Introduce separate UpdateRegistrationContact & UpdateRegistrationKey …

…methods in RA & SA

Clear contact field in DeactivateRegistration

Part of #7716
Part of #5554

ra/proto/ra.proto

@@ -10,6 +10,8 @@ import "google/protobuf/empty.proto";
 service RegistrationAuthority {
   rpc NewRegistration(core.Registration) returns (core.Registration) {}
   rpc UpdateRegistration(UpdateRegistrationRequest) returns (core.Registration) {}
+  rpc UpdateRegistrationContact(UpdateRegistrationContactRequest) returns (core.Registration) {}
+  rpc UpdateRegistrationKey(UpdateRegistrationKeyRequest) returns (core.Registration) {}
   rpc PerformValidation(PerformValidationRequest) returns (core.Authorization) {}
   rpc DeactivateRegistration(core.Registration) returns (google.protobuf.Empty) {}
   rpc DeactivateAuthorization(core.Authorization) returns (google.protobuf.Empty) {}
@@ -33,6 +35,16 @@ message UpdateRegistrationRequest {
   core.Registration update = 2;
 }
 
+message UpdateRegistrationContactRequest {
+  int64 registrationID = 1;
+  repeated string contact = 2;
+}
+
+message UpdateRegistrationKeyRequest {
+  int64 registrationID = 1;
+  bytes jwk = 2;
+}
+
 message UpdateAuthorizationRequest {
   core.Authorization authz = 1;
   int64 challengeIndex = 2;

ra/ra.go

@@ -1715,7 +1715,8 @@ func (ra *RegistrationAuthorityImpl) checkNewOrderLimits(ctx context.Context, na
 // UpdateRegistration updates an existing Registration with new values. Caller
 // is responsible for making sure that update.Key is only different from base.Key
 // if it is being called from the WFE key change endpoint.
-// TODO(#5554): Split this into separate methods for updating Contacts vs Key.
+//
+// Deprecated: Use UpdateRegistrationContact or UpdateRegistrationKey instead.
 func (ra *RegistrationAuthorityImpl) UpdateRegistration(ctx context.Context, req *rapb.UpdateRegistrationRequest) (*corepb.Registration, error) {
 	// Error if the request is nil, there is no account key or IP address
 	if req.Base == nil || len(req.Base.Key) == 0 || len(req.Base.InitialIP) == 0 || req.Base.Id == 0 {
@@ -1754,6 +1755,51 @@ func (ra *RegistrationAuthorityImpl) UpdateRegistration(ctx context.Context, req
 	return update, nil
 }
 
+// UpdateRegistrationContact updates an existing Registration's contact.
+func (ra *RegistrationAuthorityImpl) UpdateRegistrationContact(ctx context.Context, req *rapb.UpdateRegistrationContactRequest) (*corepb.Registration, error) {
+	if req == nil || req.RegistrationID == 0 {
+		return nil, errIncompleteGRPCRequest
+	}
+
+	err := ra.validateContacts(req.Contact)
+	if err != nil {
+		return nil, err
+	}
+
+	update, err := ra.SA.UpdateRegistrationContact(ctx, &sapb.UpdateRegistrationContactRequest{
+		RegistrationID: req.RegistrationID,
+		Contact:        req.Contact,
+	})
+	if err != nil {
+		// berrors.InternalServerError since the user-data was validated before being
+		// passed to the SA.
+		err = berrors.InternalServerError("Could not update registration: %s", err)
+		return nil, err
+	}
+
+	return update, nil
+}
+
+// UpdateRegistrationKey updates an existing Registration's JWK.
+func (ra *RegistrationAuthorityImpl) UpdateRegistrationKey(ctx context.Context, req *rapb.UpdateRegistrationKeyRequest) (*corepb.Registration, error) {
+	if req == nil || req.RegistrationID == 0 || len(req.Jwk) == 0 {
+		return nil, errIncompleteGRPCRequest
+	}
+
+	update, err := ra.SA.UpdateRegistrationKey(ctx, &sapb.UpdateRegistrationKeyRequest{
+		RegistrationID: req.RegistrationID,
+		Jwk:            req.Jwk,
+	})
+	if err != nil {
+		// berrors.InternalServerError since the user-data was validated before being
+		// passed to the SA.
+		err = berrors.InternalServerError("Could not update registration: %s", err)
+		return nil, err
+	}
+
+	return update, nil
+}
+
 func contactsEqual(a []string, b []string) bool {
 	if len(a) != len(b) {
 		return false