[ruby/openssl] test_pkcs7.rb: skip AWS-LC's unsupported features

1. AWS-LC has no support for SMIME with PKCS7. That may change in the
   near future, so I've marked that with "pend" for now.
2. AWS-LC doesn't support printing of PKCS7 contents with
   PKCS7_print_ctx.
3. OpenSSL traditionally used indefinite-length encoding with
   ASN1_TFLG_NDEF in its implementation for PKCS7 EncryptedContent.
   AWS-LC uses explicit OCTET STRING headers to encode instead,
   which leads to a slight difference in serialized ASN1 contents
   from the two libraries.

https://github.com/ruby/openssl/commit/78c585a9c2
This commit is contained in:
Samuel Chiang 2025-02-12 01:38:05 +00:00 committed by git
parent b995eee811
commit 6263d0d16b

View File

@ -239,6 +239,8 @@ END
end
def test_smime
pend "AWS-LC has no current support for SMIME with PKCS7" if aws_lc?
store = OpenSSL::X509::Store.new
store.add_cert(@ca_cert)
ca_certs = [@ca_cert]
@ -261,6 +263,8 @@ END
end
def test_to_text
omit "AWS-LC does not support PKCS7.to_text" if aws_lc?
p7 = OpenSSL::PKCS7.new
p7.type = "signed"
assert_match(/signed/, p7.to_text)
@ -374,7 +378,12 @@ END
store = OpenSSL::X509::Store.new
pki_msg.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
p7enc = OpenSSL::PKCS7.new(pki_msg.data)
assert_equal(pki_message_content_pem, p7enc.to_pem)
# AWS-LC uses explicit OCTET STRING headers when encoding PKCS7 EncryptedContent,
# while OpenSSL traditionally uses indefinite-length encoding (ASN1_TFLG_NDEF)
# in its PKCS7 implementation.
unless aws_lc?
assert_equal(pki_message_content_pem, p7enc.to_pem)
end
end
end