[ruby/openssl] Skip PKCS7 with indefinite length test in AWS-LC

AWS-LC had been decoding the indefinite BER to an unusable output. We
should skip the test until indefinite BER decoding in AWS-LC is
properly fixed.

Changes:
1. AWS-LC will be looking to fix the parsing for indefinite BER
constructed strings in AWS-LC soon, so I've marked the test as `pend`
for now and removed the AWS-LC specific logic at the end.
2. I've added an assertion to verify that `OpenSSL::PKCS7.verify`
behaves correctly before doing content comparisons. I noticed this was
failing initially in AWS-LC, but that will be fixed soon as well. This
shouldn't effect OpenSSL/LibreSSL builds and should improve the test.

https://github.com/ruby/openssl/commit/69fd7f8863

1 files changed, 4 insertions, 7 deletions

diff --git a/test/openssl/test_pkcs7.rb b/test/openssl/test_pkcs7.rb
index a3db451fd1..80e341cab9 100644
--- a/test/openssl/test_pkcs7.rb
+++ b/test/openssl/test_pkcs7.rb
@@ -308,6 +308,8 @@ END
   end
 
   def test_split_content
+     pend "AWS-LC ASN.1 parsers has no current support for parsing indefinite BER constructed strings" if aws_lc?
+
      pki_message_pem = <<END
 -----BEGIN PKCS7-----
 MIIHSwYJKoZIhvcNAQcCoIIHPDCCBzgCAQExCzAJBgUrDgMCGgUAMIIDiAYJKoZI
@@ -376,14 +378,9 @@ tcH961onq8Tme2ICaCzk
 END
     pki_msg = OpenSSL::PKCS7.new(pki_message_pem)
     store = OpenSSL::X509::Store.new
-    pki_msg.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
+    assert_equal(true, pki_msg.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY))
     p7enc = OpenSSL::PKCS7.new(pki_msg.data)
-    # AWS-LC uses explicit OCTET STRING headers when encoding PKCS7 EncryptedContent,
-    # while OpenSSL traditionally uses indefinite-length encoding (ASN1_TFLG_NDEF)
-    # in its PKCS7 implementation.
-    unless aws_lc?
-      assert_equal(pki_message_content_pem, p7enc.to_pem)
-    end
+    assert_equal(pki_message_content_pem, p7enc.to_pem)
   end
 end