From 10181278438ae32f5d43ac3e793b1b23aa149d8a Mon Sep 17 00:00:00 2001 From: "Tony Arcieri (iqlusion)" Date: Mon, 12 Jul 2021 09:05:40 -0700 Subject: [PATCH] Fix `generate_self_signed_ec_cert` integration test (#275) Unfortunately these tests can't be run in CI as they require a YubiKey to test against. The YubiKey generates an ASN.1 DER-encoded ECDSA signature, but the test was using a fixed-width signature. The test now passes live against a YubiKey. --- tests/integration.rs | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/tests/integration.rs b/tests/integration.rs index a36ef51..9e6fcca 100644 --- a/tests/integration.rs +++ b/tests/integration.rs @@ -8,11 +8,7 @@ use lazy_static::lazy_static; use log::trace; use rsa::{hash::Hash::SHA2_256, PaddingScheme, PublicKey}; use sha2::{Digest, Sha256}; -use std::{ - convert::{TryFrom, TryInto}, - env, - sync::Mutex, -}; +use std::{convert::TryInto, env, sync::Mutex}; use x509::RelativeDistinguishedName; use yubikey::{ certificate::{Certificate, PublicKeyInfo}, @@ -242,7 +238,7 @@ fn generate_self_signed_ec_cert() { let sig_algo_len = data[7 + tbs_cert_len + 1] as usize; let sig_start = 7 + tbs_cert_len + 2 + sig_algo_len + 3; let msg = &data[4..7 + tbs_cert_len]; - let sig = p256::ecdsa::Signature::try_from(&data[sig_start..]).unwrap(); + let sig = p256::ecdsa::Signature::from_der(&data[sig_start..]).unwrap(); let vk = p256::ecdsa::VerifyingKey::from_sec1_bytes(pubkey.as_bytes()).unwrap(); use p256::ecdsa::signature::Verifier;