Skip to content

Commit

Permalink
Merge pull request #543 from zigbee-alliance/feature/524-adding-noc-r…
Browse files Browse the repository at this point in the history
…oot-certificate

#524 Implement adding and requesting root NOC certificates
  • Loading branch information
akarabashov authored Feb 20, 2024
2 parents b98e578 + 40e5d53 commit 183290b
Show file tree
Hide file tree
Showing 59 changed files with 5,568 additions and 381 deletions.
535 changes: 535 additions & 0 deletions docs/static/openapi.yml

Large diffs are not rendered by default.

55 changes: 55 additions & 0 deletions docs/transactions.md
Original file line number Diff line number Diff line change
Expand Up @@ -843,6 +843,7 @@ The certificate is immutable. It can only be revoked by either the owner or a qu
- no existing `Proposed` certificate with the same `<Certificate's Subject>:<Certificate's Subject Key ID>` combination.
- no existing certificate with the same `<Certificate's Issuer>:<Certificate's Serial Number>` combination.
- if approved certificates with the same `<Certificate's Subject>:<Certificate's Subject Key ID>` combination already exists:
- the existing certificate must not be NOC certificate
- sender must match to the owner of the existing certificates.
- the signature (self-signature) and expiration date are valid.

Expand Down Expand Up @@ -919,6 +920,7 @@ The certificate is immutable. It can only be revoked by either the owner or a qu
- `Authority Key Identifier` != `Subject Key Identifier`
- no existing certificate with the same `<Certificate's Issuer>:<Certificate's Serial Number>` combination.
- if certificates with the same `<Certificate's Subject>:<Certificate's Subject Key ID>` combination already exist:
- the existing certificate must not be NOC certificate
- sender must match to the owner of the existing certificates.
- the signature (self-signature) and expiration date are valid.
- parent certificate must be already stored on the ledger and a valid chain to some root certificate can be built.
Expand Down Expand Up @@ -1122,6 +1124,31 @@ Deletes a PKI Revocation distribution endpoint (such as RFC5280 Certificate Revo
- CLI command:
- `dcld tx pki delete-revocation-point --vid=<uint16> --issuer-subject-key-id=<string> --label=<string> --from=<account>`

### ADD_NOC_X509_ROOT_CERTIFICATE

**Status: Implemented**

This transaction adds a NOC root certificate owned by the Vendor.

- Who can send: Vendor account
- Validation:
- the provided certificate must be a root certificate:
- `Issuer` == `Subject`
- `Authority Key Identifier` == `Subject Key Identifier`
- no existing certificate with the same `<Certificate's Issuer>:<Certificate's Serial Number>` combination.
- if certificates with the same `<Certificate's Subject>:<Certificate's Subject Key ID>` combination already exist:
- the existing certificate must be NOC root certificate
- the sender's VID must match the vid field of the existing certificates.
- the signature (self-signature) and expiration date must be valid.
- Parameters:
- cert: `string` - The NOC Root Certificate, encoded in X.509v3 PEM format. Can be a PEM string or a file path.
- In State:
- `pki/ApprovedCertificates/value/<Subject>/<SubjectKeyID>`
- `pki/ApprovedCertificatesBySubject/value/<Subject>`
- `pki/ApprovedCertificatesBySubjectKeyID/value/<SubjectKeyID>`
- `pki/NOCRootCertificates/value/<VID>`
- CLI Command:
- `dcld tx pki add-noc-x509-root-cert --certificate=<string-or-path> --from=<account>`

### GET_X509_CERT

Expand Down Expand Up @@ -1407,6 +1434,34 @@ Should be sent to trusted nodes only.
- REST API:
- GET `/dcl/pki/revocation-points`

### GET_NOC_X509_ROOT_CERTS_BY_VID

**Status: Implemented**

Retrieve NOC root certificates associated with a specific VID.

- Who can send: Any account
- Parameters:
- vid: `uint16` - Vendor ID (positive non-zero)
- CLI Command:
- `dcld query pki noc-x509-root-certs --vid=<uint16>`
- REST API:
- GET `/dcl/pki/noc-root-certificates/{vid}`

### GET_ALL_NOC_X509_ROOT_CERTS

**Status: Implemented**

Retrieve a list of all of NOC root certificates

- Who can send: Any account
- Parameters:
- Common pagination parameters
- CLI Command:
- `dcld query pki all-noc-x509-root-certs`
- REST API:
- GET `/dcl/pki/noc-root-certificates`

## AUTH

### PROPOSE_ADD_ACCOUNT
Expand Down
5 changes: 5 additions & 0 deletions genlocalnetconfig.sh
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,11 @@ for node_name in node0 node1 node2 node3 observer0; do
# Make RPC endpoints available externally
sed -i $SED_EXT 's/laddr = "tcp:\/\/127.0.0.1:26657"/laddr = "tcp:\/\/0.0.0.0:26657"/g' "$LOCALNET_DIR/${node_name}/config/config.toml"

# Make REST endpoints available externally
sed -i $SED_EXT 's/address = "tcp:\/\/localhost:1317"/address = "tcp:\/\/0.0.0.0:1317"/g' "$LOCALNET_DIR/${node_name}/config/app.toml"
# Make gRPC endpoints available externally
sed -i $SED_EXT 's/address = "localhost:9090"/address = "0.0.0.0:9090"/g' "$LOCALNET_DIR/${node_name}/config/app.toml"

# sets proper moniker
sed -i $SED_EXT "s/moniker = .*/moniker = \"$node_name\"/g" "$LOCALNET_DIR/${node_name}/config/config.toml"

Expand Down
2 changes: 1 addition & 1 deletion go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -2764,4 +2764,4 @@ rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
176 changes: 176 additions & 0 deletions integration_tests/cli/pki-noc-certs.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,176 @@
set -euo pipefail
source integration_tests/cli/common.sh

noc_root_cert_1_path="integration_tests/constants/noc_root_cert_1"
noc_root_cert_1_subject="MFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDjAMBgNVBAMMBU5PQy0x"
noc_root_cert_1_subject_key_id="44:EB:4C:62:6B:25:48:CD:A2:B3:1C:87:41:5A:08:E7:2B:B9:83:26"
noc_root_cert_1_serial_number="217369606639495620450806539821422258966012867792"
noc_root_cert_1_subject_as_text="CN=NOC-1,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU"

noc_root_cert_2_path="integration_tests/constants/noc_root_cert_2"
noc_root_cert_2_subject="MFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDjAMBgNVBAMMBU5PQy0y"
noc_root_cert_2_subject_key_id="CF:E6:DD:37:2B:4C:B2:B9:A9:F2:75:30:1C:AA:B1:37:1B:11:7F:1B"
noc_root_cert_2_serial_number="720401643293243343104681760462974770802745092176"
noc_root_cert_2_subject_as_text="CN=NOC-2,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU"

noc_root_cert_3_path="integration_tests/constants/noc_root_cert_3"
noc_root_cert_3_subject="MFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDjAMBgNVBAMMBU5PQy0z"
noc_root_cert_3_subject_key_id="88:0D:06:D9:64:22:29:34:78:7F:8C:3B:AE:F5:08:93:86:8F:0D:20"
noc_root_cert_3_serial_number="38457288443253426021793906708335409501754677187"
noc_root_cert_3_subject_as_text="CN=NOC-3,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU"

trustee_account="jack"
second_trustee_account="alice"

vid_in_hex_format=0x6006
vid=24582

vendor_account=vendor_account_$vid_in_hex_format
echo "Create Vendor account - $vendor_account"
create_new_vendor_account $vendor_account $vid_in_hex_format

vid_2_in_hex_format=0x125D
vid_2=4701

vendor_account_2=vendor_account_$vid_2_in_hex_format
echo "Create Vendor account - $vendor_account_2"
create_new_vendor_account $vendor_account_2 $vid_2_in_hex_format


test_divider

echo "Request NOC certificate by VID must be empty"
result=$(dcld query pki noc-x509-root-certs --vid="$vid")
check_response "$result" "Not Found"
response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
response_does_not_contain "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
echo $result | jq

test_divider

echo "Request all NOC root certificates must be empty"
result=$(dcld query pki all-noc-x509-root-certs)
check_response "$result" "\[\]"
response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
response_does_not_contain "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
echo $result | jq

test_divider

echo "Request approved certificate must be empty"
result=$(dcld query pki x509-cert --subject="$noc_root_cert_1_subject" --subject-key-id="$noc_root_cert_1_subject_key_id")
check_response "$result" "Not Found"
response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
response_does_not_contain "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
echo $result | jq

test_divider

echo "Request all certificates by subject must be empty"
result=$(dcld query pki all-subject-x509-certs --subject="$noc_root_cert_1_subject")
check_response "$result" "Not Found"
response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
echo $result | jq

test_divider

echo "Request all certificates by subjectKeyId must be empty"
result=$(dcld query pki x509-cert --subject-key-id="$noc_root_cert_1_subject_key_id")
check_response "$result" "Not Found"
response_does_not_contain "$result" "\"subject\": \"$noc_root_cert_1_subject\""
response_does_not_contain "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
response_does_not_contain "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
response_does_not_contain "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
echo $result | jq

test_divider

echo "Try to add inermidiate cert using add-noc-x509-root-cert command"
intermediate_path="integration_tests/constants/intermediate_cert"
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="$intermediate_path" --from $vendor_account --yes)
check_response "$result" "\"code\": 414"

echo "Add first NOC root certificate by vendor with VID = $vid"
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="$noc_root_cert_1_path" --from $vendor_account --yes)
check_response "$result" "\"code\": 0"

echo "Add second NOC root certificate by vendor with VID = $vid"
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="$noc_root_cert_2_path" --from $vendor_account --yes)
check_response "$result" "\"code\": 0"

echo "Add third NOC root certificate by vendor with VID = $vid_2"
result=$(echo "$passphrase" | dcld tx pki add-noc-x509-root-cert --certificate="$noc_root_cert_3_path" --from $vendor_account_2 --yes)
check_response "$result" "\"code\": 0"

test_divider

echo "Request NOC root certificate by VID"
result=$(dcld query pki noc-x509-root-certs --vid="$vid")
echo $result | jq
check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
check_response "$result" "\"subject\": \"$noc_root_cert_2_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_2_subject_as_text\""
check_response "$result" "\"vid\": $vid"

test_divider

echo "Request All NOC root certificate"
result=$(dcld query pki all-noc-x509-root-certs)
echo $result | jq
check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
check_response "$result" "\"subject\": \"$noc_root_cert_2_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_2_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_2_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_2_subject_as_text\""
check_response "$result" "\"subject\": \"$noc_root_cert_3_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_3_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_3_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_3_subject_as_text\""
check_response "$result" "\"vid\": $vid"
check_response "$result" "\"vid\": $vid_2"

test_divider

echo "Request NOC root certificate by Subject and SubjectKeyID"
result=$(dcld query pki x509-cert --subject="$noc_root_cert_1_subject" --subject-key-id="$noc_root_cert_1_subject_key_id")
echo $result | jq
check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""
check_response "$result" "\"approvals\": \\[\\]"

test_divider

echo "Request NOC root certificate by Subject"
result=$(dcld query pki all-subject-x509-certs --subject="$noc_root_cert_1_subject")
echo $result | jq
check_response "$result" "\"$noc_root_cert_1_subject\""
check_response "$result" "\"$noc_root_cert_1_subject_key_id\""

test_divider

echo "Request NOC root certificate by SubjectKeyID"
result=$(dcld query pki x509-cert --subject-key-id="$noc_root_cert_1_subject_key_id")
echo $result | jq
check_response "$result" "\"subject\": \"$noc_root_cert_1_subject\""
check_response "$result" "\"subjectKeyId\": \"$noc_root_cert_1_subject_key_id\""
check_response "$result" "\"serialNumber\": \"$noc_root_cert_1_serial_number\""
check_response "$result" "\"subjectAsText\": \"$noc_root_cert_1_subject_as_text\""

test_divider
64 changes: 64 additions & 0 deletions integration_tests/constants/noc_constants.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
package testconstants

const (
NocRootCert1 = `
-----BEGIN CERTIFICATE-----
MIICATCCAaegAwIBAgIUJhMwtZzr6dGO6tqHmuDi4Bz/tNAwCgYIKoZIzj0EAwIw
VTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEOMAwGA1UEAwwFTk9DLTEwIBcNMjQwMjE0
MTQ0NzI1WhgPMzAyMzA2MTcxNDQ3MjVaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
DjAMBgNVBAMMBU5PQy0xMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAECsW1A5xK
Tv4qbfUsUp74bQNlkJV6GZL59b+PgqLyq7P1PMtJK3L7NmisUvdsT1dYr1sMzDEK
6ZuajkpkIfeV3qNTMFEwHQYDVR0OBBYEFETrTGJrJUjNorMch0FaCOcruYMmMB8G
A1UdIwQYMBaAFETrTGJrJUjNorMch0FaCOcruYMmMA8GA1UdEwEB/wQFMAMBAf8w
CgYIKoZIzj0EAwIDSAAwRQIgS4gxVvmQghH93BbG3RRpJ07Re5+gTFAo5qfVTtDo
teUCIQCQwlaPb8U8S0ee3Iz1gg4LOTxZ/IWyCzPpCteAEKcl+w==
-----END CERTIFICATE-----
`
NocRootCert2 = `
-----BEGIN CERTIFICATE-----
MIICATCCAaegAwIBAgIUfi/tSwkm8n1SVPVYvpmRj7WDKFAwCgYIKoZIzj0EAwIw
VTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEOMAwGA1UEAwwFTk9DLTIwIBcNMjQwMjE0
MTQ0NzQ1WhgPMzAyMzA2MTcxNDQ3NDVaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
DjAMBgNVBAMMBU5PQy0yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdyZTx3lJ
ZYUEazRXrDUgtut3EF1iXFXibKttwgvqIQqo/8Z/5uh402+AjqlsYRW7J2XhAaNl
jd+mU2GZc9whuaNTMFEwHQYDVR0OBBYEFM/m3TcrTLK5qfJ1MByqsTcbEX8bMB8G
A1UdIwQYMBaAFM/m3TcrTLK5qfJ1MByqsTcbEX8bMA8GA1UdEwEB/wQFMAMBAf8w
CgYIKoZIzj0EAwIDSAAwRQIhAPxnWiN91np0FqsJ3wzxbBhUvb0L7tCCG8b78ug5
M4e6AiAzKpDZ//MaM3khHSuiJhXBWhN+HR/veWVfeLLKtMhoKg==
-----END CERTIFICATE-----
`
NocRootCert3 = `
-----BEGIN CERTIFICATE-----
MIICAjCCAaegAwIBAgIUBrx8BUhP5Vi8W79pFDlqwkIw18MwCgYIKoZIzj0EAwIw
VTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEOMAwGA1UEAwwFTk9DLTMwIBcNMjQwMjE0
MTQ0ODE4WhgPMzAyMzA2MTcxNDQ4MThaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
DjAMBgNVBAMMBU5PQy0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFC9UKPtv
+KzUrKTUGhsysPy6jKTLiAzRt2k+DQeV5MQxyjke4x/SvWg9jHJXiO3t52xCF803
7YDN5/GCAvu+x6NTMFEwHQYDVR0OBBYEFIgNBtlkIik0eH+MO671CJOGjw0gMB8G
A1UdIwQYMBaAFIgNBtlkIik0eH+MO671CJOGjw0gMA8GA1UdEwEB/wQFMAMBAf8w
CgYIKoZIzj0EAwIDSQAwRgIhAIF/kTHuWYLfJtb/TWwmhEtVRoULLet3NDIjwvw1
F5UqAiEAshHfXxUpdfxqiLoTjQjkNf0AHVYBFhLdB+iIFspwTyg=
-----END CERTIFICATE-----
`

NocRootCert1Subject = "MFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDjAMBgNVBAMMBU5PQy0x"
NocRootCert1SubjectKeyID = "44:EB:4C:62:6B:25:48:CD:A2:B3:1C:87:41:5A:08:E7:2B:B9:83:26"
NocRootCert1SerialNumber = "217369606639495620450806539821422258966012867792"
NocRootCert1SubjectAsText = "CN=NOC-1,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU"

NocRootCert2Subject = "MFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDjAMBgNVBAMMBU5PQy0y"
NocRootCert2SubjectKeyID = "CF:E6:DD:37:2B:4C:B2:B9:A9:F2:75:30:1C:AA:B1:37:1B:11:7F:1B"
NocRootCert2SerialNumber = "720401643293243343104681760462974770802745092176"
NocRootCert2SubjectAsText = "CN=NOC-2,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU"

NocRootCert3Subject = "MFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDjAMBgNVBAMMBU5PQy0z"
NocRootCert3SubjectKeyID = "88:0D:06:D9:64:22:29:34:78:7F:8C:3B:AE:F5:08:93:86:8F:0D:20"
NocRootCert3SerialNumber = "38457288443253426021793906708335409501754677187"
NocRootCert3SubjectAsText = "CN=NOC-3,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU"
)
13 changes: 13 additions & 0 deletions integration_tests/constants/noc_root_cert_1
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
-----BEGIN CERTIFICATE-----
MIICATCCAaegAwIBAgIUJhMwtZzr6dGO6tqHmuDi4Bz/tNAwCgYIKoZIzj0EAwIw
VTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEOMAwGA1UEAwwFTk9DLTEwIBcNMjQwMjE0
MTQ0NzI1WhgPMzAyMzA2MTcxNDQ3MjVaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
DjAMBgNVBAMMBU5PQy0xMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAECsW1A5xK
Tv4qbfUsUp74bQNlkJV6GZL59b+PgqLyq7P1PMtJK3L7NmisUvdsT1dYr1sMzDEK
6ZuajkpkIfeV3qNTMFEwHQYDVR0OBBYEFETrTGJrJUjNorMch0FaCOcruYMmMB8G
A1UdIwQYMBaAFETrTGJrJUjNorMch0FaCOcruYMmMA8GA1UdEwEB/wQFMAMBAf8w
CgYIKoZIzj0EAwIDSAAwRQIgS4gxVvmQghH93BbG3RRpJ07Re5+gTFAo5qfVTtDo
teUCIQCQwlaPb8U8S0ee3Iz1gg4LOTxZ/IWyCzPpCteAEKcl+w==
-----END CERTIFICATE-----
13 changes: 13 additions & 0 deletions integration_tests/constants/noc_root_cert_2
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
-----BEGIN CERTIFICATE-----
MIICATCCAaegAwIBAgIUfi/tSwkm8n1SVPVYvpmRj7WDKFAwCgYIKoZIzj0EAwIw
VTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEOMAwGA1UEAwwFTk9DLTIwIBcNMjQwMjE0
MTQ0NzQ1WhgPMzAyMzA2MTcxNDQ3NDVaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
DjAMBgNVBAMMBU5PQy0yMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEdyZTx3lJ
ZYUEazRXrDUgtut3EF1iXFXibKttwgvqIQqo/8Z/5uh402+AjqlsYRW7J2XhAaNl
jd+mU2GZc9whuaNTMFEwHQYDVR0OBBYEFM/m3TcrTLK5qfJ1MByqsTcbEX8bMB8G
A1UdIwQYMBaAFM/m3TcrTLK5qfJ1MByqsTcbEX8bMA8GA1UdEwEB/wQFMAMBAf8w
CgYIKoZIzj0EAwIDSAAwRQIhAPxnWiN91np0FqsJ3wzxbBhUvb0L7tCCG8b78ug5
M4e6AiAzKpDZ//MaM3khHSuiJhXBWhN+HR/veWVfeLLKtMhoKg==
-----END CERTIFICATE-----
13 changes: 13 additions & 0 deletions integration_tests/constants/noc_root_cert_3
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
-----BEGIN CERTIFICATE-----
MIICAjCCAaegAwIBAgIUBrx8BUhP5Vi8W79pFDlqwkIw18MwCgYIKoZIzj0EAwIw
VTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEOMAwGA1UEAwwFTk9DLTMwIBcNMjQwMjE0
MTQ0ODE4WhgPMzAyMzA2MTcxNDQ4MThaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
DjAMBgNVBAMMBU5PQy0zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFC9UKPtv
+KzUrKTUGhsysPy6jKTLiAzRt2k+DQeV5MQxyjke4x/SvWg9jHJXiO3t52xCF803
7YDN5/GCAvu+x6NTMFEwHQYDVR0OBBYEFIgNBtlkIik0eH+MO671CJOGjw0gMB8G
A1UdIwQYMBaAFIgNBtlkIik0eH+MO671CJOGjw0gMA8GA1UdEwEB/wQFMAMBAf8w
CgYIKoZIzj0EAwIDSQAwRgIhAIF/kTHuWYLfJtb/TWwmhEtVRoULLet3NDIjwvw1
F5UqAiEAshHfXxUpdfxqiLoTjQjkNf0AHVYBFhLdB+iIFspwTyg=
-----END CERTIFICATE-----
1 change: 1 addition & 0 deletions integration_tests/grpc_rest/pki/grpc_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,4 +33,5 @@ import (
func TestPkiDemoGRPC(t *testing.T) {
suite := utils.SetupTest(t, testconstants.ChainID, false)
pki.Demo(&suite)
pki.NocCertDemo(&suite)
}
Loading

0 comments on commit 183290b

Please sign in to comment.