Update the test to assert that the SCT is from an X.509 extension

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3149)

diff --git a/test/ct_test.c b/test/ct_test.c
index 583db4437e3dd01855f6f99e09e8b534ec2c1373..6b36a434694b5149281d1a4b563af3cc67bceb79 100644 (file)
--- a/test/ct_test.c
+++ b/test/ct_test.c
@@ -262,6 +262,7 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture)
 
     if (fixture.certificate_file != NULL) {
         int sct_extension_index;
+        int i;
         X509_EXTENSION *sct_extension = NULL;
 
         if (!TEST_ptr(cert = load_pem_cert(fixture.certs_dir,
@@ -289,18 +290,16 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture)
                                                expected_sct_text))
                     goto end;
 
-            if (fixture.test_validity) {
-                int i;
-
-                scts = X509V3_EXT_d2i(sct_extension);
-                for (i = 0; i < sk_SCT_num(scts); ++i) {
-                    SCT *sct_i = sk_SCT_value(scts, i);
+            scts = X509V3_EXT_d2i(sct_extension);
+            for (i = 0; i < sk_SCT_num(scts); ++i) {
+                SCT *sct_i = sk_SCT_value(scts, i);
 
-                    if (!TEST_true(SCT_set_source(sct_i,
-                                                  SCT_SOURCE_X509V3_EXTENSION)))
-                        goto end;
+                if (!TEST_int_eq(SCT_get_source(sct_i), SCT_SOURCE_X509V3_EXTENSION)) {
+                    goto end;
                 }
+            }
 
+            if (fixture.test_validity) {
                 if (!assert_validity(fixture, scts, ct_policy_ctx))
                     goto end;
             }