[ruby/openssl] test_pkcs7.rb: skip AWS-LC's unsupported features

1. AWS-LC has no support for SMIME with PKCS7. That may change in the near future, so I've marked that with "pend" for now. 2. AWS-LC doesn't support printing of PKCS7 contents with PKCS7_print_ctx. 3. OpenSSL traditionally used indefinite-length encoding with ASN1_TFLG_NDEF in its implementation for PKCS7 EncryptedContent. AWS-LC uses explicit OCTET STRING headers to encode instead, which leads to a slight difference in serialized ASN1 contents from the two libraries. https://github.com/ruby/openssl/commit/78c585a9c2
2025-02-12 01:38:05 +00:00 · 2025-02-12 01:38:05 +00:00 · 6263d0d16b
commit 6263d0d16b
parent b995eee811
1 changed files with 10 additions and 1 deletions
--- a/test/openssl/test_pkcs7.rb
+++ b/test/openssl/test_pkcs7.rb
@ -239,6 +239,8 @@ END
  end

  def test_smime
+    pend "AWS-LC has no current support for SMIME with PKCS7" if aws_lc?
+
    store = OpenSSL::X509::Store.new
    store.add_cert(@ca_cert)
    ca_certs = [@ca_cert]
@ -261,6 +263,8 @@ END
  end

  def test_to_text
+    omit "AWS-LC does not support PKCS7.to_text" if aws_lc?
+
    p7 = OpenSSL::PKCS7.new
    p7.type = "signed"
    assert_match(/signed/, p7.to_text)
@ -374,7 +378,12 @@ END
    store = OpenSSL::X509::Store.new
    pki_msg.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
    p7enc = OpenSSL::PKCS7.new(pki_msg.data)
-    assert_equal(pki_message_content_pem, p7enc.to_pem)
+    # AWS-LC uses explicit OCTET STRING headers when encoding PKCS7 EncryptedContent,
+    # while OpenSSL traditionally uses indefinite-length encoding (ASN1_TFLG_NDEF)
+    # in its PKCS7 implementation.
+    unless aws_lc?
+      assert_equal(pki_message_content_pem, p7enc.to_pem)
+    end
  end
 end