), AuthzIDInt: authz.ID, }) if err != nil { @@ -1384,8 +1383,7 @@ func (ra *RegistrationAuthorityImpl) PerformValidation( // Clock for start of PerformValidation. vStart := ra.clk.Now() - // TODO(#8722): Re-add req.Authz.Id to this check once int64-only - if core.IsAnyNilOrZero(req.Authz, req.Authz.Identifier, req.Authz.Status, req.Authz.Expires) { + if core.IsAnyNilOrZero(req.Authz, req.Authz.IdInt, req.Authz.Identifier, req.Authz.Status, req.Authz.Expires) { return nil, errIncompleteGRPCRequest } @@ -1456,14 +1454,13 @@ func (ra *RegistrationAuthorityImpl) PerformValidation( &vapb.PerformValidationRequest{ Identifier: authz.Identifier.ToProto(), Challenge: &corepb.Challenge{Type: string(ch.Type), Status: string(ch.Status), Token: ch.Token}, - Authz: &vapb.AuthzMeta{Id: fmt.Sprintf("%d", authz.ID), RegID: authz.RegistrationID, IdInt: authz.ID}, + Authz: &vapb.AuthzMeta{IdInt: authz.ID, RegID: authz.RegistrationID}, ExpectedKeyAuthorization: expectedKeyAuthorization, }, &vapb.IsCAAValidRequest{ Identifier: authz.Identifier.ToProto(), ValidationMethod: string(ch.Type), AccountURIID: authz.RegistrationID, - AuthzID: fmt.Sprintf("%d", authz.ID), AuthzIDInt: authz.ID, }, ) @@ -1975,23 +1972,10 @@ func (ra *RegistrationAuthorityImpl) DeactivateRegistration(ctx context.Context, func (ra *RegistrationAuthorityImpl) DeactivateAuthorization(ctx context.Context, req *corepb.Authorization) (*emptypb.Empty, error) { ident := identifier.FromProto(req.Identifier) - if core.IsAnyNilOrZero(ident, req.Status, req.RegistrationID) { + if core.IsAnyNilOrZero(ident, req.Status, req.RegistrationID, req.IdInt) { return nil, errIncompleteGRPCRequest } - // TODO(#8722): Re-add req.Id to IsAnyNilOrZero check above, and cleanup following blocks when authz ids are int64-only - var authzIDInt int64 - if req.IdInt != 0 { - authzIDInt = req.IdInt - } else if req.Id != "" { - parsed, err := strconv.ParseInt(req.Id, 10, 64) - if err != nil { - return nil, fmt.Errorf("malformed gRPC request message field: %w", err) - } - authzIDInt = parsed - } else { - return nil, errIncompleteGRPCRequest - } - if _, err := ra.SA.DeactivateAuthorization2(ctx, &sapb.AuthorizationID2{Id: authzIDInt}); err != nil { + if _, err := ra.SA.DeactivateAuthorization2(ctx, &sapb.AuthorizationID2{Id: req.IdInt}); err != nil { return nil, err } if req.Status == string(core.StatusPending) { diff --git a/ra/ra_test.go b/ra/ra_test.go index 2b6828047e1..f1e69218972 100644 --- a/ra/ra_test.go +++ b/ra/ra_test.go @@ -20,7 +20,6 @@ import ( mrand "math/rand/v2" "net/netip" "regexp" - "strconv" "sync" "testing" "time" @@ -132,17 +131,15 @@ func createPendingAuthorization(t *testing.T, sa sapb.StorageAuthorityClient, re func createFinalizedAuthorization(t *testing.T, saClient sapb.StorageAuthorityClient, regID int64, ident identifier.ACMEIdentifier, exp time.Time, chall core.AcmeChallenge, attemptedAt time.Time) int64 { t.Helper() pending := createPendingAuthorization(t, saClient, regID, ident, exp) - pendingID, err := strconv.ParseInt(pending.Id, 10, 64) - test.AssertNotError(t, err, "strconv.ParseInt failed") - _, err = saClient.FinalizeAuthorization2(context.Background(), &sapb.FinalizeAuthorizationRequest{ - Id: pendingID, + _, err := saClient.FinalizeAuthorization2(context.Background(), &sapb.FinalizeAuthorizationRequest{ + Id: pending.IdInt, Status: "valid", Expires: timestamppb.New(exp), Attempted: string(chall), AttemptedAt: timestamppb.New(attemptedAt), }) test.AssertNotError(t, err, "sa.FinalizeAuthorizations2 failed") - return pendingID + return pending.IdInt } func getAuthorization(t *testing.T, id int64, sa sapb.StorageAuthorityClient) *corepb.Authorization { @@ -854,16 +851,15 @@ func TestDeactivateAuthorization(t *testing.T) { _, err := ra.DeactivateAuthorization(ctx, dbAuthzPB) test.AssertNotError(t, err, "Could not deactivate authorization") deact, err := sa.GetAuthorization2(ctx, &sapb.AuthorizationID2{Id: authzID}) - test.AssertNotError(t, err, "Could not get deactivated authorization with ID "+dbAuthzPB.Id) + test.AssertNotError(t, err, "Could not get deactivated authorization by ID") test.AssertEquals(t, deact.Status, string(core.StatusDeactivated)) dbAuthzPBIdChecks := dbAuthzPB - dbAuthzPBIdChecks.Id = fmt.Sprintf("%d", authzID) dbAuthzPBIdChecks.IdInt = authzID _, err = ra.DeactivateAuthorization(ctx, dbAuthzPBIdChecks) test.AssertNotError(t, err, "Could not deactivate authorization") deact, err = sa.GetAuthorization2(ctx, &sapb.AuthorizationID2{Id: authzID}) - test.AssertNotError(t, err, "Could not get deactivated authorization with ID "+dbAuthzPBIdChecks.Id) + test.AssertNotError(t, err, "Could not get deactivated authorization by ID") test.AssertEquals(t, deact.Status, string(core.StatusDeactivated)) } @@ -909,7 +905,7 @@ func TestDeactivateAuthorization_Pausing(t *testing.T) { // The first deactivation of a pending authz should work and nothing should // get paused. _, err = ra.DeactivateAuthorization(ctx, &corepb.Authorization{ - Id: "1", + IdInt: 1, RegistrationID: registration.Id, Identifier: identifier.NewDNS("example.com").ToProto(), Status: string(core.StatusPending), @@ -919,7 +915,7 @@ func TestDeactivateAuthorization_Pausing(t *testing.T) { // Deactivating a valid authz shouldn't increment any limits or pause anything. _, err = ra.DeactivateAuthorization(ctx, &corepb.Authorization{ - Id: "2", + IdInt: 2, RegistrationID: registration.Id, Identifier: identifier.NewDNS("example.com").ToProto(), Status: string(core.StatusValid), @@ -930,7 +926,7 @@ func TestDeactivateAuthorization_Pausing(t *testing.T) { // Deactivating a second pending authz should surpass the limit and result // in a pause request. _, err = ra.DeactivateAuthorization(ctx, &corepb.Authorization{ - Id: "3", + IdInt: 3, RegistrationID: registration.Id, Identifier: identifier.NewDNS("example.com").ToProto(), Status: string(core.StatusPending), diff --git a/sa/model.go b/sa/model.go index 86fd0303347..ce19fcc5ad8 100644 --- a/sa/model.go +++ b/sa/model.go @@ -12,7 +12,6 @@ import ( "math" "net/netip" "net/url" - "strconv" "strings" "time" @@ -625,9 +624,14 @@ func newAuthzReqToModel(authz *sapb.NewAuthzRequest, profile string) (*authzMode // Deprecated: this function is only used as part of test setup, do not // introduce any new uses in production code. func authzPBToModel(authz *corepb.Authorization) (*authzModel, error) { + if authz.IdInt == 0 { + return nil, errors.New("authorization is missing an ID value") + } + ident := identifier.FromProto(authz.Identifier) am := &authzModel{ + ID: authz.IdInt, IdentifierType: identifierTypeToUint[ident.ToProto().Type], IdentifierValue: ident.Value, RegistrationID: authz.RegistrationID, @@ -638,17 +642,6 @@ func authzPBToModel(authz *corepb.Authorization) (*authzModel, error) { profile := authz.CertificateProfileName am.CertificateProfileName = &profile } - if authz.IdInt != 0 { - am.ID = authz.IdInt - } else if authz.Id != "" { - id, err := strconv.Atoi(authz.Id) - if err != nil { - return nil, err - } - am.ID = int64(id) - } else { - return nil, errors.New("authorization is missing an ID value") - } if hasMultipleNonPendingChallenges(authz.Challenges) { return nil, errors.New("multiple challenges are non-pending") } @@ -782,7 +775,6 @@ func modelToAuthzPB(am authzModel) (*corepb.Authorization, error) { } pb := &corepb.Authorization{ - Id: fmt.Sprintf("%d", am.ID), IdInt: am.ID, Status: string(uintToStatus[am.Status]), Identifier: identifier.ACMEIdentifier{Type: identType, Value: am.IdentifierValue}.ToProto(), diff --git a/sa/model_test.go b/sa/model_test.go index 50901aeaae1..1846adb8d2f 100644 --- a/sa/model_test.go +++ b/sa/model_test.go @@ -114,41 +114,9 @@ func TestAuthzModel(t *testing.T) { test.AssertDeepEquals(t, authzPB.Challenges, authzPBOut.Challenges) test.AssertEquals(t, authzPBOut.CertificateProfileName, authzPB.CertificateProfileName) - // Manipulate authzPB to test marshalling between corepb.Authorization and - // the SA authz model - // TODO(#8722): clean up these tests when authz IDs are int-only - authzPB = newTestAuthzPB(clk.Now()) - authzPB.Id = "" - authzPB.IdInt = 0 - _, err = authzPBToModel(authzPB) - test.AssertError(t, err, "authzPBToModel with empty Id and empty IdInt unexpectedly succeeded") - - authzPB = newTestAuthzPB(clk.Now()) - authzPB.Id = "1" - authzPB.IdInt = 0 - model, err = authzPBToModel(authzPB) - test.AssertNotError(t, err, "authzPBToModel with a value for string Id and empty IdInt failed") - authzPBOut, err = modelToAuthzPB(*model) - test.AssertNotError(t, err, "modelToAuthzPB failed") - test.AssertEquals(t, fmt.Sprintf("%d", authzPBOut.IdInt), authzPBOut.Id) - - authzPB = newTestAuthzPB(clk.Now()) - authzPB.Id = "" - authzPB.IdInt = 1 - model, err = authzPBToModel(authzPB) - test.AssertNotError(t, err, "authzPBToModel with empty Id and an int value for IdInt failed") - authzPBOut, err = modelToAuthzPB(*model) - test.AssertNotError(t, err, "modelToAuthzPB failed") - test.AssertEquals(t, fmt.Sprintf("%d", authzPBOut.IdInt), authzPBOut.Id) - - authzPB = newTestAuthzPB(clk.Now()) - authzPB.Id = "1" - authzPB.IdInt = 1 - model, err = authzPBToModel(authzPB) - test.AssertNotError(t, err, "authzPBToModel with values for both string Id and int IdInt failed") - authzPBOut, err = modelToAuthzPB(*model) - test.AssertNotError(t, err, "modelToAuthzPB failed") - test.AssertEquals(t, fmt.Sprintf("%d", authzPBOut.IdInt), authzPBOut.Id) + // Complete authz -> model -> authz round-trip should keep everything intact + // aside from the hostname and port exceptions tested above + test.AssertDeepEquals(t, authzPB, authzPBOut) authzPB = newTestAuthzPB(clk.Now()) diff --git a/sa/sa_test.go b/sa/sa_test.go index 3c19459ce1a..3980125c009 100644 --- a/sa/sa_test.go +++ b/sa/sa_test.go @@ -21,7 +21,6 @@ import ( "os" "reflect" "slices" - "strconv" "strings" "testing" "time" @@ -2441,7 +2440,7 @@ func TestAuthzModelMapToPB(t *testing.T) { if !ok { t.Errorf("output had element for %q, an identifier not present in input", authzPB.Identifier.Value) } - test.AssertEquals(t, authzPB.Id, fmt.Sprintf("%d", model.ID)) + test.AssertEquals(t, authzPB.IdInt, model.ID) test.AssertEquals(t, authzPB.Identifier.Type, string(uintToIdentifierType[model.IdentifierType])) test.AssertEquals(t, authzPB.Identifier.Value, model.IdentifierValue) test.AssertEquals(t, authzPB.RegistrationID, model.RegistrationID) @@ -2531,8 +2530,8 @@ func TestGetOrderAuthorizations(t *testing.T) { } for _, a := range authzPBs.Authzs { ident := identifier.ACMEIdentifier{Type: identifier.IdentifierType(a.Identifier.Type), Value: a.Identifier.Value} - if fmt.Sprintf("%d", identsToCheck[ident]) != a.Id { - t.Fatalf("incorrect identifier %q with id %s", a.Identifier.Value, a.Id) + if identsToCheck[ident] != a.IdInt { + t.Fatalf("incorrect identifier %q with id %d", a.Identifier.Value, a.IdInt) } test.AssertEquals(t, a.Expires.AsTime(), expires) delete(identsToCheck, ident) @@ -2689,11 +2688,7 @@ func TestGetValidAuthorizations2(t *testing.T) { var gotIDs []int64 for _, authz := range got.Authzs { - id, err := strconv.Atoi(authz.Id) - if err != nil { - t.Fatalf("parsing authz id: %s", err) - } - gotIDs = append(gotIDs, int64(id)) + gotIDs = append(gotIDs, authz.IdInt) } slices.Sort(gotIDs) diff --git a/va/caa.go b/va/caa.go index d126e72aa6e..ab091af6e52 100644 --- a/va/caa.go +++ b/va/caa.go @@ -7,7 +7,6 @@ import ( "log/slog" "net/url" "regexp" - "strconv" "strings" "sync" "time" @@ -40,24 +39,10 @@ type caaParams struct { // implements the CAA portion of Multi-Perspective Issuance Corroboration as // defined in BRs Sections 3.2.2.9 and 5.4.1. func (va *ValidationAuthorityImpl) DoCAA(ctx context.Context, req *vapb.IsCAAValidRequest) (*vapb.IsCAAValidResponse, error) { - if core.IsAnyNilOrZero(req.Identifier, req.ValidationMethod, req.AccountURIID) { + if core.IsAnyNilOrZero(req.AuthzIDInt, req.Identifier, req.ValidationMethod, req.AccountURIID) { return nil, berrors.InternalServerError("incomplete IsCAAValid request") } - // TODO(#8722): remove this whole thing when Authz IDs are int64-only - var authzIDInt int64 - if req.AuthzIDInt != 0 { - authzIDInt = req.AuthzIDInt - } else if req.AuthzID != "" { - parsed, err := strconv.ParseInt(req.AuthzID, 10, 64) - if err != nil { - return nil, berrors.MalformedError("Unable to parse Authz ID %q as integer: %v", req.AuthzID, err) - } - authzIDInt = parsed - } else { - return nil, berrors.MalformedError("No Authz ID value supplied in gRPC message") - } - ident := identifier.FromProto(req.Identifier) if ident.Type != identifier.TypeDNS { return nil, berrors.MalformedError("Identifier type for CAA check was not DNS") @@ -76,7 +61,7 @@ func (va *ValidationAuthorityImpl) DoCAA(ctx context.Context, req *vapb.IsCAAVal // Set the log attributes that we want to appear on all subsequent log lines ctx = blog.ContextWith(ctx, blog.Acct(req.AccountURIID), - blog.Authz(authzIDInt), + blog.Authz(req.AuthzIDInt), blog.Idents(ident), slog.String("method", string(challType)), ) diff --git a/va/caa_test.go b/va/caa_test.go index e80412f7fcb..29e4542384c 100644 --- a/va/caa_test.go +++ b/va/caa_test.go @@ -500,7 +500,7 @@ func TestCAALogging(t *testing.T) { Identifier: identifier.NewDNS(tc.Domain).ToProto(), ValidationMethod: string(tc.ChallengeType), AccountURIID: tc.AccountURIID, - AuthzID: "123", + AuthzIDInt: 123, }) caaLogLines := mockLog.GetAllMatching(`Checked CAA records`) @@ -526,10 +526,9 @@ func TestDoCAAErrMessage(t *testing.T) { domain := "caa-timeout.com" resp, err := va.DoCAA(ctx, &vapb.IsCAAValidRequest{ Identifier: identifier.NewDNS(domain).ToProto(), - AuthzID: "123", + AuthzIDInt: 123, ValidationMethod: string(core.ChallengeTypeHTTP01), AccountURIID: 12345, - AuthzIDInt: 678910, }) // The lookup itself should not return an error @@ -1051,10 +1050,9 @@ func TestMultiCAARechecking(t *testing.T) { isValidRes, err := va.DoCAA(context.TODO(), &vapb.IsCAAValidRequest{ Identifier: tc.ident.ToProto(), - AuthzID: "123", + AuthzIDInt: 123, ValidationMethod: string(core.ChallengeTypeDNS01), AccountURIID: 1, - AuthzIDInt: 3, }) test.AssertNotError(t, err, "Should not have errored, but did") diff --git a/va/proto/va.pb.go b/va/proto/va.pb.go index d7115d862e7..25e4e2bde34 100644 --- a/va/proto/va.pb.go +++ b/va/proto/va.pb.go @@ -29,7 +29,6 @@ type IsCAAValidRequest struct { Identifier *proto.Identifier `protobuf:"bytes,5,opt,name=identifier,proto3" json:"identifier,omitempty"` ValidationMethod string `protobuf:"bytes,2,opt,name=validationMethod,proto3" json:"validationMethod,omitempty"` AccountURIID int64 `protobuf:"varint,3,opt,name=accountURIID,proto3" json:"accountURIID,omitempty"` - AuthzID string `protobuf:"bytes,4,opt,name=authzID,proto3" json:"authzID,omitempty"` // TODO(#8722): reserve AuthzIDInt int64 `protobuf:"varint,6,opt,name=authzIDInt,proto3" json:"authzIDInt,omitempty"` // TODO(#8722): rename unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache @@ -86,13 +85,6 @@ func (x *IsCAAValidRequest) GetAccountURIID() int64 { return 0 } -func (x *IsCAAValidRequest) GetAuthzID() string { - if x != nil { - return x.AuthzID - } - return "" -} - func (x *IsCAAValidRequest) GetAuthzIDInt() int64 { if x != nil { return x.AuthzIDInt @@ -230,11 +222,9 @@ func (x *PerformValidationRequest) GetExpectedKeyAuthorization() string { } type AuthzMeta struct { - state protoimpl.MessageState `protogen:"open.v1"` - // Next unused field number: 4 - Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"` // TODO(#8722): reserve - RegID int64 `protobuf:"varint,2,opt,name=regID,proto3" json:"regID,omitempty"` - IdInt int64 `protobuf:"varint,3,opt,name=idInt,proto3" json:"idInt,omitempty"` // TODO(#8722): rename + state protoimpl.MessageState `protogen:"open.v1"` + RegID int64 `protobuf:"varint,2,opt,name=regID,proto3" json:"regID,omitempty"` + IdInt int64 `protobuf:"varint,3,opt,name=idInt,proto3" json:"idInt,omitempty"` // TODO(#8722): rename unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -269,13 +259,6 @@ func (*AuthzMeta) Descriptor() ([]byte, []int) { return file_va_proto_rawDescGZIP(), []int{3} } -func (x *AuthzMeta) GetId() string { - if x != nil { - return x.Id - } - return "" -} - func (x *AuthzMeta) GetRegID() int64 { if x != nil { return x.RegID @@ -363,7 +346,7 @@ var File_va_proto protoreflect.FileDescriptor var file_va_proto_rawDesc = string([]byte{ 0x0a, 0x08, 0x76, 0x61, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x02, 0x76, 0x61, 0x1a, 0x15, 0x63, 0x6f, 0x72, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x63, 0x6f, 0x72, 0x65, 0x2e, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xd5, 0x01, 0x0a, 0x11, 0x49, 0x73, 0x43, 0x41, 0x41, 0x56, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xc1, 0x01, 0x0a, 0x11, 0x49, 0x73, 0x43, 0x41, 0x41, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, @@ -372,60 +355,58 @@ var file_va_proto_rawDesc = string([]byte{ 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x76, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x22, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x55, 0x52, 0x49, 0x49, 0x44, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, - 0x0c, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x55, 0x52, 0x49, 0x49, 0x44, 0x12, 0x18, 0x0a, - 0x07, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x49, 0x44, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, - 0x61, 0x75, 0x74, 0x68, 0x7a, 0x49, 0x44, 0x12, 0x1e, 0x0a, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x7a, - 0x49, 0x44, 0x49, 0x6e, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0a, 0x61, 0x75, 0x74, - 0x68, 0x7a, 0x49, 0x44, 0x49, 0x6e, 0x74, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0x78, 0x0a, - 0x12, 0x49, 0x73, 0x43, 0x41, 0x41, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x12, 0x2e, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, - 0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x62, - 0x6c, 0x65, 0x6d, 0x12, 0x20, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, - 0x76, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, - 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x72, 0x69, 0x72, 0x18, 0x04, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x03, 0x72, 0x69, 0x72, 0x22, 0xe2, 0x01, 0x0a, 0x18, 0x50, 0x65, 0x72, 0x66, - 0x6f, 0x72, 0x6d, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x12, 0x30, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, - 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, - 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x0a, 0x69, 0x64, 0x65, 0x6e, - 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x2d, 0x0a, 0x09, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, - 0x6e, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x63, 0x6f, 0x72, 0x65, - 0x2e, 0x43, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x52, 0x09, 0x63, 0x68, 0x61, 0x6c, - 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x05, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0d, 0x2e, 0x76, 0x61, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x4d, - 0x65, 0x74, 0x61, 0x52, 0x05, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x12, 0x3a, 0x0a, 0x18, 0x65, 0x78, - 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x18, 0x65, 0x78, - 0x70, 0x65, 0x63, 0x74, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0x47, 0x0a, 0x09, - 0x41, 0x75, 0x74, 0x68, 0x7a, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x67, - 0x49, 0x44, 0x18, 0x02, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x72, 0x65, 0x67, 0x49, 0x44, 0x12, - 0x14, 0x0a, 0x05, 0x69, 0x64, 0x49, 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, - 0x69, 0x64, 0x49, 0x6e, 0x74, 0x22, 0xa8, 0x01, 0x0a, 0x10, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x30, 0x0a, 0x07, 0x72, 0x65, - 0x63, 0x6f, 0x72, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, 0x63, 0x6f, - 0x72, 0x65, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x63, - 0x6f, 0x72, 0x64, 0x52, 0x07, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73, 0x12, 0x2e, 0x0a, 0x07, - 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x14, 0x2e, - 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65, 0x74, 0x61, - 0x69, 0x6c, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x12, 0x20, 0x0a, 0x0b, - 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x12, 0x10, - 0x0a, 0x03, 0x72, 0x69, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x72, 0x69, 0x72, - 0x32, 0x43, 0x0a, 0x02, 0x56, 0x41, 0x12, 0x3d, 0x0a, 0x05, 0x44, 0x6f, 0x44, 0x43, 0x56, 0x12, - 0x1c, 0x2e, 0x76, 0x61, 0x2e, 0x50, 0x65, 0x72, 0x66, 0x6f, 0x72, 0x6d, 0x56, 0x61, 0x6c, 0x69, - 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x14, 0x2e, - 0x76, 0x61, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, - 0x75, 0x6c, 0x74, 0x22, 0x00, 0x32, 0x3f, 0x0a, 0x03, 0x43, 0x41, 0x41, 0x12, 0x38, 0x0a, 0x05, - 0x44, 0x6f, 0x43, 0x41, 0x41, 0x12, 0x15, 0x2e, 0x76, 0x61, 0x2e, 0x49, 0x73, 0x43, 0x41, 0x41, - 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x76, - 0x61, 0x2e, 0x49, 0x73, 0x43, 0x41, 0x41, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, 0x73, 0x70, - 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, - 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x76, 0x61, 0x2f, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x0c, 0x61, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x55, 0x52, 0x49, 0x49, 0x44, 0x12, 0x1e, 0x0a, + 0x0a, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x49, 0x44, 0x49, 0x6e, 0x74, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x03, 0x52, 0x0a, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x49, 0x44, 0x49, 0x6e, 0x74, 0x4a, 0x04, 0x08, + 0x01, 0x10, 0x02, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x22, 0x78, 0x0a, 0x12, 0x49, 0x73, 0x43, + 0x41, 0x41, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, + 0x2e, 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, + 0x65, 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x12, + 0x20, 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, 0x76, + 0x65, 0x12, 0x10, 0x0a, 0x03, 0x72, 0x69, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, + 0x72, 0x69, 0x72, 0x22, 0xe2, 0x01, 0x0a, 0x18, 0x50, 0x65, 0x72, 0x66, 0x6f, 0x72, 0x6d, 0x56, + 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, + 0x12, 0x30, 0x0a, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x10, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x49, 0x64, 0x65, 0x6e, + 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x52, 0x0a, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, + 0x65, 0x72, 0x12, 0x2d, 0x0a, 0x09, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x68, 0x61, + 0x6c, 0x6c, 0x65, 0x6e, 0x67, 0x65, 0x52, 0x09, 0x63, 0x68, 0x61, 0x6c, 0x6c, 0x65, 0x6e, 0x67, + 0x65, 0x12, 0x23, 0x0a, 0x05, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x0d, 0x2e, 0x76, 0x61, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x4d, 0x65, 0x74, 0x61, 0x52, + 0x05, 0x61, 0x75, 0x74, 0x68, 0x7a, 0x12, 0x3a, 0x0a, 0x18, 0x65, 0x78, 0x70, 0x65, 0x63, 0x74, + 0x65, 0x64, 0x4b, 0x65, 0x79, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x18, 0x65, 0x78, 0x70, 0x65, 0x63, 0x74, + 0x65, 0x64, 0x4b, 0x65, 0x79, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0x3d, 0x0a, 0x09, 0x41, 0x75, 0x74, 0x68, + 0x7a, 0x4d, 0x65, 0x74, 0x61, 0x12, 0x14, 0x0a, 0x05, 0x72, 0x65, 0x67, 0x49, 0x44, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x72, 0x65, 0x67, 0x49, 0x44, 0x12, 0x14, 0x0a, 0x05, 0x69, + 0x64, 0x49, 0x6e, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x69, 0x64, 0x49, 0x6e, + 0x74, 0x4a, 0x04, 0x08, 0x01, 0x10, 0x02, 0x22, 0xa8, 0x01, 0x0a, 0x10, 0x56, 0x61, 0x6c, 0x69, + 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x73, 0x75, 0x6c, 0x74, 0x12, 0x30, 0x0a, 0x07, + 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x16, 0x2e, + 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x63, 0x6f, 0x72, 0x64, 0x52, 0x07, 0x72, 0x65, 0x63, 0x6f, 0x72, 0x64, 0x73, 0x12, 0x2e, + 0x0a, 0x07, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, + 0x14, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x44, 0x65, + 0x74, 0x61, 0x69, 0x6c, 0x73, 0x52, 0x07, 0x70, 0x72, 0x6f, 0x62, 0x6c, 0x65, 0x6d, 0x12, 0x20, + 0x0a, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, 0x18, 0x03, 0x20, + 0x01, 0x28, 0x09, 0x52, 0x0b, 0x70, 0x65, 0x72, 0x73, 0x70, 0x65, 0x63, 0x74, 0x69, 0x76, 0x65, + 0x12, 0x10, 0x0a, 0x03, 0x72, 0x69, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x72, + 0x69, 0x72, 0x32, 0x43, 0x0a, 0x02, 0x56, 0x41, 0x12, 0x3d, 0x0a, 0x05, 0x44, 0x6f, 0x44, 0x43, + 0x56, 0x12, 0x1c, 0x2e, 0x76, 0x61, 0x2e, 0x50, 0x65, 0x72, 0x66, 0x6f, 0x72, 0x6d, 0x56, 0x61, + 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, + 0x14, 0x2e, 0x76, 0x61, 0x2e, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x73, 0x75, 0x6c, 0x74, 0x22, 0x00, 0x32, 0x3f, 0x0a, 0x03, 0x43, 0x41, 0x41, 0x12, 0x38, + 0x0a, 0x05, 0x44, 0x6f, 0x43, 0x41, 0x41, 0x12, 0x15, 0x2e, 0x76, 0x61, 0x2e, 0x49, 0x73, 0x43, + 0x41, 0x41, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, + 0x2e, 0x76, 0x61, 0x2e, 0x49, 0x73, 0x43, 0x41, 0x41, 0x56, 0x61, 0x6c, 0x69, 0x64, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, + 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, + 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x76, 0x61, 0x2f, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, }) var ( diff --git a/va/proto/va.proto b/va/proto/va.proto index 950d0b4a1f0..1148380520b 100644 --- a/va/proto/va.proto +++ b/va/proto/va.proto @@ -15,13 +15,12 @@ service CAA { message IsCAAValidRequest { // Next unused field number: 7 - reserved 1; // Previously domain + reserved 1, 4; // Previously domain, authzID(string) // NOTE: For DNS identifiers, the value may be a wildcard domain name (e.g. // `*.example.com`). core.Identifier identifier = 5; string validationMethod = 2; int64 accountURIID = 3; - string authzID = 4; // TODO(#8722): reserve int64 authzIDInt = 6; // TODO(#8722): rename } @@ -43,7 +42,7 @@ message PerformValidationRequest { message AuthzMeta { // Next unused field number: 4 - string id = 1; // TODO(#8722): reserve + reserved 1; // Previously id(string) int64 regID = 2; int64 idInt = 3; // TODO(#8722): rename } diff --git a/va/va.go b/va/va.go index c986d17b9ce..f2c1a35402e 100644 --- a/va/va.go +++ b/va/va.go @@ -15,7 +15,6 @@ import ( "os" "regexp" "slices" - "strconv" "strings" "syscall" "time" @@ -734,25 +733,10 @@ func (va *ValidationAuthorityImpl) doRemoteOperation(ctx context.Context, op rem // implements the DCV portion of Multi-Perspective Issuance Corroboration as // defined in BRs Sections 3.2.2.9 and 5.4.1. func (va *ValidationAuthorityImpl) DoDCV(ctx context.Context, req *vapb.PerformValidationRequest) (*vapb.ValidationResult, error) { - if core.IsAnyNilOrZero(req.Identifier, req.Challenge, req.Authz, req.Authz.RegID, req.ExpectedKeyAuthorization) { + if core.IsAnyNilOrZero(req.Identifier, req.Challenge, req.Authz, req.Authz.IdInt, req.Authz.RegID, req.ExpectedKeyAuthorization) { return nil, berrors.InternalServerError("Incomplete validation request") } - // TODO(#8722): remove this and return req.Authz.Id to isAnyNilOrZero check - // above when Authz IDs are int64-only - var authzIDInt int64 - if req.Authz.IdInt != 0 { - authzIDInt = req.Authz.IdInt - } else if req.Authz.Id != "" { - parsed, err := strconv.ParseInt(req.Authz.Id, 10, 64) - if err != nil { - return nil, berrors.MalformedError("Unable to parse Authz ID %q as integer: %v", req.Authz.Id, err) - } - authzIDInt = parsed - } else { - return nil, berrors.InternalServerError("incomplete validation request") - } - ident := identifier.FromProto(req.Identifier) chall, err := bgrpc.PBToChallenge(req.Challenge) @@ -768,7 +752,7 @@ func (va *ValidationAuthorityImpl) DoDCV(ctx context.Context, req *vapb.PerformV // Set the log attributes that we want to appear on all subsequent log lines ctx = blog.ContextWith(ctx, blog.Acct(req.Authz.RegID), - blog.Authz(authzIDInt), + blog.Authz(req.Authz.IdInt), blog.Idents(ident), slog.String("method", string(chall.Type)), slog.String("token", chall.Token), diff --git a/va/va_test.go b/va/va_test.go index eb4d425077c..f0152eaac9b 100644 --- a/va/va_test.go +++ b/va/va_test.go @@ -339,43 +339,6 @@ func TestNewValidationAuthorityImplWithDuplicateRemotes(t *testing.T) { test.AssertContains(t, err.Error(), "duplicate remote VA perspective \"dadaist\"") } -// TODO(#8722): Remove this whole function when Authz IDs are int-only -func TestPerformValidationWithAuthzIDMatrix(t *testing.T) { - t.Parallel() - - va, _ := setup(nil, "", nil, &txtFakeDNS{}) - - // create a challenge with well known token - req := createValidationRequest(identifier.NewDNS("good-dns01.com"), core.ChallengeTypeDNS01) - // manipulate Authz ID for this validation attempt - req.Authz.Id = "" - req.Authz.IdInt = 0 - _, err := va.DoDCV(context.Background(), req) - test.AssertError(t, err, "expected error upon validation request with empty authz ID fields") - - // repeat - req = createValidationRequest(identifier.NewDNS("good-dns01.com"), core.ChallengeTypeDNS01) - req.Authz.Id = "1" - req.Authz.IdInt = 0 - res, err := va.DoDCV(context.Background(), req) - test.AssertNotError(t, err, "domain validation request failed") - test.Assert(t, res.Problem == nil, fmt.Sprintf("validation failed: %#v", res.Problem)) - - req = createValidationRequest(identifier.NewDNS("good-dns01.com"), core.ChallengeTypeDNS01) - req.Authz.Id = "" - req.Authz.IdInt = 1 - res, err = va.DoDCV(context.Background(), req) - test.AssertNotError(t, err, "domain validation request failed") - test.Assert(t, res.Problem == nil, fmt.Sprintf("validation failed: %#v", res.Problem)) - - req = createValidationRequest(identifier.NewDNS("good-dns01.com"), core.ChallengeTypeDNS01) - req.Authz.Id = "1" - req.Authz.IdInt = 1 - res, err = va.DoDCV(context.Background(), req) - test.AssertNotError(t, err, "domain validation request failed") - test.Assert(t, res.Problem == nil, fmt.Sprintf("validation failed: %#v", res.Problem)) -} - func TestPerformValidationWithMismatchedRemoteVAPerspectives(t *testing.T) { t.Parallel() diff --git a/wfe2/wfe.go b/wfe2/wfe.go index 0792763af88..74206b47a14 100644 --- a/wfe2/wfe.go +++ b/wfe2/wfe.go @@ -1195,7 +1195,7 @@ func (wfe *WebFrontEndImpl) Challenge( } // Ensure gRPC response is complete. - if core.IsAnyNilOrZero(authzPB.Id, authzPB.Identifier, authzPB.Status, authzPB.Expires) { + if core.IsAnyNilOrZero(authzPB.IdInt, authzPB.Identifier, authzPB.Status, authzPB.Expires) { wfe.sendError(response, logEvent, probs.ServerInternal("Problem getting authorization"), errIncompleteGRPCResponse) return } @@ -1394,7 +1394,7 @@ func (wfe *WebFrontEndImpl) postChallenge( Authz: authzPB, ChallengeIndex: int64(challengeIndex), }) - if err != nil || core.IsAnyNilOrZero(authzPB.Id, authzPB.Identifier, authzPB.Status, authzPB.Expires) { + if err != nil || core.IsAnyNilOrZero(authzPB.IdInt, authzPB.Identifier, authzPB.Status, authzPB.Expires) { wfe.sendError(response, logEvent, web.ProblemDetailsForError(err, "Unable to update challenge"), err) return } @@ -1615,7 +1615,7 @@ func (wfe *WebFrontEndImpl) Authorization( ident := identifier.FromProto(authzPB.Identifier) // Ensure gRPC response is complete. - if core.IsAnyNilOrZero(authzPB.Id, ident, authzPB.Status, authzPB.Expires) { + if core.IsAnyNilOrZero(authzPB.IdInt, ident, authzPB.Status, authzPB.Expires) { wfe.sendError(response, logEvent, probs.ServerInternal("Problem getting authorization"), errIncompleteGRPCResponse) return } diff --git a/wfe2/wfe_test.go b/wfe2/wfe_test.go index 38501994122..bd2033fbddd 100644 --- a/wfe2/wfe_test.go +++ b/wfe2/wfe_test.go @@ -230,7 +230,7 @@ func (ra *MockRegistrationAuthority) GetAuthorization(_ context.Context, in *rap switch in.Id { case 1: // Return a valid authorization with a single valid challenge. return &corepb.Authorization{ - Id: "1", + IdInt: 1, RegistrationID: 1, Identifier: identifier.NewDNS("not-an-example.com").ToProto(), Status: string(core.StatusValid), @@ -241,7 +241,7 @@ func (ra *MockRegistrationAuthority) GetAuthorization(_ context.Context, in *rap }, nil case 2: // Return a pending authorization with three pending challenges. return &corepb.Authorization{ - Id: "2", + IdInt: 2, RegistrationID: 1, Identifier: identifier.NewDNS("not-an-example.com").ToProto(), Status: string(core.StatusPending), @@ -254,7 +254,7 @@ func (ra *MockRegistrationAuthority) GetAuthorization(_ context.Context, in *rap }, nil case 3: // Return an expired authorization with three pending (but expired) challenges. return &corepb.Authorization{ - Id: "3", + IdInt: 3, RegistrationID: 1, Identifier: identifier.NewDNS("not-an-example.com").ToProto(), Status: string(core.StatusPending), @@ -269,7 +269,7 @@ func (ra *MockRegistrationAuthority) GetAuthorization(_ context.Context, in *rap return nil, fmt.Errorf("unspecified error") case 5: // Return a pending authorization as above, but associated with RegID 2. return &corepb.Authorization{ - Id: "5", + IdInt: 5, RegistrationID: 2, Identifier: identifier.NewDNS("not-an-example.com").ToProto(), Status: string(core.StatusPending), @@ -1871,7 +1871,7 @@ type RAWithFailedChallenge struct { func (ra *RAWithFailedChallenge) GetAuthorization(ctx context.Context, id *rapb.GetAuthorizationRequest, _ ...grpc.CallOption) (*corepb.Authorization, error) { return &corepb.Authorization{ - Id: "6", + IdInt: 6, RegistrationID: 1, Identifier: identifier.NewDNS("not-an-example.com").ToProto(), Status: string(core.StatusInvalid),