From b206c441e8de64cc499a9fe1ad67c90f50bc2f0c Mon Sep 17 00:00:00 2001 From: Mathias Ertl Date: Fri, 27 Dec 2024 14:30:21 +0100 Subject: [PATCH] fix tests with minimal changes --- .github/workflows/tests.yml | 2 +- tests/test_x509.py | 23 ++++++++++++++++------- 2 files changed, 17 insertions(+), 8 deletions(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 79555f0..97d17a5 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -16,7 +16,6 @@ jobs: - "3.10" - "3.11" - "3.12" - - "3.12" - "3.13" steps: @@ -51,6 +50,7 @@ jobs: run: | env softhsm2-util --version + openssl version - name: Initialize token run: softhsm2-util --init-token --free --label $PKCS11_TOKEN_LABEL --pin $PKCS11_TOKEN_PIN --so-pin $PKCS11_TOKEN_SO_PIN diff --git a/tests/test_x509.py b/tests/test_x509.py index b4a7dca..e6ce991 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -5,6 +5,7 @@ import base64 import datetime import subprocess +import tempfile from asn1crypto import pem from asn1crypto.csr import CertificationRequest, CertificationRequestInfo @@ -223,13 +224,21 @@ def test_self_sign_certificate(self): } ) - # Pipe our certificate to OpenSSL to verify it - with subprocess.Popen( - (OPENSSL, "verify"), stdin=subprocess.PIPE, stdout=subprocess.DEVNULL - ) as proc: - proc.stdin.write(pem.armor("CERTIFICATE", cert.dump())) - proc.stdin.close() - self.assertEqual(proc.wait(), 0) + pem_cert = pem.armor("CERTIFICATE", cert.dump()) + + with tempfile.NamedTemporaryFile() as pem_file: + pem_file.write(pem_cert) + pem_file.flush() + + # Pipe our certificate to OpenSSL to verify it + with subprocess.Popen( + (OPENSSL, "verify", "-CAfile", pem_file.name), + stdin=subprocess.PIPE, + stdout=subprocess.DEVNULL, + ) as proc: + proc.stdin.write(pem.armor("CERTIFICATE", cert.dump())) + proc.stdin.close() + self.assertEqual(proc.wait(), 0) @Only.openssl @requires(Mechanism.RSA_PKCS_KEY_PAIR_GEN, Mechanism.SHA1_RSA_PKCS)