From: Dan Streetman <ddstreet@ieee.org>
Date: Fri, 7 Mar 2025 16:35:05 +0000 (-0500)
Subject: test: run PKCS#7 verification with both internal and external certificates
X-Git-Tag: v258-rc1~1142^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2d09fd72eac87c142b10ebc3272ad5bf9dcfd0ca;p=thirdparty%2Fsystemd.git

test: run PKCS#7 verification with both internal and external certificates
---

diff --git a/test/units/TEST-74-AUX-UTILS.keyutil.sh b/test/units/TEST-74-AUX-UTILS.keyutil.sh
index d08c86e6972..96700a58cd4 100755
--- a/test/units/TEST-74-AUX-UTILS.keyutil.sh
+++ b/test/units/TEST-74-AUX-UTILS.keyutil.sh
@@ -49,9 +49,18 @@ testcase_public() {
 
 testcase_pkcs7() {
     echo -n "test" > /tmp/payload
+
+    # Generate PKCS#1 signature
     openssl dgst -sha256 -sign /tmp/test.key -out /tmp/payload.sig /tmp/payload
+
+    # Generate PKCS#7 signature
     /usr/lib/systemd/systemd-keyutil --certificate /tmp/test.crt --output /tmp/payload.p7s --signature /tmp/payload.sig pkcs7
-    openssl smime -verify -binary -inform der -in /tmp/payload.p7s -content /tmp/payload -certfile /tmp/test.crt -nointern -noverify > /dev/null
+
+    # Verify using internal x509 certificate
+    openssl smime -verify -binary -inform der -in /tmp/payload.p7s -content /tmp/payload -noverify > /dev/null
+
+    # Verify using external (original) x509 certificate
+    openssl smime -verify -binary -inform der -in /tmp/payload.p7s -content /tmp/payload -certificate /tmp/test.crt -nointern -noverify > /dev/null
 }
 
 run_testcases