Merge pull request #3082 from JacobBarthelmeh/Testing

restrict the cert version allowed
2026-03-06 18:14:04 +01:00 · 2020-07-07 15:37:01 -07:00
parent 6196698d8b 14d0b4e7d6
commit c8dcd59565
3 changed files with 25 additions and 1 deletions
--- a/tests/api.c
+++ b/tests/api.c
@@ -25982,6 +25982,18 @@ static void test_wolfSSL_X509_sign(void)
    XFCLOSE(tmpFile);
 #endif

+    /* test invalid version number */
+#if defined(OPENSSL_ALL)
+    #ifdef WOLFSSL_ALT_NAMES
+    AssertIntEQ(X509_get_ext_count(x509), 1);
+    #endif
+    AssertIntNE(X509_set_version(x509, 6L), 0);
+    AssertIntGT(X509_sign(x509, priv, EVP_sha256()), 0);
+
+    /* uses ParseCert which fails on bad version number */
+    AssertIntEQ(X509_get_ext_count(x509), SSL_FAILURE);
+#endif
+
 #ifndef WOLFSSL_ALT_NAMES
    /* Valid case - size should be 798 */
    AssertIntEQ(ret, 798);