Skip to content

Commit

Permalink
Stnds 468 (#58)
Browse files Browse the repository at this point in the history 
* added class for np id validator

* added validation for natural person

* validation made but not working

* put in subjects validator

* eidas validator works

* final validator works

* Update pkilint/etsi/en_319_412_1.py

Co-authored-by: Corey Bonnell <[email protected]>

* Update pkilint/etsi/en_319_412_1.py

Co-authored-by: Corey Bonnell <[email protected]>

* stopped parsing if serial number length is too short

* fixed Corey's comments

---------

Co-authored-by: Alex Campbell <campbellalex321@gmail>
Co-authored-by: Corey Bonnell <[email protected]>
  • Loading branch information
@campbellalex321 @CBonnell
3 people authored May 20, 2024
1 parent 9618ce7 commit 3d24cb1
Show file tree
Hide file tree
Showing 5 changed files with 222 additions and 2 deletions.
1 change: 1 addition & 0 deletions pkilint/etsi/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,7 @@ def create_validators(certificate_type: CertificateType) -> List[validation.Vali
en_319_412_1.LegalPersonOrganizationIdentifierValidator(),
en_319_412_1.NaturalPersonIdentifierValidator(),
en_319_412_1.EidasLegalPersonIdentifierValidator(),
en_319_412_1.NaturalPersonEidasIdentifierValidator(),
organization_id.OrganizationIdentifierLeiValidator(),
]

Expand Down
69 changes: 67 additions & 2 deletions pkilint/etsi/en_319_412_1.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,7 +281,6 @@ def validate(self, node):

return validation.ValidationResult(self, node, findings)


class EidasLegalPersonIdentifierValidator(validation.Validator):
"""
LEG-5.1.6-03: Any organizationIdentifier attribute present in the subject field of the certificate shall
Expand Down Expand Up @@ -337,7 +336,6 @@ def validate(self, node):
f'{self._MAX_LENGTH} characters'
)


class NameRegistrationAuthoritiesValidatorBase(validation.Validator):
def __init__(
self,
Expand Down Expand Up @@ -471,3 +469,70 @@ def is_attribute_value_national_id_scheme(cls, atv_node: document.PDUNode) -> bo
return False

return parsed.is_national_scheme


class NaturalPersonEidasIdentifierValidator(validation.Validator):
"""
NAT-5.1.5-01: If using electronic identity attributes as specified in eIDAS SAML
attribute profile for a certificate issued to natural persons, the semantics of
id-etsi-qcs-SemanticsId-eIDASNatural shall be as follows.
NAT-5.1.5-02: If the eIDAS natural person identifier is included, the values
of attributes in the subject field shall meet the content requirements of corresponding
attributes defined by the eIDAS SAML attribute profile according to the following requirements.
NAT-5.1.5-03: Any serialNumber attribute value in the subject field of the certificate
shall comply with the content requirement specified for the eIDAS PersonIdentifier attribute.
NAT-5.1.5-04: Attributes present in subject field of the certificate are equivalent to defined attributes
in accordance to the below table. This means that the present attribute shall hold equivalent
information, even if the format used to express that information differs.
serialNumber -> PersonIdentifier Example: ES/AT/02635542Y
"""
VALIDATION_INVALID_ISO_3166 = validation.ValidationFinding(
validation.ValidationFindingSeverity.ERROR,
'etsi.nat_5.1.5-03.invalid-iso-3166'
)

VALIDATION_INVALID_SYNTAX_SERIAL = validation.ValidationFinding(
validation.ValidationFindingSeverity.ERROR,
'etsi.nat_5.1.5-03.invalid-syntax-serial'
)
VALIDATION_INVALID_CHARACTER_SERIAL = validation.ValidationFinding(
validation.ValidationFindingSeverity.ERROR,
'etsi.nat_5.1.5-03.invalid-character-serial'
)

def __init__(self):
super().__init__(
validations=[
self.VALIDATION_INVALID_ISO_3166,
self.VALIDATION_INVALID_SYNTAX_SERIAL,
self.VALIDATION_INVALID_CHARACTER_SERIAL
],
pdu_class=rfc5280.X520SerialNumber
)
def match(self, node):
if not super().match(node):
return False

# noinspection PyTypeChecker
return _cert_has_semantics_id(en_319_412_1.id_etsi_qcs_semanticsId_eIDASNatural, node.document)

def validate(self, node):
value = str(node.pdu)
findings = []
if len(value) < 7:
raise validation.ValidationFindingEncountered(self.VALIDATION_INVALID_SYNTAX_SERIAL,
"Invalid serial number syntax (needs more characters).")
if value[2] != '/' or value[5] != '/':
findings.append(validation.ValidationFindingDescription(
self.VALIDATION_INVALID_CHARACTER_SERIAL,
"No backslash found after ISO-3166 country code."
))
if value[0:2] not in organization_id.ISO3166_1_WITH_TRANSNATIONAL_COUNTRY_CODES or value[3:5] not in organization_id.ISO3166_1_WITH_TRANSNATIONAL_COUNTRY_CODES:
findings.append(validation.ValidationFindingDescription(
self.VALIDATION_INVALID_ISO_3166,
"Invalid 3166 ISO Code."
))
return validation.ValidationResult(self, node, findings)
50 changes: 50 additions & 0 deletions ...ficate/etsi/qncp_w_gen_legal_person_eidas_final_certificate/eidas_legal_person_id.crttest
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
-----BEGIN CERTIFICATE-----
MIIIWzCCBkOgAwIBAgIQVZHNRxiZp9LoR1nlajD1DDANBgkqhkiG9w0BAQsFADCB
oTELMAkGA1UEBhMCR1IxNjA0BgNVBAoTLUhFTExFTklDIEVYQ0hBTkdFUyAtIEFU
SEVOUyBTVE9DSyBFWENIQU5HRSBTQTEvMC0GA1UEAxMmQVRIRVggUXVhbGlmaWVk
IFdFQiBDZXJ0aWZpY2F0ZXMgQ0EtRzMxDzANBgNVBAcTBkF0aGVuczEYMBYGA1UE
YRMPVkFURUwtMDk5NzU1MTA4MB4XDTI0MDQxMTE0MTY1NVoXDTI1MDQxMTE0MTY1
NVowggHVMQswCQYDVQQGEwJHUjE2MDQGA1UEChMtSEVMTEVOSUMgRVhDSEFOR0VT
IC0gQVRIRU5TIFNUT0NLIEVYQ0hBTkdFIFNBMYIBDjCCAQoGA1UEYROCAQFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYTEdMBsGA1UEAxMUd2ViZHNzLmF0aGV4Z3JvdXAuZ3IxDzAN
BgNVBAcTBkF0aGVuczETMBEGCysGAQQBgjc8AgEDEwJHUjEYMBYGA1UEBRMPRVMv
QVQvMDI2MzU1NDJZMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALghERHf5FJ0yQHziG1aHOatwVOo
njvIm1kCC8PHDRpZhZW3JbZIy3KBVRlJ+nl7ATw4D210Jrqgi5qnqEqBmlCeTFL1
E/QlHIesmPE5zixRS1s4cwJXmGrguSieHTUMCxp321WpHidpRIew8jy/73d+OKCL
e8Gx/mcZ4FGsJMFizwgqqgIL5nZZZvBEIHpy344OypsvBHFPnhZj2JNoI1z/vWtS
W8ijeeR38fXswKSgF2/gRzc0bUmjXwWeQBPIzXZfOF635a+/HTKN7BGsXFqT/AZn
gYZfUPPLjAd+xx5CMC2JmTahZyff+aTqhUDTKcXZr/gKZPU5mJYY5Oo2fFMCAwEA
AaOCAlYwggJSMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSME
GDAWgBQimSRXBmxWdY7b6315ZZxTNanRkTBEBggrBgEFBQcBAwQ4MDYwCAYGBACO
RgEBMBMGBgQAjkYBBjAJBgcEAI5GAQYDMBUGCCsGAQUFBwsCMAkGBwQAi+xJAQMw
gZcGCCsGAQUFBwEBBIGKMIGHMDgGCCsGAQUFBzABhixodHRwOi8vb2NzcC5hdGhl
eGdyb3VwLmdyL0F0aGV4UXVhbGlmaWVkQ0FHMzBLBggrBgEFBQcwAoY/aHR0cDov
L3JlcG8uYXRoZXhncm91cC5nci9BVEhFWFF1YWxpZmllZFdFQkNlcnRpZmljYXRl
c0NBRzMuY3J0MCUGA1UdIAQeMBwwDwYNKwYBBAGB5VoBA2QBBDAJBgcEAIvsQAEG
ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9jcmwuYXRoZXhncm91cC5nci9BVEhF
WFF1YWxpZmllZFdFQkNlcnRpZmljYXRlc0NBRzMuY3JsMB0GA1UdDgQWBBTTtUYv
oe4AMNQZ8CYtZhxVfi+obTAOBgNVHQ8BAf8EBAMCB4AwewYDVR0RBHQwcoIUd2Vi
ZHNzLmF0aGV4Z3JvdXAuZ3KCGHdlYmRzc21vY2suYXRoZXhncm91cC5ncoIad2Vi
ZHNzLXJweHIxLmluZXQuaGVsZXguZ3KCD2Rzcy5hdGhleG5ldC5ncoITZHNzbW9j
ay5hdGhleG5ldC5ncjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQCZ
eIbhKa9NYMahoRc5Am4WWFuPAb/sxkKHXwZ4SEh+Q4/QKW9qVAiYjyBsujUN5x8o
MstctmlvtRMa2emQprZsNv4rJPKvcCmuD0v4qdfiMzop+u15mAM/rdNzEZeevcLc
x/ljy9oW+WZrMAJEz+vzfSadSPXK8rxztmQhGGa3lrYLyUGgwUP6rXlCp1TS8riZ
XvYQGL7FhG4CDsZVmg8z51mGI2bl28qMCJpo4bnxcqydp4MMIMNbCNEnubxjllo/
ovygai28KaddSMlwCZITUyVcSOQewaQKqDBjpan+MOHgqlPx1Ci/WSDh0gpT082l
0uOaaT8m/s8ywbuL7dDyUwId8J7o3EWdzcZnrbHoarp0qcioNDMy9hQ6cQ99Vx85
paauYUBoF9UBd9FpdyAA8OSc0+AKR1uLnLC69thyQU5xWm/7W74qoNh3FQwJLFKm
Wz6jQnpzfwVtya4V8HsFgHxxOC5w0AZQG6veS7oo7x8dzGk7fMu8D0jos2E6a8tf
bh09GmsV3y4r4WJyI3FsDcKMMY1S0lQStEwbxFFRdg8AzS0X19mkqbdK6t68bTXI
7yb8Byawy4qPMn0siV7uKhm0NzsLriV2hD4gQDVBHJGjyoOaXbmuC8Le9PJDhueB
O6c898SxI7Tg1PvUbu9rcPJX9UZVsKeWSPuwgcg9Fg==
-----END CERTIFICATE-----

node_path,validator,severity,code,message
certificate.tbsCertificate.extensions.6.extnValue.subjectKeyIdentifier,SubjectKeyIdentifierValidator,INFO,pkix.subject_key_identifier_method_1_identified,
51 changes: 51 additions & 0 deletions ...p_w_gen_legal_person_eidas_final_certificate/eidas_legal_person_id_invalid_serial.crttest
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
-----BEGIN CERTIFICATE-----
MIIIUjCCBjqgAwIBAgIQVZHNRxiZp9LoR1nlajD1DDANBgkqhkiG9w0BAQsFADCB
oTELMAkGA1UEBhMCR1IxNjA0BgNVBAoTLUhFTExFTklDIEVYQ0hBTkdFUyAtIEFU
SEVOUyBTVE9DSyBFWENIQU5HRSBTQTEvMC0GA1UEAxMmQVRIRVggUXVhbGlmaWVk
IFdFQiBDZXJ0aWZpY2F0ZXMgQ0EtRzMxDzANBgNVBAcTBkF0aGVuczEYMBYGA1UE
YRMPVkFURUwtMDk5NzU1MTA4MB4XDTI0MDQxMTE0MTY1NVoXDTI1MDQxMTE0MTY1
NVowggHMMQswCQYDVQQGEwJHUjE2MDQGA1UEChMtSEVMTEVOSUMgRVhDSEFOR0VT
IC0gQVRIRU5TIFNUT0NLIEVYQ0hBTkdFIFNBMYIBDjCCAQoGA1UEYROCAQFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYTEdMBsGA1UEAxMUd2ViZHNzLmF0aGV4Z3JvdXAuZ3IxDzAN
BgNVBAcTBkF0aGVuczETMBEGCysGAQQBgjc8AgEDEwJHUjEPMA0GA1UEBRMGWlgt
QVQtMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALghERHf5FJ0yQHziG1aHOatwVOonjvIm1kCC8PH
DRpZhZW3JbZIy3KBVRlJ+nl7ATw4D210Jrqgi5qnqEqBmlCeTFL1E/QlHIesmPE5
zixRS1s4cwJXmGrguSieHTUMCxp321WpHidpRIew8jy/73d+OKCLe8Gx/mcZ4FGs
JMFizwgqqgIL5nZZZvBEIHpy344OypsvBHFPnhZj2JNoI1z/vWtSW8ijeeR38fXs
wKSgF2/gRzc0bUmjXwWeQBPIzXZfOF635a+/HTKN7BGsXFqT/AZngYZfUPPLjAd+
xx5CMC2JmTahZyff+aTqhUDTKcXZr/gKZPU5mJYY5Oo2fFMCAwEAAaOCAlYwggJS
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQimSRX
BmxWdY7b6315ZZxTNanRkTBEBggrBgEFBQcBAwQ4MDYwCAYGBACORgEBMBMGBgQA
jkYBBjAJBgcEAI5GAQYDMBUGCCsGAQUFBwsCMAkGBwQAi+xJAQMwgZcGCCsGAQUF
BwEBBIGKMIGHMDgGCCsGAQUFBzABhixodHRwOi8vb2NzcC5hdGhleGdyb3VwLmdy
L0F0aGV4UXVhbGlmaWVkQ0FHMzBLBggrBgEFBQcwAoY/aHR0cDovL3JlcG8uYXRo
ZXhncm91cC5nci9BVEhFWFF1YWxpZmllZFdFQkNlcnRpZmljYXRlc0NBRzMuY3J0
MCUGA1UdIAQeMBwwDwYNKwYBBAGB5VoBA2QBBDAJBgcEAIvsQAEGME8GA1UdHwRI
MEYwRKBCoECGPmh0dHA6Ly9jcmwuYXRoZXhncm91cC5nci9BVEhFWFF1YWxpZmll
ZFdFQkNlcnRpZmljYXRlc0NBRzMuY3JsMB0GA1UdDgQWBBTTtUYvoe4AMNQZ8CYt
ZhxVfi+obTAOBgNVHQ8BAf8EBAMCB4AwewYDVR0RBHQwcoIUd2ViZHNzLmF0aGV4
Z3JvdXAuZ3KCGHdlYmRzc21vY2suYXRoZXhncm91cC5ncoIad2ViZHNzLXJweHIx
LmluZXQuaGVsZXguZ3KCD2Rzcy5hdGhleG5ldC5ncoITZHNzbW9jay5hdGhleG5l
dC5ncjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUAA4ICAQCZeIbhKa9NYMah
oRc5Am4WWFuPAb/sxkKHXwZ4SEh+Q4/QKW9qVAiYjyBsujUN5x8oMstctmlvtRMa
2emQprZsNv4rJPKvcCmuD0v4qdfiMzop+u15mAM/rdNzEZeevcLcx/ljy9oW+WZr
MAJEz+vzfSadSPXK8rxztmQhGGa3lrYLyUGgwUP6rXlCp1TS8riZXvYQGL7FhG4C
DsZVmg8z51mGI2bl28qMCJpo4bnxcqydp4MMIMNbCNEnubxjllo/ovygai28Kadd
SMlwCZITUyVcSOQewaQKqDBjpan+MOHgqlPx1Ci/WSDh0gpT082l0uOaaT8m/s8y
wbuL7dDyUwId8J7o3EWdzcZnrbHoarp0qcioNDMy9hQ6cQ99Vx85paauYUBoF9UB
d9FpdyAA8OSc0+AKR1uLnLC69thyQU5xWm/7W74qoNh3FQwJLFKmWz6jQnpzfwVt
ya4V8HsFgHxxOC5w0AZQG6veS7oo7x8dzGk7fMu8D0jos2E6a8tfbh09GmsV3y4r
4WJyI3FsDcKMMY1S0lQStEwbxFFRdg8AzS0X19mkqbdK6t68bTXI7yb8Byawy4qP
Mn0siV7uKhm0NzsLriV2hD4gQDVBHJGjyoOaXbmuC8Le9PJDhueBO6c898SxI7Tg
1PvUbu9rcPJX9UZVsKeWSPuwgcg9Fg==
-----END CERTIFICATE-----

node_path,validator,severity,code,message
certificate.tbsCertificate.subject.rdnSequence.6.0.value.x520SerialNumber,NaturalPersonEidasIdentifierValidator,ERROR,etsi.nat_5.1.5-03.invalid-syntax-serial,Invalid serial number syntax (needs more characters).
certificate.tbsCertificate.extensions.6.extnValue.subjectKeyIdentifier,SubjectKeyIdentifierValidator,INFO,pkix.subject_key_identifier_method_1_identified,
53 changes: 53 additions & 0 deletions ...son_eidas_final_certificate/eidas_legal_person_id_valid_length_hyphen_invalid_iso.crttest
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
-----BEGIN CERTIFICATE-----
MIIIVjCCBj6gAwIBAgIQVZHNRxiZp9LoR1nlajD1DDANBgkqhkiG9w0BAQsFADCB
oTELMAkGA1UEBhMCR1IxNjA0BgNVBAoTLUhFTExFTklDIEVYQ0hBTkdFUyAtIEFU
SEVOUyBTVE9DSyBFWENIQU5HRSBTQTEvMC0GA1UEAxMmQVRIRVggUXVhbGlmaWVk
IFdFQiBDZXJ0aWZpY2F0ZXMgQ0EtRzMxDzANBgNVBAcTBkF0aGVuczEYMBYGA1UE
YRMPVkFURUwtMDk5NzU1MTA4MB4XDTI0MDQxMTE0MTY1NVoXDTI1MDQxMTE0MTY1
NVowggHQMQswCQYDVQQGEwJHUjE2MDQGA1UEChMtSEVMTEVOSUMgRVhDSEFOR0VT
IC0gQVRIRU5TIFNUT0NLIEVYQ0hBTkdFIFNBMYIBDjCCAQoGA1UEYROCAQFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFh
YWFhYWFhYWFhYWFhYTEdMBsGA1UEAxMUd2ViZHNzLmF0aGV4Z3JvdXAuZ3IxDzAN
BgNVBAcTBkF0aGVuczETMBEGCysGAQQBgjc8AgEDEwJHUjETMBEGA1UEBRMKWlgt
QVQtVXhhWTEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4IRER3+RSdMkB84htWhzmrcFTqJ47yJtZ
AgvDxw0aWYWVtyW2SMtygVUZSfp5ewE8OA9tdCa6oIuap6hKgZpQnkxS9RP0JRyH
rJjxOc4sUUtbOHMCV5hq4Lkonh01DAsad9tVqR4naUSHsPI8v+93fjigi3vBsf5n
GeBRrCTBYs8IKqoCC+Z2WWbwRCB6ct+ODsqbLwRxT54WY9iTaCNc/71rUlvIo3nk
d/H17MCkoBdv4Ec3NG1Jo18FnkATyM12Xzhet+Wvvx0yjewRrFxak/wGZ4GGX1Dz
y4wHfsceQjAtiZk2oWcn3/mk6oVA0ynF2a/4CmT1OZiWGOTqNnxTAgMBAAGjggJW
MIICUjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU
IpkkVwZsVnWO2+t9eWWcUzWp0ZEwRAYIKwYBBQUHAQMEODA2MAgGBgQAjkYBATAT
BgYEAI5GAQYwCQYHBACORgEGAzAVBggrBgEFBQcLAjAJBgcEAIvsSQEDMIGXBggr
BgEFBQcBAQSBijCBhzA4BggrBgEFBQcwAYYsaHR0cDovL29jc3AuYXRoZXhncm91
cC5nci9BdGhleFF1YWxpZmllZENBRzMwSwYIKwYBBQUHMAKGP2h0dHA6Ly9yZXBv
LmF0aGV4Z3JvdXAuZ3IvQVRIRVhRdWFsaWZpZWRXRUJDZXJ0aWZpY2F0ZXNDQUcz
LmNydDAlBgNVHSAEHjAcMA8GDSsGAQQBgeVaAQNkAQQwCQYHBACL7EABBjBPBgNV
HR8ESDBGMESgQqBAhj5odHRwOi8vY3JsLmF0aGV4Z3JvdXAuZ3IvQVRIRVhRdWFs
aWZpZWRXRUJDZXJ0aWZpY2F0ZXNDQUczLmNybDAdBgNVHQ4EFgQU07VGL6HuADDU
GfAmLWYcVX4vqG0wDgYDVR0PAQH/BAQDAgeAMHsGA1UdEQR0MHKCFHdlYmRzcy5h
dGhleGdyb3VwLmdyghh3ZWJkc3Ntb2NrLmF0aGV4Z3JvdXAuZ3KCGndlYmRzcy1y
cHhyMS5pbmV0LmhlbGV4Lmdygg9kc3MuYXRoZXhuZXQuZ3KCE2Rzc21vY2suYXRo
ZXhuZXQuZ3IwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAmXiG4Smv
TWDGoaEXOQJuFlhbjwG/7MZCh18GeEhIfkOP0ClvalQImI8gbLo1DecfKDLLXLZp
b7UTGtnpkKa2bDb+KyTyr3Aprg9L+KnX4jM6KfrteZgDP63TcxGXnr3C3Mf5Y8va
FvlmazACRM/r830mnUj1yvK8c7ZkIRhmt5a2C8lBoMFD+q15QqdU0vK4mV72EBi+
xYRuAg7GVZoPM+dZhiNm5dvKjAiaaOG58XKsnaeDDCDDWwjRJ7m8Y5ZaP6L8oGot
vCmnXUjJcAmSE1MlXEjkHsGkCqgwY6Wp/jDh4KpT8dQov1kg4dIKU9PNpdLjmmk/
Jv7PMsG7i+3Q8lMCHfCe6NxFnc3GZ62x6Gq6dKnIqDQzMvYUOnEPfVcfOaWmrmFA
aBfVAXfRaXcgAPDknNPgCkdbi5ywuvbYckFOcVpv+1u+KqDYdxUMCSxSpls+o0J6
c38FbcmuFfB7BYB8cTgucNAGUBur3ku6KO8fHcxpO3zLvA9I6LNhOmvLX24dPRpr
Fd8uK+FiciNxbA3CjDGNUtJUErRMG8RRUXYPAM0tF9fZpKm3SurevG01yO8m/Acm
sMuKjzJ9LIle7ioZtDc7C64ldoQ+IEA1QRyRo8qDml25rgvC3vTyQ4bngTunPPfE
sSO04NT71G7va3DyV/VGVbCnlkj7sIHIPRY=
-----END CERTIFICATE-----

node_path,validator,severity,code,message
certificate.tbsCertificate.subject.rdnSequence.6.0.value.x520SerialNumber,NaturalPersonEidasIdentifierValidator,ERROR,etsi.nat_5.1.5-03.invalid-character-serial,No backslash found after ISO-3166 country code.
certificate.tbsCertificate.subject.rdnSequence.6.0.value.x520SerialNumber,NaturalPersonEidasIdentifierValidator,ERROR,etsi.nat_5.1.5-03.invalid-iso-3166,Invalid 3166 ISO Code.
certificate.tbsCertificate.extensions.6.extnValue.subjectKeyIdentifier,SubjectKeyIdentifierValidator,INFO,pkix.subject_key_identifier_method_1_identified,

0 comments on commit 3d24cb1

Please sign in to comment.