Skip to content

Commit

Permalink
#535 Add new txn to remove non-root certificates
Browse files Browse the repository at this point in the history
Signed-off-by: Abdulbois <abdulbois.tursunov@dsr-corporation.com>
Signed-off-by: Abdulbois <abdulbois123@gmail.com>
  • Loading branch information
Abdulbois committed Feb 19, 2024
1 parent 634236b commit 00b4309
Show file tree
Hide file tree
Showing 22 changed files with 1,505 additions and 120 deletions.
18 changes: 18 additions & 0 deletions docs/transactions.md
Original file line number Diff line number Diff line change
Expand Up @@ -951,6 +951,24 @@ Root certificates can not be revoked this way, use `PROPOSE_X509_CERT_REVOC` an
- CLI command:
- `dcld tx pki revoke-x509-cert --subject=<base64 string> --subject-key-id=<hex string> --from=<account>`

### REMOVE_X509_CERT

**Status: Implemented**

Removes the given X509 certificate (either intermediate or leaf) from approved and revoked certificates list.

Only the owner (sender) can remove the certificate.
Root certificates can not be removed this way.

- Parameters:
- subject: `string` - certificates's `Subject` is base64 encoded subject DER sequence bytes
- subject_key_id: `string` - certificates's `Subject Key Id` in hex string format, e.g: `5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB`
- serial-number: `optional(string)` - certificate's serial number
- Who can send:
- Any role; owner
- CLI command:
- `dcld tx pki remove-x509-cert --subject=<base64 string> --subject-key-id=<hex string> --from=<account>`

### PROPOSE_REVOKE_X509_ROOT_CERT

**Status: Implemented**
Expand Down
134 changes: 134 additions & 0 deletions integration_tests/cli/pki-remove-x506-certificates.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
set -euo pipefail
source integration_tests/cli/common.sh

root_cert_subject="MIGCMQswCQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxETAPBgNVBAcMCE5ldyBZb3JrMRgwFgYDVQQKDA9FeGFtcGxlIENvbXBhbnkxGTAXBgNVBAsMEFRlc3RpbmcgRGl2aXNpb24xGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbQ=="
root_cert_subject_key_id="33:5E:0C:07:44:F8:B5:9C:CD:55:01:9B:6D:71:23:83:6F:D0:D4:BE"
root_cert_1_path="integration_tests/constants/root_with_same_subject_and_skid_1"
root_cert_1_serial_number="1"
root_cert_vid=65521
intermediate_cert_subject="MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQ="
intermediate_cert_subject_key_id="2E:13:3B:44:52:2C:30:E9:EC:FB:45:FA:5D:E5:04:0A:C1:C6:E6:B9"
intermediate_cert_1_path="integration_tests/constants/intermediate_with_same_subject_and_skid_1"
intermediate_cert_2_path="integration_tests/constants/intermediate_with_same_subject_and_skid_2"
intermediate_cert_1_serial_number="3"
intermediate_cert_2_serial_number="4"
leaf_cert_subject="MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQ"
leaf_cert_subject_key_id="12:16:55:8E:5E:2A:DF:04:D7:E6:FE:D1:53:69:61:98:EF:17:2F:03"
leaf_cert_path="integration_tests/constants/leaf_with_same_subject_and_skid"
leaf_cert_serial_number="5"

trustee_account="jack"
second_trustee_account="alice"

test_divider

echo "REMOVE X509 CERTIFICATES"

echo "Propose and approve root certificate 1"
result=$(echo "$passphrase" | dcld tx pki propose-add-x509-root-cert --certificate="$root_cert_1_path" --vid "$root_cert_vid" --from $trustee_account --yes)
check_response "$result" "\"code\": 0"
result=$(echo "$passphrase" | dcld tx pki approve-add-x509-root-cert --subject="$root_cert_subject" --subject-key-id="$root_cert_subject_key_id" --from $second_trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Add an intermediate certificate with serialNumber 3"
result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$intermediate_cert_1_path" --from $trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Add an intermediate certificate with serialNumber 4"
result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$intermediate_cert_2_path" --from $trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Add a leaf certificate with serialNumber 5"
result=$(echo "$passphrase" | dcld tx pki add-x509-cert --certificate="$leaf_cert_path" --from $trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Request all approved root certificates."
result=$(dcld query pki all-x509-certs)
echo $result | jq
check_response "$result" "\"subject\": \"$root_cert_subject\""
check_response "$result" "\"subject\": \"$intermediate_cert_subject\""
check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\""
check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\""
check_response "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""
check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\""
check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\""

echo "Remove intermediate certificate with invalid serialNumber"
result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="invalid" --from=$trustee_account --yes)
check_response "$result" "\"code\": 404"

echo "Remove intermediate certificate with serialNumber 3"
result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --serial-number="$intermediate_cert_1_serial_number" --from=$trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Request all certificates should not contain intermediate certificate with serialNumber 3"
result=$(dcld query pki all-x509-certs)
echo $result | jq
check_response "$result" "\"subject\": \"$root_cert_subject\""
check_response "$result" "\"subject\": \"$intermediate_cert_subject\""
check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\""
check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\""
check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\""
check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""

echo "Request all approved intermediate certificates should contain only one certificate with serialNumber 4"
result=$(dcld query pki x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id")
echo $result | jq
check_response "$result" "\"subject\": \"$intermediate_cert_subject\""
check_response "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""

echo "Remove intermediate certificate with subject and subjectKeyId"
result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id" --from=$trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Request all approved intermediate certificates should be empty"
result=$(dcld query pki x509-cert --subject="$intermediate_cert_subject" --subject-key-id="$intermediate_cert_subject_key_id")
echo $result | jq
check_response "$result" "\[\]"
response_does_not_contain "$result" "\"subject\": \"$intermediate_cert_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""

echo "Request all certificates should contain only root and leaf certificates"
result=$(dcld query pki all-x509-certs)
echo $result | jq
check_response "$result" "\"subjectKeyId\": \"$root_cert_subject_key_id\""
check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\""
check_response "$result" "\"serialNumber\": \"$leaf_cert_serial_number\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""

echo "Remove leaf certificate"
result=$(echo "$passphrase" | dcld tx pki remove-x509-cert --subject="$leaf_cert_subject" --subject-key-id="$leaf_cert_subject_key_id" --from=$trustee_account --yes)
check_response "$result" "\"code\": 0"

echo "Request all approved leaf certificates should be empty"
result=$(dcld query pki x509-cert --subject="$leaf_cert_subject" --subject-key-id="$leaf_cert_subject_key_id")
echo $result | jq
check_response "$result" "\[\]"
response_does_not_contain "$result" "\"subject\": \"$leaf_cert_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number"

echo "Request all certificates should contain only root certificate"
result=$(dcld query pki all-x509-certs)
echo $result | jq
check_response "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$root_cert_1_serial_number\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$intermediate_cert_subject_key_id\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$leaf_cert_subject_key_id"
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_1_serial_number\""
response_does_not_contain "$result" "\"serialNumber\": \"$intermediate_cert_2_serial_number\""
response_does_not_contain "$result" "\"serialNumber\": \"$leaf_cert_serial_number"

test_divider
69 changes: 47 additions & 22 deletions integration_tests/constants/constants.go
Original file line number Diff line number Diff line change
Expand Up @@ -463,47 +463,69 @@ XWQLy4RZmLIkrm7vj3uFWRpi7lOBkAPOgCm04RTYqJJwnI0UeJmvaxoFd42J+k3D
xEsSrRoqMgkOX01+kkNn8Ugv3bEfeJ4=
-----END CERTIFICATE-----`
IntermediateWithSameSubjectAndSKID1 = `-----BEGIN CERTIFICATE-----
MIIDhzCCAm+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx
MIIDlTCCAn2gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx
ETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhOZXcgWW9yazEYMBYGA1UECgwP
RXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMRgwFgYD
VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE1MTE1MTE1WhgPMzAyMzA2MTgx
MTUxMTVaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE2MDY1NTA0WhgPMzAyMzA2MTkw
NjU1MDRaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmdvkss9fh7NRVNAKbrt9zReTNUwMsUxf6ryvepNUxEc6o
bGDS8yunS9QVpqf9BVQfM0tCzrewif1EDetdPYIMnC9o34nF095/4E5v+aoKabzG
wuyibKjtKVSl+dy0p42UJtScwzZRqLXIZxhmefh2CZT4q9Fs4y2qnCBtFqaWCToT
rcNWAQNBZ0E6S2ZulxXsdMoOGJ4iYPjAhqSbejcrN0McBudYq97pvEInG3HbyX2o
IGtZznGtwG326l9SV4OvmofxrvLjhx/nOauSBbbJcPWy3L10FWDZZ2h8ddpvx6I6
oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjQjBAMB0GA1UdDgQW
oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjUDBOMB0GA1UdDgQW
BBQuEztEUiww6ez7Rfpd5QQKwcbmuTAfBgNVHSMEGDAWgBQzXgwHRPi1nM1VAZtt
cSODb9DUvjANBgkqhkiG9w0BAQsFAAOCAQEAdKy4xLM2gRWB53LTlbvuGls3bDVD
bTar/qTh3yPHc4ugtfQOlLfVD85nJykogiV9ZcT01OdKPeTbeGB93mlqpqIsirkW
ei6ZuBjnX6e4QXcHAo0om6hylSKjC6NEsIPHRuNeEvtHb7M9eMIXfxpjVuWZoYcq
cDtxXeARbH7QaeiKgN1qqKiuwLY1SnExABr10keLILJYYxCZmyp7GXfh8+eSKc4l
l039fvhGiSmDipcVRwZxVfvu6KUtY1QpL5185bjTeD35QL71Ix69ahEaaMn9Gy+T
TMkW9/LTRgnlWI4+ghvGykOsIbJwpGpfiRO3/ytgh4snUbEsFBLkLujk5w==
-----END CERTIFICATE-----
`
cSODb9DUvjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBm1hCN9XFd
2LnrxZkNr0RGMuSsFKIT8B7/gXmgDtkFKb84GcT/rFYGch4Nc6sVXQLFQWGsYCO9
OKZdiJGx4TOkGZuo1waa3/JzwDxLHh/2d7CLrEuGQnEo2evw+yj8AwkjWml+5zjn
L3bG9iZ1JQSUsGiVIHtUVYTGetyUy+SuJxuVvx359hc5foRuNiKDhQW7mwXWv+ua
xfBPUaspjiGALO8hBKlbVxt0RWv5MGyg2JJbSt9Ijexa6aoLzynq5gpSoEfQABUp
wbfDZe4Cbio4ndASlsbtpo/5ZOuQKn9Wp54meOotFDrFntnD7XFohxMJc5YY0F1q
Yk3FHd02VN0M
-----END CERTIFICATE-----`
IntermediateWithSameSubjectAndSKID2 = `-----BEGIN CERTIFICATE-----
MIIDhzCCAm+gAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx
MIIDlTCCAn2gAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMx
ETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhOZXcgWW9yazEYMBYGA1UECgwP
RXhhbXBsZSBDb21wYW55MRkwFwYDVQQLDBBUZXN0aW5nIERpdmlzaW9uMRgwFgYD
VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE1MTE1MTIzWhgPMzAyMzA2MTgx
MTUxMjNaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
VQQDDA93d3cuZXhhbXBsZS5jb20wIBcNMjQwMjE2MDY1NzQ4WhgPMzAyMzA2MTkw
NjU3NDhaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDmdvkss9fh7NRVNAKbrt9zReTNUwMsUxf6ryvepNUxEc6o
bGDS8yunS9QVpqf9BVQfM0tCzrewif1EDetdPYIMnC9o34nF095/4E5v+aoKabzG
wuyibKjtKVSl+dy0p42UJtScwzZRqLXIZxhmefh2CZT4q9Fs4y2qnCBtFqaWCToT
rcNWAQNBZ0E6S2ZulxXsdMoOGJ4iYPjAhqSbejcrN0McBudYq97pvEInG3HbyX2o
IGtZznGtwG326l9SV4OvmofxrvLjhx/nOauSBbbJcPWy3L10FWDZZ2h8ddpvx6I6
oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjQjBAMB0GA1UdDgQW
oCfqYRNMqsDPfd7eagbDObMApguhQ1Hl60NJW2KBAgMBAAGjUDBOMB0GA1UdDgQW
BBQuEztEUiww6ez7Rfpd5QQKwcbmuTAfBgNVHSMEGDAWgBQzXgwHRPi1nM1VAZtt
cSODb9DUvjANBgkqhkiG9w0BAQsFAAOCAQEACUrYb9YNJ7ZH+bj99QmczoVEfZ4B
q9gMgwK48RsNV7Zu+JNsMtz0QhSu2coOJx43vZskgzSaMkPTUuThkjUJJifnPVGw
YpWL6RQaQkn8YNCJMWrRvnNnAcJ2sIQgg5fCWf4cO/PepPZRzojMOBX8a1TOs/53
QTHh3yB5FYrW6ekQayLyoyK+NZ6O2sXEXTgHT9jLlrjnH9d6X18tbWmbglsDk4TL
sjM+VdY9b/3SGHgGObPXkCdACI0v5kfHiUU5Z0zmNNtyNA0qbOBj8BPkOnq/zd2j
3T2pMP5BtRfBLiBJmEJlkDN90xa9A3kdgC+GUNvDCqd3Gv05uGuJYtu0og==
cSODb9DUvjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQClVhy+Gtd7
5lOwDaT4m+J5FXyxMI6Lh7OydDcpsbUeIKtw0ODgCBFTrwtmYfqlJ35msKOwCOvp
L4LVxnUJGCV6dRuQgGFYnhJDwKdAI9aH2b51ZJoVuHxpoqpwkwFjYEzRzP1otkW9
b5VmtGeujfP12ptzqhmwmQ/z9yFDkKjwTcq02n1NGzc4CcygkQKZbr64HW17nsq/
AWNUMVCMnWrkYaFjBH21+RZ+zkdOVQXjtp7EZhQzLPhqrg4phLe1L+SztCJN/VrN
/sptlM3aW8XXI2pLbYAMCNpqQftnkdOOYfnJmf1A7x3eeDQHWiRj3FBHHGqZydmV
OtwplWOnxNQw
-----END CERTIFICATE-----`

LeafCertWithSameSubjectAndSKID = `-----BEGIN CERTIFICATE-----
MIIDSTCCAjGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJBVTET
MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
dHkgTHRkMCAXDTI0MDIxNjA2NTkwMloYDzMwMjMwNjE5MDY1OTAyWjBFMQswCQYD
VQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQg
V2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
oCiuqhgIgU89pQ3/nT7ccFbqrmSbyRc/5jfYw83VDuSE4SkPwEml268k8XRoUjdh
sLkDROlR3hab0Ez/eI9LBLXXFWB3qlAJ2OfDkZ+RMLVIGqMxckn2bfnYtUITSVzD
FWWvanb7+wACW6MDH3f/FLLblII21XAcljluzPQbVZoCimh33CS5VOI68y/Esjlz
8HDhXDuxyswIjGMjCnKaFS0vQsySC+M4nqLKdJ0HDPNVMjeUtVIUCKke0rOFDTUZ
nDmBHfdOoHtBiCeZzNH7s2ER4NCwXZmSNXev8CHwmZqaIUSRMsmOxbw3I7KpRBFf
hObeLm55aVS2FEMH68H0FQIDAQABo0IwQDAdBgNVHQ4EFgQUEhZVjl4q3wTX5v7R
U2lhmO8XLwMwHwYDVR0jBBgwFoAULhM7RFIsMOns+0X6XeUECsHG5rkwDQYJKoZI
hvcNAQELBQADggEBAHK9fmY6C9FyzVNh6RTKNT6FL3ozr+WvmKJmE7WcxqAEW6JZ
rtihObu2y1B7e74umOwa1QJd7EFyMm4qnXYT2PepnanxTnz0EST9ZuhM3GpM1FP6
fjlqLDHoQ1UhBmEnocFTqd7QEZtUbRWPnlJw0ZK2uFK7IYmlnBKkewPCLVGI3ihx
al/8sTx3xx7fWpS+rJ3jviCpHgP+cGV/ANg8hOlyr68u0FE+x6pye00TmxcFzDuo
5/OA9jGQln82Z8inmc05wZPQPpjZxdCQteqJkNl7PrklgO5EevG9JlUArIets2Py
2Vciq5eYOIi+PlP+HI5QzlZYxSqFjJrFcfzYCJ4=
-----END CERTIFICATE-----`

RootIssuer = "MDQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApzb21lLXN0YXRlMRAwDgYDVQQKDAdyb290LWNh"
Expand All @@ -521,6 +543,9 @@ sjM+VdY9b/3SGHgGObPXkCdACI0v5kfHiUU5Z0zmNNtyNA0qbOBj8BPkOnq/zd2j
IntermediateCertWithSameSubjectAndSKIDSubjectKeyID = "2E:13:3B:44:52:2C:30:E9:EC:FB:45:FA:5D:E5:04:0A:C1:C6:E6:B9"
IntermediateCertWithSameSubjectAndSKID1SerialNumber = "3"
IntermediateCertWithSameSubjectAndSKID2SerialNumber = "4"
LeafCertWithSameSubjectAndSKIDSubject = "MEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQ="
LeafCertWithSameSubjectAndSKIDSubjectKeyID = "12:16:55:8E:5E:2A:DF:04:D7:E6:FE:D1:53:69:61:98:EF:17:2F:03"
LeafCertWithSameSubjectAndSKIDSerialNumber = "5"

IntermediateIssuer = "MDQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApzb21lLXN0YXRlMRAwDgYDVQQKDAdyb290LWNh"
IntermediateAuthorityKeyID = "5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB"
Expand Down
20 changes: 20 additions & 0 deletions integration_tests/constants/leaf_with_same_subject_and_skid
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDSTCCAjGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJBVTET
MBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQ
dHkgTHRkMCAXDTI0MDIxNjA2MzkxN1oYDzMwMjMwNjE5MDYzOTE3WjBFMQswCQYD
VQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQg
V2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
oCiuqhgIgU89pQ3/nT7ccFbqrmSbyRc/5jfYw83VDuSE4SkPwEml268k8XRoUjdh
sLkDROlR3hab0Ez/eI9LBLXXFWB3qlAJ2OfDkZ+RMLVIGqMxckn2bfnYtUITSVzD
FWWvanb7+wACW6MDH3f/FLLblII21XAcljluzPQbVZoCimh33CS5VOI68y/Esjlz
8HDhXDuxyswIjGMjCnKaFS0vQsySC+M4nqLKdJ0HDPNVMjeUtVIUCKke0rOFDTUZ
nDmBHfdOoHtBiCeZzNH7s2ER4NCwXZmSNXev8CHwmZqaIUSRMsmOxbw3I7KpRBFf
hObeLm55aVS2FEMH68H0FQIDAQABo0IwQDAdBgNVHQ4EFgQUEhZVjl4q3wTX5v7R
U2lhmO8XLwMwHwYDVR0jBBgwFoAULhM7RFIsMOns+0X6XeUECsHG5rkwDQYJKoZI
hvcNAQELBQADggEBAODIZAwQrNuwIbF29p6tRmcSEkmMqY2Ktyh+YXfZsjpk26Cd
OrHUGh6GW/lXcDegsMYkx1jIiVAwcYLfMZs0lIgDJUxqERQP51Fw9kuvr4jppJDj
QCSACgWmhXzo+llJy3FxxdaLEtbjpNVDuQ3qZ0JORGGnWHhcZ0dxhaKeos7QVS+i
+4XN4GcehzNtdeDaNoHjKZ0cnmBGh4kBRw5NEoypCHaBMQJJ+XsnIRJ5lhVp0DL9
I7i9s1CstE9aaFQOAVJAsjvpp1hgAYA22tbs0FX/DIB6FjkhWWKur8EA22dUyPJE
xNI05qeNKVF9AHDgYUgea06xqPD9zx9AX8NURF8=
-----END CERTIFICATE-----
Loading

0 comments on commit 00b4309

Please sign in to comment.