summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
0c7141a)
Submitted by: Douglas Stebila
/* key usage, if present, must allow key agreement */
if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
{
/* key usage, if present, must allow key agreement */
if (ku_reject(x, X509v3_KU_KEY_AGREEMENT))
{
- printf("ECC cert not authorized for key agreement\n");
return 0;
}
if (alg & SSL_aECDSA)
return 0;
}
if (alg & SSL_aECDSA)
/* signature alg must be ECDSA */
if (signature_nid != NID_ecdsa_with_SHA1)
{
/* signature alg must be ECDSA */
if (signature_nid != NID_ecdsa_with_SHA1)
{
- printf("ECC cert not signed w/ ECDSA\n");
(signature_nid != NID_md4WithRSAEncryption) &&
(signature_nid != NID_md2WithRSAEncryption))
{
(signature_nid != NID_md4WithRSAEncryption) &&
(signature_nid != NID_md2WithRSAEncryption))
{
- printf("ECC cert not signed w/ RSA\n");
/* key usage, if present, must allow signing */
if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
{
/* key usage, if present, must allow signing */
if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))
{
- printf("ECC cert not authorized for signature\n");