fix: tests

pkcs7.go

@@ -144,7 +144,7 @@ func (p7 *PKCS7) GetOnlySigner() *x509.Certificate {
 var ErrUnsupportedAlgorithm = errors.New("pkcs7: cannot decrypt data: only RSA, DES, DES-EDE3, AES-256-CBC and AES-128-GCM supported")
 
 func isCertMatchForIssuerAndSerial(cert *x509.Certificate, ias issuerAndSerial) bool {
-	return cert.SerialNumber.Cmp(ias.SerialNumber) == 0 && bytes.Compare(cert.RawIssuer, ias.IssuerName.FullBytes) == 0
+	return cert.SerialNumber.Cmp(ias.SerialNumber) == 0 && bytes.Equal(cert.RawIssuer, ias.IssuerName.FullBytes)
 }
 
 func unmarshalAttribute(attrs []attribute, attributeType asn1.ObjectIdentifier, out interface{}) error {

pkcs7_test.go

@@ -14,7 +14,6 @@ import (
 	"fmt"
 	"math/big"
 	"os"
-	"os/exec"
 	"testing"
 	"time"
 )
@@ -50,90 +49,6 @@ func TestSign_E2E(t *testing.T) {
 	}
 }
 
-func TestOpenSSLVerifyDetachedSignature(t *testing.T) {
-	rootCert, err := createTestCertificateByIssuer("PKCS7 Test Root CA", nil)
-	if err != nil {
-		t.Fatalf("Cannot generate root cert: %s", err)
-	}
-	signerCert, err := createTestCertificateByIssuer("PKCS7 Test Signer Cert", rootCert)
-	if err != nil {
-		t.Fatalf("Cannot generate signer cert: %s", err)
-	}
-	content := []byte("Hello World")
-	toBeSigned, err := newSignedData(content)
-	if err != nil {
-		t.Fatalf("Cannot initialize signed data: %s", err)
-	}
-	if err := toBeSigned.addSigner(signerCert.Certificate, signerCert.PrivateKey, SignerInfoConfig{}); err != nil {
-		t.Fatalf("Cannot add signer: %s", err)
-	}
-	toBeSigned.detach()
-	signed, err := toBeSigned.finish()
-	if err != nil {
-		t.Fatalf("Cannot finish signing data: %s", err)
-	}
-
-	// write the root cert to a temp file
-	tmpRootCertFile, err := os.CreateTemp("", "pkcs7TestRootCA")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer func(name string) {
-		if err := os.Remove(name); err != nil {
-			t.Fatalf("Cannot write root cert: %s", err)
-		}
-	}(tmpRootCertFile.Name()) // clean up
-	fd, err := os.OpenFile(tmpRootCertFile.Name(), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o755)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if err := pem.Encode(fd, &pem.Block{Type: "CERTIFICATE", Bytes: rootCert.Certificate.Raw}); err != nil {
-		t.Fatalf("Cannot write root cert: %s", err)
-	}
-	if err := fd.Close(); err != nil {
-		t.Fatalf("Cannot write root cert: %s", err)
-	}
-
-	// write the signature to a temp file
-	tmpSignatureFile, err := os.CreateTemp("", "pkcs7Signature")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer func(name string) {
-		if err := os.Remove(name); err != nil {
-			t.Fatalf("Cannot write signature: %s", err)
-		}
-	}(tmpSignatureFile.Name()) // clean up
-	if err := os.WriteFile(tmpSignatureFile.Name(), signed, 0o755); err != nil {
-		t.Fatalf("Cannot write signature: %s", err)
-	}
-
-	// write the content to a temp file
-	tmpContentFile, err := os.CreateTemp("", "pkcs7Content")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer func(name string) {
-		if err := os.Remove(name); err != nil {
-			t.Fatalf("Cannot write content: %s", err)
-		}
-	}(tmpContentFile.Name()) // clean up
-	if err := os.WriteFile(tmpContentFile.Name(), content, 0o755); err != nil {
-		t.Fatalf("Cannot write content: %s", err)
-	}
-
-	// call openssl to verify the signature on the content using the root
-	opensslCMD := exec.Command("openssl", "smime", "-verify",
-		"-in", tmpSignatureFile.Name(), "-inform", "DER",
-		"-content", tmpContentFile.Name(),
-		"-CAfile", tmpRootCertFile.Name())
-	out, err := opensslCMD.Output()
-	t.Logf("%s", out)
-	if err != nil {
-		t.Fatalf("openssl command failed with %s", err)
-	}
-}
-
 type certKeyPair struct {
 	Certificate *x509.Certificate
 	PrivateKey  *rsa.PrivateKey