spiffe
/
java-spiffe
mirror of https://github.com/spiffe/java-spiffe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Amending names and comments 

Signed-off-by: Max Lambrecht <maxlambrecht@gmail.com>
This commit is contained in:
Max Lambrecht 2020-04-27 06:47:28 -03:00
parent 571dd3c5d4
commit 96b27c8277
24 changed files with 70 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
java-spiffe-core/src/main/java/spiffe/bundle/jwtbundle/JwtBundle.java
View File

@ -30,10 +30,10 @@ public class JwtBundle implements JwtBundleSource {
* Creates a new bundle from JWT public keys.
*
* @param trustDomain a {@link TrustDomain} to associate to the JwtBundle
* @param jwtKeys a Map of public Keys
* @param jwtAuthorities a Map of public Keys
* @return a new {@link JwtBundle}.
*/
public static JwtBundle fromJWTKeys(@NonNull TrustDomain trustDomain, Map<String, PublicKey> jwtKeys) {
public static JwtBundle fromJWTAuthorities(@NonNull TrustDomain trustDomain, Map<String, PublicKey> jwtAuthorities) {
throw new NotImplementedException("Not implemented");
}
@ -87,14 +87,7 @@ public class JwtBundle implements JwtBundleSource {
* @param keyId the Key ID
* @return an {@link Optional} containing a {@link PublicKey}.
*/
public Optional<PublicKey> findJwtKey(String keyId) {
public Optional<PublicKey> findJwtAuthority(String keyId) {
throw new NotImplementedException("Not implemented");
}
/**
* Returns the trust domain that the bundle belongs to.
*/
public TrustDomain getTrustDomain() {
return trustDomain;
}
}

16
java-spiffe-core/src/main/java/spiffe/bundle/x509bundle/X509Bundle.java
View File

@ -30,11 +30,11 @@ public class X509Bundle implements X509BundleSource {
}
/**
* Loads a X509 bundle from a file on disk.
* Loads a X.509 bundle from a file on disk.
*
* @param trustDomain a {@link TrustDomain} to associate to the bundle
* @param bundlePath a path to the file that has the X509 authorities
* @return an instance of {@link X509Bundle} with the X509 authorities
* @param bundlePath a path to the file that has the X.509 authorities
* @return an instance of {@link X509Bundle} with the X.509 authorities
* associated to the trust domain.
*
* @throws IOException in case of failure accessing the given bundle path
@ -50,10 +50,10 @@ public class X509Bundle implements X509BundleSource {
/**
* Parses a X095 bundle from an array of bytes.
*
* @param trustDomain a {@link TrustDomain} to associate to the X509 bundle
* @param bundleBytes an array of bytes that represents the X509 authorities
* @param trustDomain a {@link TrustDomain} to associate to the X.509 bundle
* @param bundleBytes an array of bytes that represents the X.509 authorities
*
* @return an instance of {@link X509Bundle} with the X509 authorities
* @return an instance of {@link X509Bundle} with the X.509 authorities
* associated to the given trust domain
*
* @throws CertificateException if the bundle cannot be parsed
@ -65,12 +65,12 @@ public class X509Bundle implements X509BundleSource {
}
/**
* Returns the X509 bundle associated to the trust domain.
* Returns the X.509 bundle associated to the trust domain.
*
* @param trustDomain an instance of a {@link TrustDomain}
* @return the {@link X509Bundle} associated to the given trust domain
*
* @throws BundleNotFoundException if no X509 bundle can be found for the given trust domain
* @throws BundleNotFoundException if no X.509 bundle can be found for the given trust domain
*/
@Override
public X509Bundle getX509BundleForTrustDomain(TrustDomain trustDomain) throws BundleNotFoundException {

6
java-spiffe-core/src/main/java/spiffe/bundle/x509bundle/X509BundleSet.java
View File

@ -9,7 +9,7 @@ import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
/**
* A <code>X509BundleSet</code> represents a set of X509 bundles keyed by trust domain.
* A <code>X509BundleSet</code> represents a set of X.509 bundles keyed by trust domain.
*/
@Value
public class X509BundleSet implements X509BundleSource {
@ -21,7 +21,7 @@ public class X509BundleSet implements X509BundleSource {
}
/**
* Creates a new X509 bundle set from a list of X509 bundles.
* Creates a new X.509 bundle set from a list of X.509 bundles.
*
* @param bundles a list of {@link X509Bundle}
* @return a {@link X509BundleSet} initialized with the list of bundles
@ -45,7 +45,7 @@ public class X509BundleSet implements X509BundleSource {
}
/**
* Returns the X509 bundle associated to the trust domain.
* Returns the X.509 bundle associated to the trust domain.
*
* @param trustDomain an instance of a {@link TrustDomain}
* @return the {@link X509Bundle} associated to the given trust domain

4
java-spiffe-core/src/main/java/spiffe/bundle/x509bundle/X509BundleSource.java
View File

@ -6,12 +6,12 @@ import spiffe.exception.BundleNotFoundException;
import spiffe.spiffeid.TrustDomain;
/**
* A <code>X509BundleSource</code> represents a source of X509 bundles keyed by trust domain.
* A <code>X509BundleSource</code> represents a source of X.509 bundles keyed by trust domain.
*/
public interface X509BundleSource {
/**
* Returns the X509 bundle associated to the given trust domain.
* Returns the X.509 bundle associated to the given trust domain.
*
* @param trustDomain an instance of a {@link TrustDomain}
* @return the {@link X509Bundle} for the given trust domain

2
java-spiffe-core/src/main/java/spiffe/exception/X509SourceException.java
View File

@ -1,7 +1,7 @@
package spiffe.exception;
/**
* Unchecked thrown when there is an error creating or initializing a X509 source
* Unchecked thrown when there is an error creating or initializing a X.509 source
*/
public class X509SourceException extends RuntimeException {
public X509SourceException(String message) {

2
java-spiffe-core/src/main/java/spiffe/exception/X509SvidException.java
View File

@ -2,7 +2,7 @@ package spiffe.exception;
/**
* Checked exception thrown when there is an error parsing
* the components of an X509 SVID.
* the components of an X.509 SVID.
*/
public class X509SvidException extends Exception {

8
java-spiffe-core/src/main/java/spiffe/internal/CertificateUtils.java
View File

@ -31,9 +31,9 @@ public class CertificateUtils {
private static final String X509_CERTIFICATE_TYPE = "X.509";
/**
* Generate a list of X509 certificates from a byte array.
* Generate a list of X.509 certificates from a byte array.
*
* @param input as byte array representing a list of X509 certificates, as a DER or PEM
* @param input as byte array representing a list of X.509 certificates, as a DER or PEM
* @return a List of {@link X509Certificate}
*/
public static List<X509Certificate> generateCertificates(byte[] input) throws CertificateException {
@ -86,7 +86,7 @@ public class CertificateUtils {
}
/**
* Extracts the SPIFE ID from a X509 certificate.
* Extracts the SPIFE ID from a X.509 certificate.
* <p>
* It iterates over the list of SubjectAlternativesNames, read each entry, takes the value from the index
* defined in SAN_VALUE_INDEX and filters the entries that starts with the SPIFFE_PREFIX and returns the first.
@ -153,7 +153,7 @@ public class CertificateUtils {
return CertPathValidator.getInstance(PUBLIC_KEY_INFRASTRUCTURE_ALGORITHM);
}
// Get the X509 Certificate Factory
// Get the X.509 Certificate Factory
private static CertificateFactory getCertificateFactory() throws CertificateException {
return CertificateFactory.getInstance(X509_CERTIFICATE_TYPE);
}

16
java-spiffe-core/src/main/java/spiffe/svid/x509svid/X509Svid.java
View File

@ -18,9 +18,9 @@ import java.security.spec.InvalidKeySpecException;
import java.util.List;
/**
* A <code>X509Svid</code> represents a SPIFFE X509 SVID.
* A <code>X509Svid</code> represents a SPIFFE X.509 SVID.
* <p>
* Contains a SPIFFE ID, a private key and a chain of X509 certificates.
* Contains a SPIFFE ID, a private key and a chain of X.509 certificates.
*/
@Value
public class X509Svid {
@ -28,9 +28,9 @@ public class X509Svid {
SpiffeId spiffeId;
/**
* The X.509 certificates of the X509-SVID. The leaf certificate is
* the X509-SVID certificate. Any remaining certificates (if any) chain
* the X509-SVID certificate back to a X509 root for the trust domain.
* The X.509 certificates of the X.509-SVID. The leaf certificate is
* the X.509-SVID certificate. Any remaining certificates (if any) chain
* the X.509-SVID certificate back to a X.509 root for the trust domain.
*/
List<X509Certificate> chain;
@ -46,9 +46,9 @@ public class X509Svid {
}
/**
* Loads the X509 SVID from PEM encoded files on disk.
* Loads the X.509 SVID from PEM encoded files on disk.
*
* @param certsFilePath path to X509 certificate chain file
* @param certsFilePath path to X.509 certificate chain file
* @param privateKeyFilePath path to private key file
* @return an instance of {@link X509Svid}
*
@ -67,7 +67,7 @@ public class X509Svid {
}
/**
* Parses the X509 SVID from PEM or DER blocks containing certificate chain and key
* Parses the X.509 SVID from PEM or DER blocks containing certificate chain and key
* bytes. The key must be a PEM or DER block with PKCS#8.
*
* @param certsBytes chain of certificates as a byte array

4
java-spiffe-core/src/main/java/spiffe/svid/x509svid/X509SvidSource.java
View File

@ -1,12 +1,12 @@
package spiffe.svid.x509svid;
/**
* A <code>X509SvidSource</code> represents a source of X509 SVIDs.
* A <code>X509SvidSource</code> represents a source of X.509 SVIDs.
*/
public interface X509SvidSource {
/**
* Returns the X509 SVID in the source.
* Returns the X.509 SVID in the source.
*
* @return an instance of a {@link X509Svid}
*/

12
java-spiffe-core/src/main/java/spiffe/svid/x509svid/X509SvidValidator.java
View File

@ -18,17 +18,17 @@ import java.util.function.Supplier;
/**
* A <code>X509SvidValidator</code> provides methods to validate
* a chain of X509 certificates using an X509 bundle source.
* a chain of X.509 certificates using an X.509 bundle source.
*/
public class X509SvidValidator {
/**
* Verifies that a chain of certificates can be chained to one authority in the given X509 bundle source.
* Verifies that a chain of certificates can be chained to one authority in the given X.509 bundle source.
*
* @param chain a list representing the chain of X509 certificates to be validated
* @param chain a list representing the chain of X.509 certificates to be validated
* @param x509BundleSource a {@link X509BundleSource } to provide the authorities
*
* @throws CertificateException is the chain cannot be verified with an authority from the X509 bundle source
* @throws CertificateException is the chain cannot be verified with an authority from the X.509 bundle source
* @throws NullPointerException if the given chain or 509BundleSource are null
*/
public static void verifyChain(
@ -44,7 +44,7 @@ public class X509SvidValidator {
}
/**
* Checks that the X509 SVID provided has a SPIFFE ID that is in the list of accepted SPIFFE IDs supplied.
* Checks that the X.509 SVID provided has a SPIFFE ID that is in the list of accepted SPIFFE IDs supplied.
*
* @param x509Certificate a {@link X509Svid} with a SPIFFE ID to be verified
* @param acceptedSpiffedIdsSupplier a {@link Supplier} of a list os SPIFFE IDs that are accepted
@ -59,7 +59,7 @@ public class X509SvidValidator {
val spiffeIdList = acceptedSpiffedIdsSupplier.get();
val spiffeId = CertificateUtils.getSpiffeId(x509Certificate);
if (!spiffeIdList.contains(spiffeId)) {
throw new CertificateException(String.format("SPIFFE ID %s in x509Certificate is not accepted", spiffeId));
throw new CertificateException(String.format("SPIFFE ID %s in X.509 certificate is not accepted", spiffeId));
}
}

8
java-spiffe-core/src/main/java/spiffe/workloadapi/WorkloadApiClient.java
View File

@ -35,7 +35,7 @@ import static spiffe.workloadapi.internal.Workload.X509SVIDResponse;
/**
* A <code>WorkloadApiClient</code> represents a client to interact with the Workload API.
* Supports one-shot calls and watch updates for X509 and JWT SVIDS and bundles.
* Supports one-shot calls and watch updates for X.509 and JWT SVIDS and bundles.
*/
@Log
public class WorkloadApiClient implements Closeable {
@ -94,9 +94,9 @@ public class WorkloadApiClient implements Closeable {
}
/**
* One-shot blocking fetch call to get an X509 context.
* One-shot blocking fetch call to get an X.509 context.
*
* @throws X509ContextException if there is an error fetching or processing the X509 context
* @throws X509ContextException if there is an error fetching or processing the X.509 context
*/
public X509Context fetchX509Context() {
Context.CancellableContext cancellableContext;
@ -113,7 +113,7 @@ public class WorkloadApiClient implements Closeable {
}
/**
* Watches for X509 context updates.
* Watches for X.509 context updates.
*
* @param watcher an instance that implements a {@link Watcher}.
*/

2
java-spiffe-core/src/main/java/spiffe/workloadapi/X509Context.java
View File

@ -8,7 +8,7 @@ import spiffe.svid.x509svid.X509Svid;
import java.util.List;
/**
* A <code>X509Context</code> represents the X509 materials that are fetched from the Workload API.
* A <code>X509Context</code> represents the X.509 materials that are fetched from the Workload API.
* <p>
* Contains a list of {@link X509Svid} and a {@link X509BundleSet}.
*/

14
java-spiffe-core/src/main/java/spiffe/workloadapi/X509Source.java
View File

@ -22,7 +22,7 @@ import java.util.function.Function;
import java.util.logging.Level;
/**
* A <code>X509Source</code> represents a source of X509 SVIDs and X509 bundles maintained via the
* A <code>X509Source</code> represents a source of X.509 SVIDs and X.509 bundles maintained via the
* Workload API.
* <p>
* It handles a {@link X509Svid} and a {@link X509BundleSet} that are updated automatically
@ -45,12 +45,12 @@ public class X509Source implements X509SvidSource, X509BundleSource, Closeable {
private volatile boolean closed;
/**
* Creates a new X509 source. It blocks until the initial update
* Creates a new X.509 source. It blocks until the initial update
* has been received from the Workload API.
* <p>
* It uses the default address socket endpoint from the environment variable to get the Workload API address.
* <p>
* It uses the default X509 SVID.
* It uses the default X.509 SVID.
*
* @return an instance of {@link X509Source}, with the svid and bundles initialized
*
@ -63,7 +63,7 @@ public class X509Source implements X509SvidSource, X509BundleSource, Closeable {
}
/**
* Creates a new X509 source. It blocks until the initial update
* Creates a new X.509 source. It blocks until the initial update
* has been received from the Workload API.
* <p>
* The {@link WorkloadApiClient} can be provided in the options, if it is not,
@ -95,7 +95,7 @@ public class X509Source implements X509SvidSource, X509BundleSource, Closeable {
}
/**
* Returns the X509 SVID handled by this source.
* Returns the X.509 SVID handled by this source.
*
* @return a {@link X509Svid}
* @throws IllegalStateException if the source is closed
@ -109,7 +109,7 @@ public class X509Source implements X509SvidSource, X509BundleSource, Closeable {
}
/**
* Returns the X509 bundle for a given trust domain.
* Returns the X.509 bundle for a given trust domain.
*
* @return an instance of a {@link X509Bundle}
*
@ -201,7 +201,7 @@ public class X509Source implements X509SvidSource, X509BundleSource, Closeable {
String spiffeSocketPath;
/**
* Function to choose the X509 SVID from the list returned by the Workload API
* Function to choose the X.509 SVID from the list returned by the Workload API
* If it is not set, the default svid is picked.
*/
Function<List<X509Svid>, X509Svid> picker;

2
java-spiffe-core/src/test/java/spiffe/svid/x509svid/X509SvidValidatorTest.java
View File

@ -81,7 +81,7 @@ public class X509SvidValidatorTest {
X509SvidValidator.verifySpiffeId(x509Certificate.get(0), () -> spiffeIdList);
fail("Should have thrown CertificateException");
} catch (CertificateException e) {
assertEquals("SPIFFE ID spiffe://example.org/test in x509Certificate is not accepted", e.getMessage());
assertEquals("SPIFFE ID spiffe://example.org/test in X.509 certificate is not accepted", e.getMessage());
}
}
}

4
java-spiffe-helper/src/main/java/spiffe/helper/KeyStore.java
View File

@ -16,7 +16,7 @@ import java.security.cert.CertificateException;
/**
* Represents a Java KeyStore, provides some functions
* to store a private key, a X509 certificate chain, and X509 bundles.
* to store a private key, a X.509 certificate chain, and X.509 bundles.
* Package private, to be used by the KeyStoreHelper.
*/
class KeyStore {
@ -64,7 +64,7 @@ class KeyStore {
/**
* Store a private key and X509 certificate chain in a Java KeyStore
* Store a private key and X.509 certificate chain in a Java KeyStore
*
* @param privateKeyEntry contains the alias, privateKey, chain, privateKey password
*/

4
java-spiffe-helper/src/main/java/spiffe/helper/KeyStoreHelper.java
View File

@ -18,7 +18,7 @@ import java.util.concurrent.CountDownLatch;
import java.util.logging.Level;
/**
* A <code>KeyStoreHelper</code> represents a helper for storing X509 SVIDs and bundles,
* A <code>KeyStoreHelper</code> represents a helper for storing X.509 SVIDs and bundles,
* that are automatically rotated via the Workload API, in a Java KeyStore in a file in disk.
*/
@Log
@ -32,7 +32,7 @@ public class KeyStoreHelper {
private final String spiffeSocketPath;
/**
* Create an instance of a KeyStoreHelper for fetching X509 SVIDs and bundles
* Create an instance of a KeyStoreHelper for fetching X.509 SVIDs and bundles
* from a Workload API and store them in a binary Java KeyStore in disk.
* <p>
* It blocks until the initial update has been received from the Workload API.

4
java-spiffe-provider/src/main/java/spiffe/provider/SpiffeKeyManager.java
View File

@ -16,9 +16,9 @@ import java.util.Objects;
import static spiffe.provider.SpiffeProviderConstants.DEFAULT_ALIAS;
/**
* A <code>SpiffeKeyManager</code> represents a X509 key manager for the SPIFFE provider.
* A <code>SpiffeKeyManager</code> represents a X.509 key manager for the SPIFFE provider.
* <p>
* Provides the chain of X509 certificates and the private key.
* Provides the chain of X.509 certificates and the private key.
*/
public final class SpiffeKeyManager extends X509ExtendedKeyManager {

4
java-spiffe-provider/src/main/java/spiffe/provider/SpiffeKeyManagerFactory.java
View File

@ -13,7 +13,7 @@ import java.security.KeyStore;
* to create a {@link KeyManager} that backed by the Workload API.
* <p>
* The JSSE API will call engineGetKeyManagers() to get an instance of a KeyManager. This KeyManager
* instance is injected with a {@link spiffe.workloadapi.X509Source} to obtain the latest X509 SVIDs.
* instance is injected with a {@link spiffe.workloadapi.X509Source} to obtain the latest X.509 SVIDs.
*
* @see SpiffeSslContextFactory
* @see X509SvidSource
@ -33,7 +33,7 @@ public final class SpiffeKeyManagerFactory extends KeyManagerFactorySpi {
}
/**
* This method creates a KeyManager and initializes with the given X509 SVID source.
* This method creates a KeyManager and initializes with the given X.509 SVID source.
*
* @param x509SvidSource an instance of a {@link X509SvidSource}
* @return an array with an instance of a {@link KeyManager}

4
java-spiffe-provider/src/main/java/spiffe/provider/SpiffeProvider.java
View File

@ -9,9 +9,9 @@ import static spiffe.provider.SpiffeProviderConstants.PROVIDER_NAME;
* A <code>SpiffeProvider</code> represents a Security Provider for the Java Security API.
* <p>
* It uses a custom implementation of KeyStore and TrustStore Managers that support
* SPIFFE X509-SVID and Bundle retrieval from the Workload API and SPIFFE ID validation.
* SPIFFE X.509-SVID and Bundle retrieval from the Workload API and SPIFFE ID validation.
* <p>
* It registers a KeyManagerFactory for creating a KeyManager that handles an X509-SVID Certificate to
* It registers a KeyManagerFactory for creating a KeyManager that handles an X.509-SVID Certificate to
* probe identity. It also registers a TrustManagerFactory for creating a TrustManager for trust chain
* and SPIFFE ID validation.
* <p>

4
java-spiffe-provider/src/main/java/spiffe/provider/SpiffeTrustManager.java
View File

@ -14,7 +14,7 @@ import java.util.List;
import java.util.function.Supplier;
/**
* A <code>SpiffeTrustManager</code> is an implementation of a X509 TrustManager for the SPIFFE Provider.
* A <code>SpiffeTrustManager</code> is an implementation of a X.509 TrustManager for the SPIFFE Provider.
* <p>
* Provides methods to validate the certificate chain using Trusted certs provided by a {@link X509BundleSource}
* maintained via the Workload API and the SPIFFE ID using a Supplier of a List of accepted SPIFFE IDs.
@ -25,7 +25,7 @@ public final class SpiffeTrustManager extends X509ExtendedTrustManager {
private final Supplier<List<SpiffeId>> acceptedSpiffeIdsSupplier;
/**
* Creates a SpiffeTrustManager with a X509 bundle source used to provide the trusted
* Creates a SpiffeTrustManager with a X.509 bundle source used to provide the trusted
* bundles, and a Supplier of a List of accepted SpiffeIds to be used during peer SVID validation.
*
* @param x509BundleSource an implementation of a {@link X509BundleSource}

2
java-spiffe-provider/src/main/java/spiffe/provider/SpiffeTrustManagerFactory.java
View File

@ -70,7 +70,7 @@ public class SpiffeTrustManagerFactory extends TrustManagerFactorySpi {
* with a function verify a chain of certificates using a to validate the SPIFFE IDs
* of the peer's certificates, and a supplier of accepted SPIFFE IDs.
*
* @param x509BundleSource a {@link X509BundleSource} to provide the X509-Bundles
* @param x509BundleSource a {@link X509BundleSource} to provide the X.509-Bundles
* @param acceptedSpiffeIdsSupplier a Supplier to provide a List of SPIFFE IDs that are accepted
* @return a TrustManager array with an initialized TrustManager.
*/

4
java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsClient.java
View File

@ -23,11 +23,11 @@ import java.util.stream.Collectors;
import java.util.stream.Stream;
/**
* Example of a simple HTTPS Client backed by the Workload API to get the X509 Certificates
* Example of a simple HTTPS Client backed by the Workload API to get the X.509 Certificates
* and trusted cert bundles.
* <p>
* The purpose of this class is to show the use of the {@link SpiffeSslContextFactory} to create
* a {@link SSLContext} that uses X509-SVID provided by a Workload API. The SSLContext uses the
* a {@link SSLContext} that uses X.509-SVID provided by a Workload API. The SSLContext uses the
* {@link spiffe.provider.SpiffeKeyManager} and {@link spiffe.provider.SpiffeTrustManager} for
* providing certificates and doing chain and SPIFFE ID validation.
*/

4
java-spiffe-provider/src/main/java/spiffe/provider/examples/HttpsServer.java
View File

@ -15,11 +15,11 @@ import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
/**
* Example of a simple HTTPS Server backed by the Workload API to get the X509 certificates
* Example of a simple HTTPS Server backed by the Workload API to get the X.509 certificates
* and trusted bundles.
* <p>
* The purpose of this class is to show the use of the {@link SpiffeSslContextFactory} to create
* a {@link SSLContext} that uses X509-SVID provided by a Workload API. The SSLContext uses the
* a {@link SSLContext} that uses X.509-SVID provided by a Workload API. The SSLContext uses the
* {@link spiffe.provider.SpiffeKeyManager} and {@link spiffe.provider.SpiffeTrustManager} for
* providing certificates and doing chain and SPIFFE ID validation.
* To run this example, Spire should be running, SPIFFE_ENDPOINT_SOCKET env variable should be

4
java-spiffe-provider/src/test/java/spiffe/provider/SpiffeTrustManagerTest.java
View File

@ -99,7 +99,7 @@ public class SpiffeTrustManagerTest {
trustManager.checkClientTrusted(chain, "");
fail("CertificateException was expected");
} catch (CertificateException e) {
assertEquals("SPIFFE ID spiffe://example.org/test in x509Certificate is not accepted", e.getMessage());
assertEquals("SPIFFE ID spiffe://example.org/test in X.509 certificate is not accepted", e.getMessage());
}
}
@ -159,7 +159,7 @@ public class SpiffeTrustManagerTest {
trustManager.checkServerTrusted(chain, "");
fail("CertificateException was expected");
} catch (CertificateException e) {
assertEquals("SPIFFE ID spiffe://example.org/test in x509Certificate is not accepted", e.getMessage());
assertEquals("SPIFFE ID spiffe://example.org/test in X.509 certificate is not accepted", e.getMessage());
}
}