From 3925804da6fecf17e81e5777060ccbee47778e62 Mon Sep 17 00:00:00 2001 From: Zackery Backman Date: Tue, 7 Apr 2026 12:30:06 -0600 Subject: [PATCH] Add test for wolfSSL_use_AltPrivateKey_Id to verify successful key ID allocation --- tests/api.c | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/tests/api.c b/tests/api.c index 0e9cbe2982..95d9e259bc 100644 --- a/tests/api.c +++ b/tests/api.c @@ -1696,6 +1696,38 @@ static int test_dual_alg_ecdsa_mldsa(void) return EXPECT_RESULT(); } +/* Test wolfSSL_use_AltPrivateKey_Id. + * Verify that a valid key ID can be set successfully. Guards against an + * inverted AllocDer return check (== 0 vs != 0) that would treat successful + * allocation as failure. */ +static int test_wolfSSL_use_AltPrivateKey_Id(void) +{ + EXPECT_DECLS; +#if defined(WOLFSSL_DUAL_ALG_CERTS) && !defined(NO_TLS) && \ + !defined(NO_WOLFSSL_CLIENT) + WOLFSSL_CTX* ctx = NULL; + WOLFSSL* ssl = NULL; + const unsigned char id[] = { 0x01, 0x02, 0x03, 0x04 }; + + ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())); + ExpectNotNull(ssl = wolfSSL_new(ctx)); + + /* Negative tests. */ + ExpectIntEQ(wolfSSL_use_AltPrivateKey_Id(NULL, id, sizeof(id), + INVALID_DEVID), 0); + ExpectIntEQ(wolfSSL_use_AltPrivateKey_Id(ssl, NULL, sizeof(id), + INVALID_DEVID), 0); + + /* Positive test — valid ID should succeed. */ + ExpectIntEQ(wolfSSL_use_AltPrivateKey_Id(ssl, id, sizeof(id), + INVALID_DEVID), 1); + + wolfSSL_free(ssl); + wolfSSL_CTX_free(ctx); +#endif /* WOLFSSL_DUAL_ALG_CERTS && !NO_TLS && !NO_WOLFSSL_CLIENT */ + return EXPECT_RESULT(); +} + /*----------------------------------------------------------------------------* | Context @@ -35313,6 +35345,8 @@ TEST_CASE testCases[] = { TEST_DECL(test_dual_alg_ecdsa_mldsa), + TEST_DECL(test_wolfSSL_use_AltPrivateKey_Id), + /********************************* * OpenSSL compatibility API tests *********************************/