[jboss-jira] [JBoss JIRA] (ELY-1680) IBM, failing KeyStoreSuiteChild.testGetCertificateChainBinary
Farah Juma (Jira)
issues at jboss.org
Fri Oct 12 16:49:00 EDT 2018
[ https://issues.jboss.org/browse/ELY-1680?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13647623#comment-13647623 ]
Farah Juma edited comment on ELY-1680 at 10/12/18 4:48 PM:
-----------------------------------------------------------
[~jondruse] Do you have the commands you used to generate the {{firefly_binary}} entry in this test LDIF file:
https://github.com/wildfly-security/wildfly-elytron/pull/1163/files#diff-7e6d0690f321125d4671a5a612efb74fR165
I'm trying to look into why {{KeyStoreSuiteChild#testGetCertificateChain}} passes on IBM JDK but {{KeyStoreSuiteChild#testGetCertificateChainBinary}} fails. In particular, with IBM JDK, the certificate chain seems to be in the wrong order. So this may have something to do with the way the {{userSMIMECertificate;binary}} entry in the LDIF file was specified.
was (Author: fjuma):
[~jondruse] Do you have the commands you used to generate the {{firefly_binary}} entry in this test LDIF file:
https://github.com/wildfly-security/wildfly-elytron/pull/1163/files#diff-7e6d0690f321125d4671a5a612efb74fR165
I'm trying to look into why {{KeyStoreSuiteChild#testGetCertificateChain}} passes on IBM JDK but {{KeyStoreSuiteChild#testGetCertificateChainBinary}} fails.
> IBM, failing KeyStoreSuiteChild.testGetCertificateChainBinary
> -------------------------------------------------------------
>
> Key: ELY-1680
> URL: https://issues.jboss.org/browse/ELY-1680
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Testsuite
> Affects Versions: 1.6.1.Final
> Reporter: Martin Choma
> Priority: Major
> Fix For: 1.7.0.CR3
>
>
> {code}
> [ERROR] testGetCertificateChainBinary(org.wildfly.security.ldap.KeyStoreSuiteChild) Time elapsed: 0.057 s <<< FAILURE!
> org.junit.ComparisonFailure: expected:<CN=[firefly_binary], OU=Elytron, O=Elyt...> but was:<CN=[localhost], OU=Elytron, O=Elyt...>
> at org.wildfly.security.ldap.KeyStoreSuiteChild.testGetCertificateChainBinary(KeyStoreSuiteChild.java:136)
> at org.wildfly.security.ldap.DirContextFactoryRule$1.evaluate(DirContextFactoryRule.java:218)
> {code}
> If I switch order of certificates in chain, then test passes.
> {code}
> diff --git a/src/test/java/org/wildfly/security/ldap/KeyStoreSuiteChild.java b/src/test/java/org/wildfly/security/ldap/KeyStoreSuiteChild.java
> index d8095867a..cda635beb 100644
> --- a/src/test/java/org/wildfly/security/ldap/KeyStoreSuiteChild.java
> +++ b/src/test/java/org/wildfly/security/ldap/KeyStoreSuiteChild.java
> @@ -133,8 +133,8 @@ public class KeyStoreSuiteChild {
> Certificate[] chain = keyStore.getCertificateChain("firefly_binary");
> Assert.assertNotNull(chain);
> Assert.assertEquals(2, chain.length);
> - Assert.assertEquals("CN=firefly_binary, OU=Elytron, O=Elytron, L=Elytron, ST=Elytron, C=UK", ((X509Certificate)chain[0]).getSubjectDN().toString());
> - Assert.assertEquals("CN=localhost, OU=Elytron, O=Elytron, L=Elytron, ST=Elytron, C=UK", ((X509Certificate)chain[1]).getSubjectDN().toString());
> + Assert.assertEquals("CN=firefly_binary, OU=Elytron, O=Elytron, L=Elytron, ST=Elytron, C=UK", ((X509Certificate)chain[1]).getSubjectDN().toString());
> + Assert.assertEquals("CN=localhost, OU=Elytron, O=Elytron, L=Elytron, ST=Elytron, C=UK", ((X509Certificate)chain[0]).getSubjectDN().toString());
> }
> {code}
> -For some reason I want able to debug code with -Dmaven.surefire.debug (Breakpoint was never hit) to find out which calls switch the order.-
> It takes long (5min) for debugger to attach to code.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list