From 61d49ed472c9fda5d953c2a19bb8d1f5ddc7bfb9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Mon, 15 Dec 2008 04:31:41 +0000
Subject: [PATCH] add options to skipping KeyUsage check

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24197 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 lib/hx509/cms.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/lib/hx509/cms.c b/lib/hx509/cms.c
index 51756cc77..8ec41344f 100644
--- a/lib/hx509/cms.c
+++ b/lib/hx509/cms.c
@@ -567,9 +567,11 @@ hx509_cms_envelope_1(hx509_context context,
     if (encryption_type == NULL)
 	encryption_type = oid_id_aes_256_cbc();
 
-    ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE);
-    if (ret)
-	goto out;
+    if ((flags & HX509_CMS_EV_NO_KU_CHECK) == 0) {
+	ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE);
+	if (ret)
+	    goto out;
+    }
 
     ret = hx509_crypto_init(context, NULL, encryption_type, &crypto);
     if (ret)