Skip to content

pkcs7: clean up tests #921

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 31, 2025
Merged

pkcs7: clean up tests #921

merged 2 commits into from
Jul 31, 2025

Conversation

@rhenium
Copy link
Member

@rhenium rhenium commented Jul 31, 2025

This includes:

  • Update test keys and add omissions for enveloped-data tests so that the rest can be tested in the FIPS mode.
  • Add tests for PKCS7#error_string and #data.
  • Check more error paths.
  • Various style fixes.

@junaruga
Copy link
Member

junaruga commented Jul 31, 2025

Thank you for the PR!

@rhenium rhenium force-pushed the ky/pkcs7-add-more-tests branch 2 times, most recently from df12fda to 527f5c7 Compare July 31, 2025 16:43
rhenium added 2 commits August 1, 2025 02:30
@rhenium
pkcs7: only set error_string in the error path
c11c663 
Set the error_string attribute to nil if PKCS7_verify() succeeds, since
the error queue should be empty in that case.

With AWS-LC, OpenSSL::PKCS#verify currently sets error_string to
"invalid library (0)" when the verification succeeds, whereas with
OpenSSL and LibreSSL, it becomes nil. ERR_reason_error_string() appears
to behave differently when an invalid error code is passed.

The branch to raise OpenSSL::PKCS7::PKCS7Error is removed because it
does not appear to be reachable.
@rhenium
pkcs7: clean up tests
58f0022 
This includes:

 - Update test keys to the generic rsa-{1,2,3}.pem.
 - Add omissions for enveloped-data tests so that the rest can be
   tested in the FIPS mode.
 - Add tests for PKCS7#error_string and #data.
 - Check more error paths.
 - Various style fixes.
@rhenium rhenium force-pushed the ky/pkcs7-add-more-tests branch from 527f5c7 to 58f0022 Compare July 31, 2025 17:31
@rhenium rhenium merged commit df9cb6a into ruby:master Jul 31, 2025
41 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rhenium @junaruga