From c7b4764a45fe360a15c513d0e8743a2b657b9873 Mon Sep 17 00:00:00 2001 From: Prarthona Paul Date: Mon, 19 Aug 2024 09:41:39 -0400 Subject: [PATCH] Fixes to ELY-2756 Add tests to the elytron test suite to test to test OCSP with revoked and unknown certificates --- .../security/ssl/SSLAuthenticationTest.java | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/tests/base/src/test/java/org/wildfly/security/ssl/SSLAuthenticationTest.java b/tests/base/src/test/java/org/wildfly/security/ssl/SSLAuthenticationTest.java index 2e8458ada4..b100551404 100644 --- a/tests/base/src/test/java/org/wildfly/security/ssl/SSLAuthenticationTest.java +++ b/tests/base/src/test/java/org/wildfly/security/ssl/SSLAuthenticationTest.java @@ -719,12 +719,14 @@ public void testOcspGood() throws Throwable { @Test public void testOcspRevoked() throws Throwable { + DefinedCAIdentity ca = caGenerationTool.getDefinedCAIdentity(Identity.CA); + DefinedIdentity scarab = caGenerationTool.getDefinedIdentity(Identity.SCARAB); SSLContext serverContext = new SSLContextBuilder() - .setSecurityDomain(getKeyStoreBackedSecurityDomain("/jks/beetles.keystore")) - .setKeyManager(getKeyManager("/jks/scarab.keystore")) + .setSecurityDomain(getKeyStoreBackedSecurityDomain(caGenerationTool.getBeetlesKeyStore())) + .setKeyManager(scarab.createKeyManager()) .setTrustManager(X509RevocationTrustManager.builder() .setTrustManagerFactory(getTrustManagerFactory()) - .setTrustStore(createKeyStore("/jks/ca.truststore")) + .setTrustStore(ca.loadKeyStore()) .setOcspResponderCert(ocspResponderCertificate) .build()) .setNeedClientAuth(true) @@ -736,12 +738,14 @@ public void testOcspRevoked() throws Throwable { @Test public void testOcspUnknown() throws Throwable { + DefinedCAIdentity ca = caGenerationTool.getDefinedCAIdentity(Identity.CA); + DefinedIdentity scarab = caGenerationTool.getDefinedIdentity(Identity.SCARAB); SSLContext serverContext = new SSLContextBuilder() - .setSecurityDomain(getKeyStoreBackedSecurityDomain("/jks/beetles.keystore")) - .setKeyManager(getKeyManager("/jks/scarab.keystore")) + .setSecurityDomain(getKeyStoreBackedSecurityDomain(caGenerationTool.getBeetlesKeyStore())) + .setKeyManager(scarab.createKeyManager()) .setTrustManager(X509RevocationTrustManager.builder() .setTrustManagerFactory(getTrustManagerFactory()) - .setTrustStore(createKeyStore("/jks/ca.truststore")) + .setTrustStore(ca.loadKeyStore()) .setOcspResponderCert(ocspResponderCertificate) .build()) .setNeedClientAuth(true)