Add HX509_QUERY_MATCH_KEY_HASH_SHA1

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16911 ec53bebd-3082-4978-b11e-865c3cabbd6b
2006-04-01 02:10:24 +00:00
parent 95d72c00e1
commit 7a53af1e6a
2 changed files with 40 additions and 21 deletions
--- a/lib/hx509/cert.c
+++ b/lib/hx509/cert.c
@@ -1589,6 +1589,23 @@ _hx509_query_match_cert(const hx509_query *q, hx509_cert cert)
 	    return 0;
    }

+    if (q->match & HX509_QUERY_MATCH_KEY_HASH_SHA1) {
+	heim_octet_string os;
+	int ret;
+
+	os.data = c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.data;
+	os.length = 
+	    c->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.length / 8;
+
+	ret = _hx509_verify_signature(NULL,
+				      hx509_signature_sha1(),
+				      &os,
+				      q->keyhash_sha1);
+	if (ret != 0)
+	    return 0;
+    }
+
+
    if (q->match & ~HX509_QUERY_MASK)
 	return 0;