add allow wrong oid flag, short for trust anchors

2009-09-23 00:02:46 -07:00
parent 6b3fb1c674
commit 92075b8825
2 changed files with 8 additions and 0 deletions
--- a/lib/hx509/hxtool-commands.in
+++ b/lib/hx509/hxtool-commands.in
@@ -113,6 +113,7 @@ command = {
 	name = "cms-verify-sd"
 	option = {
 		long = "anchors"
+		short = "D"
 		type = "strings"
 		argument = "certificate-store"
 		help = "trust anchors"
@@ -150,6 +151,11 @@ command = {
 		type = "-flag"
 		help = "allow no signer"
 	}
+	option = {
+		long = "allow-wrong-oid"
+		type = "flag"
+		help = "allow wrong oid flag"
+	}
 	option = {
 		long = "signed-content"
 		type = "string"
--- a/lib/hx509/hxtool.c
+++ b/lib/hx509/hxtool.c
@@ -282,6 +282,8 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv)

    if (!opt->signer_allowed_flag)
 	flags |= HX509_CMS_VS_ALLOW_ZERO_SIGNER;
+    if (opt->allow_wrong_oid_flag)
+	flags |= HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH;

    ret = hx509_cms_verify_signed(context, ctx, flags, co.data, co.length, sd,
 				  store, &type, &c, &signers);