Skip to content

test: convert more tests to use the new X509 acquisition process#1993

Merged
istankovic merged 9 commits intomainfrom
x509-part-8
Mar 31, 2026
Merged

test: convert more tests to use the new X509 acquisition process#1993
istankovic merged 9 commits intomainfrom
x509-part-8

Conversation

@istankovic
Copy link
Copy Markdown
Member

@istankovic istankovic commented Mar 30, 2026

This only leaves should_fail_when_certificate_path_doesnt_contain_trust_anchor, which requires changes to PkiEnviroment (we need to be able to configure trust anchors).

@istankovic istankovic requested a review from a team March 30, 2026 14:27
@istankovic
chore: e2e-identity: add a little util to generate a keypair given a …
99ebae0 
…JWS algorithm
@istankovic
chore: e2e-identity: add a utility to obtain a JWK public key from a …
71bdd7d 
…PEM keypair
@istankovic
chore: e2e-identity: use newly added helpers to simplify X509Credenti…
325e270 
…alAcquisition::try_new
@istankovic
test: e2e-identity: run x509_cert_acquisition_works for all cert key …
a6d7c0d 
…types

Here we're removing the check for matching public key bytes because
it only worked for P256, and we want it to work for all key types and,
importantly, to be an integral part of the acquisition process such
that it is not possible to obtain a certificate if the public key bytes
do not match.
@istankovic
test: e2e-identity: remove the old enrollment tests
a9790ec
@istankovic
test: e2e-identity: remove the old enrollment demo
23c22c1 
We don't actually need it and we're going to revisit the flow
documentation anyway, probably moving it to the CoreCrypto book.
@istankovic
doc: README: remove the E2EI demo regeneration step of the release pr…
606f9a3 
…ocess

We don't have the demo anymore.
@istankovic
test: e2e-identity: make sure step-ca containers use unique (host)names
a9bdfd4 
One day we will spawn only one step-ca instance, but that day has not
come yet.
@istankovic
test: e2e-identity: use unique user and device IDs in every test case
e2840eb 
Otherwise we run into race conditions with parallel tests and a single
test-wire-server process.
typfel
typfel reviewed Mar 31, 2026
View reviewed changes
@istankovic istankovic merged commit e2840eb into main Mar 31, 2026
55 checks passed
@istankovic istankovic deleted the x509-part-8 branch March 31, 2026 09:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@typfel typfel typfel approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@istankovic @typfel