wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

only check server's cert key encipher on client for RSA key exchange

Browse Source
This commit is contained in:
John Safranek
2016-07-26 13:32:54 -07:00
parent 993838153e
commit 0265b0f4bb
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/internal.c
View File

@@ -6489,6 +6489,7 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
#ifndef IGNORE_KEY_EXTENSIONS
if (dCert->extKeyUsageSet) {
if ((ssl->specs.kea == rsa_kea) &&
(ssl->options.side == WOLFSSL_CLIENT_END) &&
(dCert->extKeyUsage & KEYUSE_KEY_ENCIPHER) == 0) {
ret = KEYUSE_ENCIPHER_E;
}