Add negative test for PKCS12_SAFEBAG_get0_bag*() functions

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29128)

diff --git a/test/helpers/pkcs12.c b/test/helpers/pkcs12.c
index d2433672381fe62f838c2868fff849a83ad828ce..d8737558b74acf9897bdcfc446a97ce6c26dd241 100644 (file)
--- a/test/helpers/pkcs12.c
+++ b/test/helpers/pkcs12.c
@@ -573,6 +573,11 @@ void check_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
         pb->success = 0;
         goto err;
     }
+    if (!TEST_ptr_null(PKCS12_SAFEBAG_get0_bag_obj(bag))) {
+        pb->success = 0;
+        goto err;
+    }
+
     ref_x509 = load_cert_asn1(bytes, len);
     if (!TEST_false(X509_cmp(x509, ref_x509)))
         pb->success = 0;
@@ -635,6 +640,10 @@ void check_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len,
         pb->success = 0;
         goto err;
     }
+    if (!TEST_ptr_null(PKCS12_SAFEBAG_get0_bag_type(bag))) {
+        pb->success = 0;
+        goto err;
+    }
 
     /* PKEY compare returns 1 for match */
     ref_pkey = load_pkey_asn1(bytes, len);