From 635a6dbf487a7e361fb47e25da8d226652e1481a Mon Sep 17 00:00:00 2001
From: Mathias Ertl <mati@er.tl>
Date: Fri, 27 Dec 2024 14:30:21 +0100
Subject: [PATCH] fix tests with minimal changes

---
 tests/test_x509.py | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/tests/test_x509.py b/tests/test_x509.py
index b4a7dca..a094fbb 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -5,6 +5,7 @@
 import base64
 import datetime
 import subprocess
+import tempfile
 
 from asn1crypto import pem
 from asn1crypto.csr import CertificationRequest, CertificationRequestInfo
@@ -223,13 +224,21 @@ def test_self_sign_certificate(self):
             }
         )
 
-        # Pipe our certificate to OpenSSL to verify it
-        with subprocess.Popen(
-            (OPENSSL, "verify"), stdin=subprocess.PIPE, stdout=subprocess.DEVNULL
-        ) as proc:
-            proc.stdin.write(pem.armor("CERTIFICATE", cert.dump()))
-            proc.stdin.close()
-            self.assertEqual(proc.wait(), 0)
+        pem_cert = pem.armor("CERTIFICATE", cert.dump())
+
+        with tempfile.NamedTemporaryFile(delete_on_close=False) as pem_file:
+            pem_file.write(pem_cert)
+            pem_file.close()
+
+            # Pipe our certificate to OpenSSL to verify it
+            with subprocess.Popen(
+                (OPENSSL, "verify", "-CAfile", pem_file.name),
+                stdin=subprocess.PIPE,
+                stdout=subprocess.DEVNULL,
+            ) as proc:
+                proc.stdin.write(pem.armor("CERTIFICATE", cert.dump()))
+                proc.stdin.close()
+                self.assertEqual(proc.wait(), 0)
 
     @Only.openssl
     @requires(Mechanism.RSA_PKCS_KEY_PAIR_GEN, Mechanism.SHA1_RSA_PKCS)