From 69fd7f88631367907073c3d5e3530f270a0c800a Mon Sep 17 00:00:00 2001 From: Samuel Chiang Date: Wed, 19 Mar 2025 01:33:32 +0000 Subject: [PATCH] Skip PKCS7 with indefinite length test in AWS-LC AWS-LC had been decoding the indefinite BER to an unusable output. We should skip the test until indefinite BER decoding in AWS-LC is properly fixed. Changes: 1. AWS-LC will be looking to fix the parsing for indefinite BER constructed strings in AWS-LC soon, so I've marked the test as `pend` for now and removed the AWS-LC specific logic at the end. 2. I've added an assertion to verify that `OpenSSL::PKCS7.verify` behaves correctly before doing content comparisons. I noticed this was failing initially in AWS-LC, but that will be fixed soon as well. This shouldn't effect OpenSSL/LibreSSL builds and should improve the test. --- test/openssl/test_pkcs7.rb | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb index a3db451fd..80e341cab 100644 --- a/test/openssl/test_pkcs7.rb +++ b/test/openssl/test_pkcs7.rb @@ -308,6 +308,8 @@ def test_degenerate_pkcs7 end def test_split_content + pend "AWS-LC ASN.1 parsers has no current support for parsing indefinite BER constructed strings" if aws_lc? + pki_message_pem = <