Check serial number in tests.

wolfSSL · Sep 4, 2024 · 00ea9f3 · 00ea9f3
1 parent 2bd70c1
commit 00ea9f3
Showing 1 changed file with 9 additions and 2 deletions.
diff --git a/tests/api.c b/tests/api.c
@@ -13598,8 +13598,6 @@ static int test_wolfSSL_X509_ACERT_misc_api(void)
     EXPECT_DECLS;
 #if defined(WOLFSSL_ACERT) && !defined(NO_CERTS) && !defined(NO_RSA) && \
     !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
-    /* These two acerts are the same. The first is signed with RSA, and
-     * the second with RSA-PSS. */
     const char * acerts[4] = {"certs/acert/acert.pem",
                               "certs/acert/acert_ietf.pem",
                               "certs/acert/rsa_pss/acert.pem",
@@ -13614,6 +13612,10 @@ static int test_wolfSSL_X509_ACERT_misc_api(void)
     word32       attr_len = 0;
     size_t       i = 0;
     int          buf_len = 0;
+    byte         ietf_serial[] = {0x03, 0xb5, 0x90, 0x59, 0x02,
+                                  0xa2, 0xaa, 0xb5, 0x40, 0x21,
+                                  0x44, 0xb8, 0x2c, 0x4f, 0xd9,
+                                  0x80, 0x1b, 0x5f, 0x57, 0xc2};
 
     for (i = 0; i < 4; ++i) {
         const char * acert_file = acerts[i];
@@ -13622,6 +13624,8 @@ static int test_wolfSSL_X509_ACERT_misc_api(void)
         byte         serial[64];
         int          serial_len = sizeof(serial);
 
+        XMEMSET(serial, 0, sizeof(serial));
+
         is_rsa_pss = XSTRSTR(acert_file, "rsa_pss") != NULL ? 1 : 0;
         is_ietf_acert = XSTRSTR(acert_file, "ietf.pem") != NULL ? 1 : 0;
 
@@ -13661,9 +13665,11 @@ static int test_wolfSSL_X509_ACERT_misc_api(void)
 
         if (is_ietf_acert) {
             ExpectIntEQ(serial_len, 20);
+            ExpectIntEQ(XMEMCMP(serial, ietf_serial, sizeof(ietf_serial)), 0);
         }
         else {
             ExpectIntEQ(serial_len, 1);
+            ExpectTrue(serial[0] == 0x01);
         }
 
         /* Repeat the same but with null serial buffer. This is ok. */
@@ -13675,6 +13681,7 @@ static int test_wolfSSL_X509_ACERT_misc_api(void)
         }
         else {
             ExpectIntEQ(serial_len, 1);
+            ExpectTrue(serial[0] == 0x01);
         }
 
         /* Get the attributes buffer. */