Update the test to assert that the SCT is from an X.509 extension
authorAlex Gaynor <alex.gaynor@gmail.com>
Sat, 8 Apr 2017 13:33:17 +0000 (09:33 -0400)
committerRich Salz <rsalz@openssl.org>
Mon, 22 May 2017 12:03:22 +0000 (08:03 -0400)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3149)

test/ct_test.c

index 583db44..6b36a43 100644 (file)
@@ -262,6 +262,7 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture)
 
     if (fixture.certificate_file != NULL) {
         int sct_extension_index;
+        int i;
         X509_EXTENSION *sct_extension = NULL;
 
         if (!TEST_ptr(cert = load_pem_cert(fixture.certs_dir,
@@ -289,18 +290,16 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture)
                                                expected_sct_text))
                     goto end;
 
-            if (fixture.test_validity) {
-                int i;
-
-                scts = X509V3_EXT_d2i(sct_extension);
-                for (i = 0; i < sk_SCT_num(scts); ++i) {
-                    SCT *sct_i = sk_SCT_value(scts, i);
+            scts = X509V3_EXT_d2i(sct_extension);
+            for (i = 0; i < sk_SCT_num(scts); ++i) {
+                SCT *sct_i = sk_SCT_value(scts, i);
 
-                    if (!TEST_true(SCT_set_source(sct_i,
-                                                  SCT_SOURCE_X509V3_EXTENSION)))
-                        goto end;
+                if (!TEST_int_eq(SCT_get_source(sct_i), SCT_SOURCE_X509V3_EXTENSION)) {
+                    goto end;
                 }
+            }
 
+            if (fixture.test_validity) {
                 if (!assert_validity(fixture, scts, ct_policy_ctx))
                     goto end;
             }