oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Check that the self-signed cert is really self-signed.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20908 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-06-05 02:59:33 +00:00
parent 6623ac6441
commit 9e262359f2
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/hx509/print.c
View File

@@ -804,6 +804,20 @@ hx509_validate_cert(hx509_context context,
"Not a CA nor PROXY and doesn't have" "Not a CA nor PROXY and doesn't have"
"CRL Dist Point\n"); "CRL Dist Point\n");
if (status.selfsigned) {
ret = _hx509_verify_signature_bitstring(context,
c,
&c->signatureAlgorithm,
&c->tbsCertificate._save,
&c->signatureValue);
if (ret == 0)
validate_print(ctx, HX509_VALIDATE_F_VERBOSE,
"Self-signed certificate was self-signed\n");
else
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"Self-signed certificate NOT really self-signed!\n");
}
hx509_name_free(&subject); hx509_name_free(&subject);
hx509_name_free(&issuer); hx509_name_free(&issuer);