wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Removed an incorrect key use check.

Browse Source
This commit is contained in:
John Safranek
2014-04-10 23:31:43 -07:00
parent e79ce42ef4
commit 603192f153
2 changed files with 0 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cyassl/error-ssl.h
View File

@@ -116,7 +116,6 @@ enum CyaSSL_ErrorCodes {
UNKNOWN_MAX_FRAG_LEN_E = -282, /* Unrecognized max frag len Error */ UNKNOWN_MAX_FRAG_LEN_E = -282, /* Unrecognized max frag len Error */
/* add strings to SetErrorString !!!!! */ /* add strings to SetErrorString !!!!! */
KEYUSE_SIGNATURE_E = -283, /* KeyUse digSignature error */ KEYUSE_SIGNATURE_E = -283, /* KeyUse digSignature error */
KEYUSE_AGREEMENT_E = -284, /* KeyUse keyAgreement error */
KEYUSE_ENCIPHER_E = -285, /* KeyUse keyEncipher error */ KEYUSE_ENCIPHER_E = -285, /* KeyUse keyEncipher error */
EXTKEYUSE_AUTH_E = -286, /* ExtKeyUse server|client_auth */ EXTKEYUSE_AUTH_E = -286, /* ExtKeyUse server|client_auth */

11
src/internal.c
View File

@@ -3472,13 +3472,6 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx,
fatal = 1; fatal = 1;
ret = KEYUSE_ENCIPHER_E; ret = KEYUSE_ENCIPHER_E;
} }
if ((ssl->specs.kea == diffie_hellman_kea ||
ssl->specs.kea == ecc_diffie_hellman_kea ||
ssl->specs.kea == ecc_static_diffie_hellman_kea) &&
(dCert.extKeyUsage & KEYUSE_KEY_AGREE) == 0) {
fatal = 1;
ret = KEYUSE_AGREEMENT_E;
}
if ((ssl->specs.sig_algo == rsa_sa_algo || if ((ssl->specs.sig_algo == rsa_sa_algo ||
ssl->specs.sig_algo == ecc_dsa_sa_algo) && ssl->specs.sig_algo == ecc_dsa_sa_algo) &&
(dCert.extKeyUsage & KEYUSE_DIGITAL_SIG) == 0) { (dCert.extKeyUsage & KEYUSE_DIGITAL_SIG) == 0) {
@@ -6498,10 +6491,6 @@ void SetErrorString(int error, char* str)
XSTRNCPY(str, "Key Use digitalSignature not set Error", max); XSTRNCPY(str, "Key Use digitalSignature not set Error", max);
break; break;
case KEYUSE_AGREEMENT_E:
XSTRNCPY(str, "Key Use keyAgreement not set Error", max);
break;
case KEYUSE_ENCIPHER_E: case KEYUSE_ENCIPHER_E:
XSTRNCPY(str, "Key Use keyEncipherment not set Error", max); XSTRNCPY(str, "Key Use keyEncipherment not set Error", max);
break; break;