diff --git a/Sources/ShieldX509/ExtensionAuthorityKeyIdentifier.swift b/Sources/ShieldX509/ExtensionAuthorityKeyIdentifier.swift index 3c0808afc..3d7173934 100644 --- a/Sources/ShieldX509/ExtensionAuthorityKeyIdentifier.swift +++ b/Sources/ShieldX509/ExtensionAuthorityKeyIdentifier.swift @@ -27,6 +27,7 @@ public struct AuthorityKeyIdentifier: Equatable, Hashable, Codable, NonCriticalE authorityCertIssuer: GeneralNames? = nil, authorityCertSerialNumber: TBSCertificate.SerialNumber? = nil ) { + precondition(authorityCertSerialNumber?.sign != .minus) self.keyIdentifier = keyIdentifier self.authorityCertIssuer = authorityCertIssuer self.authorityCertSerialNumber = authorityCertSerialNumber diff --git a/Tests/CertificateBuilderECTests.swift b/Tests/CertificateBuilderECTests.swift index b5b00eb43..18b67963a 100644 --- a/Tests/CertificateBuilderECTests.swift +++ b/Tests/CertificateBuilderECTests.swift @@ -186,7 +186,7 @@ class CertificateBuilderECTests: XCTestCase { .authorityKeyIdentifier( Digester.digest(Self.keyPair.encodedPublicKey(), using: .sha1), certIssuer: [.dnsName("github.com/outfoxx/Shield/CA")], - certSerialNumber: Integer(sign: .plus, magnitude: .randomInteger(withExactWidth: 19 * 8)) + certSerialNumber: Certificate.Builder.randomSerialNumber() ) .computeSubjectKeyIdentifier() .valid(for: 86400 * 365) diff --git a/Tests/CertificateBuilderRSATests.swift b/Tests/CertificateBuilderRSATests.swift index 367eeddb8..412224450 100644 --- a/Tests/CertificateBuilderRSATests.swift +++ b/Tests/CertificateBuilderRSATests.swift @@ -186,7 +186,7 @@ class CertificateBuilderRSATests: XCTestCase { .authorityKeyIdentifier( Digester.digest(Self.keyPair.encodedPublicKey(), using: .sha1), certIssuer: [.dnsName("github.com/outfoxx/Shield/CA")], - certSerialNumber: Integer(sign: .plus, magnitude: .randomInteger(withExactWidth: 19 * 8)) + certSerialNumber: Certificate.Builder.randomSerialNumber() ) .computeSubjectKeyIdentifier() .valid(for: 86400 * 365)