diff --git a/mocks/mocks.go b/mocks/mocks.go index 012a01ab4..9b894e9e2 100644 --- a/mocks/mocks.go +++ b/mocks/mocks.go @@ -16,6 +16,7 @@ import ( "github.com/jmhodges/clock" "google.golang.org/grpc" "google.golang.org/protobuf/types/known/emptypb" + "google.golang.org/protobuf/types/known/timestamppb" jose "gopkg.in/square/go-jose.v2" "github.com/letsencrypt/boulder/core" @@ -256,6 +257,11 @@ func (sa *StorageAuthority) GetRevokedCerts(ctx context.Context, _ *sapb.GetRevo return nil, nil } +// GetMaxExpiration is a mock +func (sa *StorageAuthority) GetMaxExpiration(_ context.Context, req *emptypb.Empty, _ ...grpc.CallOption) (*timestamppb.Timestamp, error) { + return nil, nil +} + // AddPrecertificate is a mock func (sa *StorageAuthority) AddPrecertificate(ctx context.Context, req *sapb.AddCertificateRequest, _ ...grpc.CallOption) (empty *emptypb.Empty, err error) { return diff --git a/sa/proto/sa.pb.go b/sa/proto/sa.pb.go index 044d5e07c..7fbd73103 100644 --- a/sa/proto/sa.pb.go +++ b/sa/proto/sa.pb.go @@ -3068,7 +3068,7 @@ var file_sa_proto_rawDesc = []byte{ 0x0a, 0x0b, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, - 0x0b, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x32, 0x95, 0x18, 0x0a, + 0x0b, 0x72, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x44, 0x61, 0x74, 0x65, 0x32, 0xdf, 0x18, 0x0a, 0x10, 0x53, 0x74, 0x6f, 0x72, 0x61, 0x67, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x3b, 0x0a, 0x0f, 0x47, 0x65, 0x74, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x2e, 0x73, 0x61, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, @@ -3177,95 +3177,100 @@ var file_sa_proto_rawDesc = []byte{ 0x1a, 0x2e, 0x73, 0x61, 0x2e, 0x47, 0x65, 0x74, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0e, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x43, 0x52, 0x4c, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x22, 0x00, 0x30, 0x01, 0x12, - 0x31, 0x0a, 0x12, 0x49, 0x6e, 0x63, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x73, 0x46, 0x6f, 0x72, 0x53, - 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x0a, 0x2e, 0x73, 0x61, 0x2e, 0x53, 0x65, 0x72, 0x69, 0x61, - 0x6c, 0x1a, 0x0d, 0x2e, 0x73, 0x61, 0x2e, 0x49, 0x6e, 0x63, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x73, - 0x22, 0x00, 0x12, 0x3b, 0x0a, 0x0f, 0x4e, 0x65, 0x77, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, - 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0x12, 0x2e, 0x63, 0x6f, 0x72, 0x65, - 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x00, 0x12, - 0x42, 0x0a, 0x12, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, - 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, - 0x79, 0x22, 0x00, 0x12, 0x49, 0x0a, 0x0e, 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, - 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x19, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x43, 0x65, - 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x1a, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, - 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x48, - 0x0a, 0x11, 0x41, 0x64, 0x64, 0x50, 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, - 0x61, 0x74, 0x65, 0x12, 0x19, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, - 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x3b, 0x0a, 0x09, 0x41, 0x64, 0x64, 0x53, - 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x14, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x53, 0x65, - 0x72, 0x69, 0x61, 0x6c, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, - 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, - 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x46, 0x0a, 0x16, 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, + 0x48, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x4d, 0x61, 0x78, 0x45, 0x78, 0x70, 0x69, 0x72, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x1a, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, + 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x00, 0x12, 0x31, 0x0a, 0x12, 0x49, 0x6e, 0x63, + 0x69, 0x64, 0x65, 0x6e, 0x74, 0x73, 0x46, 0x6f, 0x72, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, + 0x0a, 0x2e, 0x73, 0x61, 0x2e, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x1a, 0x0d, 0x2e, 0x73, 0x61, + 0x2e, 0x49, 0x6e, 0x63, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x00, 0x12, 0x3b, 0x0a, 0x0f, + 0x4e, 0x65, 0x77, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x12, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x1a, 0x12, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, + 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x00, 0x12, 0x42, 0x0a, 0x12, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, - 0x12, 0x2e, 0x73, 0x61, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x49, 0x44, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x2e, 0x0a, - 0x08, 0x4e, 0x65, 0x77, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x12, 0x13, 0x2e, 0x73, 0x61, 0x2e, 0x4e, - 0x65, 0x77, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0b, - 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x22, 0x00, 0x12, 0x40, 0x0a, - 0x11, 0x4e, 0x65, 0x77, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x41, 0x6e, 0x64, 0x41, 0x75, 0x74, 0x68, - 0x7a, 0x73, 0x12, 0x1c, 0x2e, 0x73, 0x61, 0x2e, 0x4e, 0x65, 0x77, 0x4f, 0x72, 0x64, 0x65, 0x72, - 0x41, 0x6e, 0x64, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, - 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x22, 0x00, 0x12, - 0x40, 0x0a, 0x12, 0x53, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x63, 0x65, - 0x73, 0x73, 0x69, 0x6e, 0x67, 0x12, 0x10, 0x2e, 0x73, 0x61, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, - 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, - 0x00, 0x12, 0x43, 0x0a, 0x0d, 0x53, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x45, 0x72, 0x72, - 0x6f, 0x72, 0x12, 0x18, 0x2e, 0x73, 0x61, 0x2e, 0x53, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, - 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, - 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, - 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x43, 0x0a, 0x0d, 0x46, 0x69, 0x6e, 0x61, 0x6c, 0x69, - 0x7a, 0x65, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x12, 0x18, 0x2e, 0x73, 0x61, 0x2e, 0x46, 0x69, 0x6e, - 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x2b, 0x0a, 0x08, 0x47, - 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x12, 0x10, 0x2e, 0x73, 0x61, 0x2e, 0x4f, 0x72, 0x64, - 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, 0x65, - 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x22, 0x00, 0x12, 0x3e, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x4f, - 0x72, 0x64, 0x65, 0x72, 0x46, 0x6f, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x1b, 0x2e, 0x73, - 0x61, 0x2e, 0x47, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x46, 0x6f, 0x72, 0x4e, 0x61, 0x6d, - 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, 0x65, - 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x22, 0x00, 0x12, 0x4b, 0x0a, 0x11, 0x52, 0x65, 0x76, 0x6f, - 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1c, 0x2e, - 0x73, 0x61, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, - 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, - 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, - 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x52, - 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, - 0x65, 0x12, 0x1c, 0x2e, 0x73, 0x61, 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, - 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, - 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, - 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x12, 0x4e, 0x65, 0x77, - 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x32, 0x12, - 0x23, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x50, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x41, - 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, - 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0x49, 0x44, 0x73, 0x22, 0x00, 0x12, 0x54, 0x0a, - 0x16, 0x46, 0x69, 0x6e, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, - 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0x12, 0x20, 0x2e, 0x73, 0x61, 0x2e, 0x46, 0x69, 0x6e, - 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, - 0x79, 0x22, 0x00, 0x12, 0x4a, 0x0a, 0x18, 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, - 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0x12, - 0x14, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x49, 0x44, 0x32, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, + 0x12, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x49, 0x0a, + 0x0e, 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, + 0x19, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, + 0x61, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x73, 0x61, 0x2e, + 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, + 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x48, 0x0a, 0x11, 0x41, 0x64, 0x64, 0x50, + 0x72, 0x65, 0x63, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x19, 0x2e, + 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, + 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, + 0x22, 0x00, 0x12, 0x3b, 0x0a, 0x09, 0x41, 0x64, 0x64, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, + 0x14, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, - 0x43, 0x0a, 0x0d, 0x41, 0x64, 0x64, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x4b, 0x65, 0x79, - 0x12, 0x18, 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x64, 0x64, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, - 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, - 0x74, 0x79, 0x22, 0x00, 0x42, 0x29, 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, - 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, - 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, 0x2f, 0x73, 0x61, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x46, 0x0a, 0x16, 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x52, 0x65, 0x67, + 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x12, 0x2e, 0x73, 0x61, 0x2e, 0x52, + 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x1a, 0x16, 0x2e, + 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, + 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x2e, 0x0a, 0x08, 0x4e, 0x65, 0x77, 0x4f, 0x72, + 0x64, 0x65, 0x72, 0x12, 0x13, 0x2e, 0x73, 0x61, 0x2e, 0x4e, 0x65, 0x77, 0x4f, 0x72, 0x64, 0x65, + 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, + 0x4f, 0x72, 0x64, 0x65, 0x72, 0x22, 0x00, 0x12, 0x40, 0x0a, 0x11, 0x4e, 0x65, 0x77, 0x4f, 0x72, + 0x64, 0x65, 0x72, 0x41, 0x6e, 0x64, 0x41, 0x75, 0x74, 0x68, 0x7a, 0x73, 0x12, 0x1c, 0x2e, 0x73, + 0x61, 0x2e, 0x4e, 0x65, 0x77, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x41, 0x6e, 0x64, 0x41, 0x75, 0x74, + 0x68, 0x7a, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, + 0x65, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x22, 0x00, 0x12, 0x40, 0x0a, 0x12, 0x53, 0x65, 0x74, + 0x4f, 0x72, 0x64, 0x65, 0x72, 0x50, 0x72, 0x6f, 0x63, 0x65, 0x73, 0x73, 0x69, 0x6e, 0x67, 0x12, + 0x10, 0x2e, 0x73, 0x61, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, + 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x43, 0x0a, 0x0d, 0x53, + 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x12, 0x18, 0x2e, 0x73, + 0x61, 0x2e, 0x53, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, + 0x12, 0x43, 0x0a, 0x0d, 0x46, 0x69, 0x6e, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x4f, 0x72, 0x64, 0x65, + 0x72, 0x12, 0x18, 0x2e, 0x73, 0x61, 0x2e, 0x46, 0x69, 0x6e, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x4f, + 0x72, 0x64, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, + 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x2b, 0x0a, 0x08, 0x47, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, + 0x72, 0x12, 0x10, 0x2e, 0x73, 0x61, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, + 0x22, 0x00, 0x12, 0x3e, 0x0a, 0x10, 0x47, 0x65, 0x74, 0x4f, 0x72, 0x64, 0x65, 0x72, 0x46, 0x6f, + 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x12, 0x1b, 0x2e, 0x73, 0x61, 0x2e, 0x47, 0x65, 0x74, 0x4f, + 0x72, 0x64, 0x65, 0x72, 0x46, 0x6f, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x0b, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x2e, 0x4f, 0x72, 0x64, 0x65, 0x72, + 0x22, 0x00, 0x12, 0x4b, 0x0a, 0x11, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, + 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1c, 0x2e, 0x73, 0x61, 0x2e, 0x52, 0x65, 0x76, + 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x52, 0x65, + 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, + 0x52, 0x0a, 0x18, 0x55, 0x70, 0x64, 0x61, 0x74, 0x65, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x64, + 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x12, 0x1c, 0x2e, 0x73, 0x61, + 0x2e, 0x52, 0x65, 0x76, 0x6f, 0x6b, 0x65, 0x43, 0x65, 0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, + 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, + 0x79, 0x22, 0x00, 0x12, 0x52, 0x0a, 0x12, 0x4e, 0x65, 0x77, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, + 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x32, 0x12, 0x23, 0x2e, 0x73, 0x61, 0x2e, 0x41, + 0x64, 0x64, 0x50, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, + 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x15, + 0x2e, 0x73, 0x61, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, + 0x6e, 0x32, 0x49, 0x44, 0x73, 0x22, 0x00, 0x12, 0x54, 0x0a, 0x16, 0x46, 0x69, 0x6e, 0x61, 0x6c, + 0x69, 0x7a, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, + 0x32, 0x12, 0x20, 0x2e, 0x73, 0x61, 0x2e, 0x46, 0x69, 0x6e, 0x61, 0x6c, 0x69, 0x7a, 0x65, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x71, 0x75, + 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x4a, 0x0a, + 0x18, 0x44, 0x65, 0x61, 0x63, 0x74, 0x69, 0x76, 0x61, 0x74, 0x65, 0x41, 0x75, 0x74, 0x68, 0x6f, + 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x32, 0x12, 0x14, 0x2e, 0x73, 0x61, 0x2e, 0x41, + 0x75, 0x74, 0x68, 0x6f, 0x72, 0x69, 0x7a, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x49, 0x44, 0x32, 0x1a, + 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x12, 0x43, 0x0a, 0x0d, 0x41, 0x64, 0x64, + 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x12, 0x18, 0x2e, 0x73, 0x61, 0x2e, + 0x41, 0x64, 0x64, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x4b, 0x65, 0x79, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x00, 0x42, 0x29, + 0x5a, 0x27, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x6c, 0x65, 0x74, + 0x73, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x2f, 0x62, 0x6f, 0x75, 0x6c, 0x64, 0x65, 0x72, + 0x2f, 0x73, 0x61, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x33, } var ( @@ -3335,11 +3340,11 @@ var file_sa_proto_goTypes = []interface{}{ (*proto.ProblemDetails)(nil), // 50: core.ProblemDetails (*proto.ValidationRecord)(nil), // 51: core.ValidationRecord (*timestamppb.Timestamp)(nil), // 52: google.protobuf.Timestamp - (*proto.Registration)(nil), // 53: core.Registration - (*proto.Certificate)(nil), // 54: core.Certificate - (*proto.CertificateStatus)(nil), // 55: core.CertificateStatus - (*proto.CRLEntry)(nil), // 56: core.CRLEntry - (*emptypb.Empty)(nil), // 57: google.protobuf.Empty + (*emptypb.Empty)(nil), // 53: google.protobuf.Empty + (*proto.Registration)(nil), // 54: core.Registration + (*proto.Certificate)(nil), // 55: core.Certificate + (*proto.CertificateStatus)(nil), // 56: core.CertificateStatus + (*proto.CRLEntry)(nil), // 57: core.CRLEntry (*proto.Order)(nil), // 58: core.Order } var file_sa_proto_depIdxs = []int32{ @@ -3385,73 +3390,75 @@ var file_sa_proto_depIdxs = []int32{ 39, // 39: sa.StorageAuthority.KeyBlocked:input_type -> sa.KeyBlockedRequest 42, // 40: sa.StorageAuthority.SerialsForIncident:input_type -> sa.SerialsForIncidentRequest 44, // 41: sa.StorageAuthority.GetRevokedCerts:input_type -> sa.GetRevokedCertsRequest - 6, // 42: sa.StorageAuthority.IncidentsForSerial:input_type -> sa.Serial - 53, // 43: sa.StorageAuthority.NewRegistration:input_type -> core.Registration - 53, // 44: sa.StorageAuthority.UpdateRegistration:input_type -> core.Registration - 21, // 45: sa.StorageAuthority.AddCertificate:input_type -> sa.AddCertificateRequest - 21, // 46: sa.StorageAuthority.AddPrecertificate:input_type -> sa.AddCertificateRequest - 20, // 47: sa.StorageAuthority.AddSerial:input_type -> sa.AddSerialRequest - 0, // 48: sa.StorageAuthority.DeactivateRegistration:input_type -> sa.RegistrationID - 24, // 49: sa.StorageAuthority.NewOrder:input_type -> sa.NewOrderRequest - 25, // 50: sa.StorageAuthority.NewOrderAndAuthzs:input_type -> sa.NewOrderAndAuthzsRequest - 23, // 51: sa.StorageAuthority.SetOrderProcessing:input_type -> sa.OrderRequest - 26, // 52: sa.StorageAuthority.SetOrderError:input_type -> sa.SetOrderErrorRequest - 29, // 53: sa.StorageAuthority.FinalizeOrder:input_type -> sa.FinalizeOrderRequest - 23, // 54: sa.StorageAuthority.GetOrder:input_type -> sa.OrderRequest - 28, // 55: sa.StorageAuthority.GetOrderForNames:input_type -> sa.GetOrderForNamesRequest - 36, // 56: sa.StorageAuthority.RevokeCertificate:input_type -> sa.RevokeCertificateRequest - 36, // 57: sa.StorageAuthority.UpdateRevokedCertificate:input_type -> sa.RevokeCertificateRequest - 32, // 58: sa.StorageAuthority.NewAuthorizations2:input_type -> sa.AddPendingAuthorizationsRequest - 37, // 59: sa.StorageAuthority.FinalizeAuthorization2:input_type -> sa.FinalizeAuthorizationRequest - 34, // 60: sa.StorageAuthority.DeactivateAuthorization2:input_type -> sa.AuthorizationID2 - 38, // 61: sa.StorageAuthority.AddBlockedKey:input_type -> sa.AddBlockedKeyRequest - 53, // 62: sa.StorageAuthority.GetRegistration:output_type -> core.Registration - 53, // 63: sa.StorageAuthority.GetRegistrationByKey:output_type -> core.Registration - 7, // 64: sa.StorageAuthority.GetSerialMetadata:output_type -> sa.SerialMetadata - 54, // 65: sa.StorageAuthority.GetCertificate:output_type -> core.Certificate - 54, // 66: sa.StorageAuthority.GetPrecertificate:output_type -> core.Certificate - 55, // 67: sa.StorageAuthority.GetCertificateStatus:output_type -> core.CertificateStatus - 45, // 68: sa.StorageAuthority.GetRevocationStatus:output_type -> sa.RevocationStatus - 12, // 69: sa.StorageAuthority.CountCertificatesByNames:output_type -> sa.CountByNames - 9, // 70: sa.StorageAuthority.CountRegistrationsByIP:output_type -> sa.Count - 9, // 71: sa.StorageAuthority.CountRegistrationsByIPRange:output_type -> sa.Count - 9, // 72: sa.StorageAuthority.CountOrders:output_type -> sa.Count - 9, // 73: sa.StorageAuthority.CountFQDNSets:output_type -> sa.Count - 10, // 74: sa.StorageAuthority.FQDNSetTimestampsForWindow:output_type -> sa.Timestamps - 19, // 75: sa.StorageAuthority.FQDNSetExists:output_type -> sa.Exists - 19, // 76: sa.StorageAuthority.PreviousCertificateExists:output_type -> sa.Exists - 49, // 77: sa.StorageAuthority.GetAuthorization2:output_type -> core.Authorization - 31, // 78: sa.StorageAuthority.GetAuthorizations2:output_type -> sa.Authorizations - 49, // 79: sa.StorageAuthority.GetPendingAuthorization2:output_type -> core.Authorization - 9, // 80: sa.StorageAuthority.CountPendingAuthorizations2:output_type -> sa.Count - 31, // 81: sa.StorageAuthority.GetValidOrderAuthorizations2:output_type -> sa.Authorizations - 9, // 82: sa.StorageAuthority.CountInvalidAuthorizations2:output_type -> sa.Count - 31, // 83: sa.StorageAuthority.GetValidAuthorizations2:output_type -> sa.Authorizations - 19, // 84: sa.StorageAuthority.KeyBlocked:output_type -> sa.Exists - 43, // 85: sa.StorageAuthority.SerialsForIncident:output_type -> sa.IncidentSerial - 56, // 86: sa.StorageAuthority.GetRevokedCerts:output_type -> core.CRLEntry - 41, // 87: sa.StorageAuthority.IncidentsForSerial:output_type -> sa.Incidents - 53, // 88: sa.StorageAuthority.NewRegistration:output_type -> core.Registration - 57, // 89: sa.StorageAuthority.UpdateRegistration:output_type -> google.protobuf.Empty - 22, // 90: sa.StorageAuthority.AddCertificate:output_type -> sa.AddCertificateResponse - 57, // 91: sa.StorageAuthority.AddPrecertificate:output_type -> google.protobuf.Empty - 57, // 92: sa.StorageAuthority.AddSerial:output_type -> google.protobuf.Empty - 57, // 93: sa.StorageAuthority.DeactivateRegistration:output_type -> google.protobuf.Empty - 58, // 94: sa.StorageAuthority.NewOrder:output_type -> core.Order - 58, // 95: sa.StorageAuthority.NewOrderAndAuthzs:output_type -> core.Order - 57, // 96: sa.StorageAuthority.SetOrderProcessing:output_type -> google.protobuf.Empty - 57, // 97: sa.StorageAuthority.SetOrderError:output_type -> google.protobuf.Empty - 57, // 98: sa.StorageAuthority.FinalizeOrder:output_type -> google.protobuf.Empty - 58, // 99: sa.StorageAuthority.GetOrder:output_type -> core.Order - 58, // 100: sa.StorageAuthority.GetOrderForNames:output_type -> core.Order - 57, // 101: sa.StorageAuthority.RevokeCertificate:output_type -> google.protobuf.Empty - 57, // 102: sa.StorageAuthority.UpdateRevokedCertificate:output_type -> google.protobuf.Empty - 35, // 103: sa.StorageAuthority.NewAuthorizations2:output_type -> sa.Authorization2IDs - 57, // 104: sa.StorageAuthority.FinalizeAuthorization2:output_type -> google.protobuf.Empty - 57, // 105: sa.StorageAuthority.DeactivateAuthorization2:output_type -> google.protobuf.Empty - 57, // 106: sa.StorageAuthority.AddBlockedKey:output_type -> google.protobuf.Empty - 62, // [62:107] is the sub-list for method output_type - 17, // [17:62] is the sub-list for method input_type + 53, // 42: sa.StorageAuthority.GetMaxExpiration:input_type -> google.protobuf.Empty + 6, // 43: sa.StorageAuthority.IncidentsForSerial:input_type -> sa.Serial + 54, // 44: sa.StorageAuthority.NewRegistration:input_type -> core.Registration + 54, // 45: sa.StorageAuthority.UpdateRegistration:input_type -> core.Registration + 21, // 46: sa.StorageAuthority.AddCertificate:input_type -> sa.AddCertificateRequest + 21, // 47: sa.StorageAuthority.AddPrecertificate:input_type -> sa.AddCertificateRequest + 20, // 48: sa.StorageAuthority.AddSerial:input_type -> sa.AddSerialRequest + 0, // 49: sa.StorageAuthority.DeactivateRegistration:input_type -> sa.RegistrationID + 24, // 50: sa.StorageAuthority.NewOrder:input_type -> sa.NewOrderRequest + 25, // 51: sa.StorageAuthority.NewOrderAndAuthzs:input_type -> sa.NewOrderAndAuthzsRequest + 23, // 52: sa.StorageAuthority.SetOrderProcessing:input_type -> sa.OrderRequest + 26, // 53: sa.StorageAuthority.SetOrderError:input_type -> sa.SetOrderErrorRequest + 29, // 54: sa.StorageAuthority.FinalizeOrder:input_type -> sa.FinalizeOrderRequest + 23, // 55: sa.StorageAuthority.GetOrder:input_type -> sa.OrderRequest + 28, // 56: sa.StorageAuthority.GetOrderForNames:input_type -> sa.GetOrderForNamesRequest + 36, // 57: sa.StorageAuthority.RevokeCertificate:input_type -> sa.RevokeCertificateRequest + 36, // 58: sa.StorageAuthority.UpdateRevokedCertificate:input_type -> sa.RevokeCertificateRequest + 32, // 59: sa.StorageAuthority.NewAuthorizations2:input_type -> sa.AddPendingAuthorizationsRequest + 37, // 60: sa.StorageAuthority.FinalizeAuthorization2:input_type -> sa.FinalizeAuthorizationRequest + 34, // 61: sa.StorageAuthority.DeactivateAuthorization2:input_type -> sa.AuthorizationID2 + 38, // 62: sa.StorageAuthority.AddBlockedKey:input_type -> sa.AddBlockedKeyRequest + 54, // 63: sa.StorageAuthority.GetRegistration:output_type -> core.Registration + 54, // 64: sa.StorageAuthority.GetRegistrationByKey:output_type -> core.Registration + 7, // 65: sa.StorageAuthority.GetSerialMetadata:output_type -> sa.SerialMetadata + 55, // 66: sa.StorageAuthority.GetCertificate:output_type -> core.Certificate + 55, // 67: sa.StorageAuthority.GetPrecertificate:output_type -> core.Certificate + 56, // 68: sa.StorageAuthority.GetCertificateStatus:output_type -> core.CertificateStatus + 45, // 69: sa.StorageAuthority.GetRevocationStatus:output_type -> sa.RevocationStatus + 12, // 70: sa.StorageAuthority.CountCertificatesByNames:output_type -> sa.CountByNames + 9, // 71: sa.StorageAuthority.CountRegistrationsByIP:output_type -> sa.Count + 9, // 72: sa.StorageAuthority.CountRegistrationsByIPRange:output_type -> sa.Count + 9, // 73: sa.StorageAuthority.CountOrders:output_type -> sa.Count + 9, // 74: sa.StorageAuthority.CountFQDNSets:output_type -> sa.Count + 10, // 75: sa.StorageAuthority.FQDNSetTimestampsForWindow:output_type -> sa.Timestamps + 19, // 76: sa.StorageAuthority.FQDNSetExists:output_type -> sa.Exists + 19, // 77: sa.StorageAuthority.PreviousCertificateExists:output_type -> sa.Exists + 49, // 78: sa.StorageAuthority.GetAuthorization2:output_type -> core.Authorization + 31, // 79: sa.StorageAuthority.GetAuthorizations2:output_type -> sa.Authorizations + 49, // 80: sa.StorageAuthority.GetPendingAuthorization2:output_type -> core.Authorization + 9, // 81: sa.StorageAuthority.CountPendingAuthorizations2:output_type -> sa.Count + 31, // 82: sa.StorageAuthority.GetValidOrderAuthorizations2:output_type -> sa.Authorizations + 9, // 83: sa.StorageAuthority.CountInvalidAuthorizations2:output_type -> sa.Count + 31, // 84: sa.StorageAuthority.GetValidAuthorizations2:output_type -> sa.Authorizations + 19, // 85: sa.StorageAuthority.KeyBlocked:output_type -> sa.Exists + 43, // 86: sa.StorageAuthority.SerialsForIncident:output_type -> sa.IncidentSerial + 57, // 87: sa.StorageAuthority.GetRevokedCerts:output_type -> core.CRLEntry + 52, // 88: sa.StorageAuthority.GetMaxExpiration:output_type -> google.protobuf.Timestamp + 41, // 89: sa.StorageAuthority.IncidentsForSerial:output_type -> sa.Incidents + 54, // 90: sa.StorageAuthority.NewRegistration:output_type -> core.Registration + 53, // 91: sa.StorageAuthority.UpdateRegistration:output_type -> google.protobuf.Empty + 22, // 92: sa.StorageAuthority.AddCertificate:output_type -> sa.AddCertificateResponse + 53, // 93: sa.StorageAuthority.AddPrecertificate:output_type -> google.protobuf.Empty + 53, // 94: sa.StorageAuthority.AddSerial:output_type -> google.protobuf.Empty + 53, // 95: sa.StorageAuthority.DeactivateRegistration:output_type -> google.protobuf.Empty + 58, // 96: sa.StorageAuthority.NewOrder:output_type -> core.Order + 58, // 97: sa.StorageAuthority.NewOrderAndAuthzs:output_type -> core.Order + 53, // 98: sa.StorageAuthority.SetOrderProcessing:output_type -> google.protobuf.Empty + 53, // 99: sa.StorageAuthority.SetOrderError:output_type -> google.protobuf.Empty + 53, // 100: sa.StorageAuthority.FinalizeOrder:output_type -> google.protobuf.Empty + 58, // 101: sa.StorageAuthority.GetOrder:output_type -> core.Order + 58, // 102: sa.StorageAuthority.GetOrderForNames:output_type -> core.Order + 53, // 103: sa.StorageAuthority.RevokeCertificate:output_type -> google.protobuf.Empty + 53, // 104: sa.StorageAuthority.UpdateRevokedCertificate:output_type -> google.protobuf.Empty + 35, // 105: sa.StorageAuthority.NewAuthorizations2:output_type -> sa.Authorization2IDs + 53, // 106: sa.StorageAuthority.FinalizeAuthorization2:output_type -> google.protobuf.Empty + 53, // 107: sa.StorageAuthority.DeactivateAuthorization2:output_type -> google.protobuf.Empty + 53, // 108: sa.StorageAuthority.AddBlockedKey:output_type -> google.protobuf.Empty + 63, // [63:109] is the sub-list for method output_type + 17, // [17:63] is the sub-list for method input_type 17, // [17:17] is the sub-list for extension type_name 17, // [17:17] is the sub-list for extension extendee 0, // [0:17] is the sub-list for field type_name diff --git a/sa/proto/sa.proto b/sa/proto/sa.proto index d6b510df5..dcdfb1a91 100644 --- a/sa/proto/sa.proto +++ b/sa/proto/sa.proto @@ -36,6 +36,7 @@ service StorageAuthority { rpc KeyBlocked(KeyBlockedRequest) returns (Exists) {} rpc SerialsForIncident (SerialsForIncidentRequest) returns (stream IncidentSerial) {} rpc GetRevokedCerts(GetRevokedCertsRequest) returns (stream core.CRLEntry) {} + rpc GetMaxExpiration(google.protobuf.Empty) returns (google.protobuf.Timestamp) {} rpc IncidentsForSerial(Serial) returns (Incidents) {} // Adders rpc NewRegistration(core.Registration) returns (core.Registration) {} diff --git a/sa/proto/sa_grpc.pb.go b/sa/proto/sa_grpc.pb.go index ad28ec471..b53749eb8 100644 --- a/sa/proto/sa_grpc.pb.go +++ b/sa/proto/sa_grpc.pb.go @@ -13,6 +13,7 @@ import ( codes "google.golang.org/grpc/codes" status "google.golang.org/grpc/status" emptypb "google.golang.org/protobuf/types/known/emptypb" + timestamppb "google.golang.org/protobuf/types/known/timestamppb" ) // This is a compile-time assertion to ensure that this generated file @@ -52,6 +53,7 @@ type StorageAuthorityClient interface { KeyBlocked(ctx context.Context, in *KeyBlockedRequest, opts ...grpc.CallOption) (*Exists, error) SerialsForIncident(ctx context.Context, in *SerialsForIncidentRequest, opts ...grpc.CallOption) (StorageAuthority_SerialsForIncidentClient, error) GetRevokedCerts(ctx context.Context, in *GetRevokedCertsRequest, opts ...grpc.CallOption) (StorageAuthority_GetRevokedCertsClient, error) + GetMaxExpiration(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*timestamppb.Timestamp, error) IncidentsForSerial(ctx context.Context, in *Serial, opts ...grpc.CallOption) (*Incidents, error) // Adders NewRegistration(ctx context.Context, in *proto.Registration, opts ...grpc.CallOption) (*proto.Registration, error) @@ -354,6 +356,15 @@ func (x *storageAuthorityGetRevokedCertsClient) Recv() (*proto.CRLEntry, error) return m, nil } +func (c *storageAuthorityClient) GetMaxExpiration(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*timestamppb.Timestamp, error) { + out := new(timestamppb.Timestamp) + err := c.cc.Invoke(ctx, "/sa.StorageAuthority/GetMaxExpiration", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + func (c *storageAuthorityClient) IncidentsForSerial(ctx context.Context, in *Serial, opts ...grpc.CallOption) (*Incidents, error) { out := new(Incidents) err := c.cc.Invoke(ctx, "/sa.StorageAuthority/IncidentsForSerial", in, out, opts...) @@ -566,6 +577,7 @@ type StorageAuthorityServer interface { KeyBlocked(context.Context, *KeyBlockedRequest) (*Exists, error) SerialsForIncident(*SerialsForIncidentRequest, StorageAuthority_SerialsForIncidentServer) error GetRevokedCerts(*GetRevokedCertsRequest, StorageAuthority_GetRevokedCertsServer) error + GetMaxExpiration(context.Context, *emptypb.Empty) (*timestamppb.Timestamp, error) IncidentsForSerial(context.Context, *Serial) (*Incidents, error) // Adders NewRegistration(context.Context, *proto.Registration) (*proto.Registration, error) @@ -669,6 +681,9 @@ func (UnimplementedStorageAuthorityServer) SerialsForIncident(*SerialsForInciden func (UnimplementedStorageAuthorityServer) GetRevokedCerts(*GetRevokedCertsRequest, StorageAuthority_GetRevokedCertsServer) error { return status.Errorf(codes.Unimplemented, "method GetRevokedCerts not implemented") } +func (UnimplementedStorageAuthorityServer) GetMaxExpiration(context.Context, *emptypb.Empty) (*timestamppb.Timestamp, error) { + return nil, status.Errorf(codes.Unimplemented, "method GetMaxExpiration not implemented") +} func (UnimplementedStorageAuthorityServer) IncidentsForSerial(context.Context, *Serial) (*Incidents, error) { return nil, status.Errorf(codes.Unimplemented, "method IncidentsForSerial not implemented") } @@ -1198,6 +1213,24 @@ func (x *storageAuthorityGetRevokedCertsServer) Send(m *proto.CRLEntry) error { return x.ServerStream.SendMsg(m) } +func _StorageAuthority_GetMaxExpiration_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(emptypb.Empty) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(StorageAuthorityServer).GetMaxExpiration(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/sa.StorageAuthority/GetMaxExpiration", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(StorageAuthorityServer).GetMaxExpiration(ctx, req.(*emptypb.Empty)) + } + return interceptor(ctx, in, info, handler) +} + func _StorageAuthority_IncidentsForSerial_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { in := new(Serial) if err := dec(in); err != nil { @@ -1657,6 +1690,10 @@ var StorageAuthority_ServiceDesc = grpc.ServiceDesc{ MethodName: "KeyBlocked", Handler: _StorageAuthority_KeyBlocked_Handler, }, + { + MethodName: "GetMaxExpiration", + Handler: _StorageAuthority_GetMaxExpiration_Handler, + }, { MethodName: "IncidentsForSerial", Handler: _StorageAuthority_IncidentsForSerial_Handler, diff --git a/sa/sa.go b/sa/sa.go index bb34ebfe8..1b1a73fa9 100644 --- a/sa/sa.go +++ b/sa/sa.go @@ -18,6 +18,7 @@ import ( "github.com/prometheus/client_golang/prometheus" "golang.org/x/crypto/ocsp" "google.golang.org/protobuf/types/known/emptypb" + "google.golang.org/protobuf/types/known/timestamppb" jose "gopkg.in/square/go-jose.v2" "github.com/letsencrypt/boulder/core" @@ -2299,3 +2300,21 @@ func (ssa *SQLStorageAuthority) GetRevokedCerts(req *sapb.GetRevokedCertsRequest return nil } + +// GetMaxExpiration returns the timestamp of the farthest-future notAfter date +// found in the certificateStatus table. This provides an upper bound on how far +// forward operations that need to cover all currently-unexpired certificates +// have to look. +func (ssa *SQLStorageAuthority) GetMaxExpiration(ctx context.Context, req *emptypb.Empty) (*timestamppb.Timestamp, error) { + var model struct { + MaxNotAfter time.Time `db:"maxNotAfter"` + } + err := ssa.dbReadOnlyMap.WithContext(ctx).SelectOne( + &model, + "SELECT MAX(notAfter) AS maxNotAfter FROM certificateStatus", + ) + if err != nil { + return nil, fmt.Errorf("selecting max notAfter: %w", err) + } + return timestamppb.New(model.MaxNotAfter), err +} diff --git a/sa/sa_test.go b/sa/sa_test.go index 35cf04d50..bb618cd3a 100644 --- a/sa/sa_test.go +++ b/sa/sa_test.go @@ -39,6 +39,7 @@ import ( "github.com/letsencrypt/boulder/test/vars" "golang.org/x/crypto/ocsp" "google.golang.org/grpc" + "google.golang.org/protobuf/types/known/emptypb" jose "gopkg.in/square/go-jose.v2" ) @@ -2941,3 +2942,27 @@ func TestGetRevokedCerts(t *testing.T) { test.AssertNotError(t, err, "zero rows shouldn't result in error") test.AssertEquals(t, count, 0) } + +func TestGetMaxExpiration(t *testing.T) { + sa, _, cleanUp := initSA(t) + defer cleanUp() + + // Add a cert to the DB to test with. We use AddPrecertificate because it sets + // up the certificateStatus row we need. This particular cert has a notAfter + // date of Mar 6 2023, and we lie about its IssuerNameID to make things easy. + reg := createWorkingRegistration(t, sa) + eeCert, err := core.LoadCert("../test/hierarchy/ee-e1.cert.pem") + test.AssertNotError(t, err, "failed to load test cert") + _, err = sa.AddPrecertificate(ctx, &sapb.AddCertificateRequest{ + Der: eeCert.Raw, + RegID: reg.Id, + Ocsp: nil, + Issued: eeCert.NotBefore.UnixNano(), + IssuerID: 1, + }) + test.AssertNotError(t, err, "failed to add test cert") + + lastExpiry, err := sa.GetMaxExpiration(context.Background(), &emptypb.Empty{}) + test.AssertNotError(t, err, "getting last expriy should succeed") + test.Assert(t, lastExpiry.AsTime().Equal(eeCert.NotAfter), "times should be equal") +}