add flags to hx509_cms_verify_signed
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24192 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
@@ -4,7 +4,7 @@ include $(top_srcdir)/Makefile.am.common
|
|||||||
|
|
||||||
lib_LTLIBRARIES = libhx509.la
|
lib_LTLIBRARIES = libhx509.la
|
||||||
noinst_LTLIBRARIES = libnhx509.la
|
noinst_LTLIBRARIES = libnhx509.la
|
||||||
libhx509_la_LDFLAGS = -version-info 4:0:0
|
libhx509_la_LDFLAGS = -version-info 5:0:0
|
||||||
|
|
||||||
BUILT_SOURCES = \
|
BUILT_SOURCES = \
|
||||||
sel-gram.h \
|
sel-gram.h \
|
||||||
|
|||||||
@@ -738,12 +738,13 @@ find_attribute(const CMSAttributes *attr, const heim_oid *oid)
|
|||||||
* Decode SignedData and verify that the signature is correct.
|
* Decode SignedData and verify that the signature is correct.
|
||||||
*
|
*
|
||||||
* @param context A hx509 context.
|
* @param context A hx509 context.
|
||||||
* @param ctx a hx509 version context
|
* @param ctx a hx509 verify context.
|
||||||
* @param data pointer to CMS SignedData encoded data
|
* @param flags to control the behaivor of the function.
|
||||||
|
* @param data pointer to CMS SignedData encoded data.
|
||||||
* @param length length of the data that data point to.
|
* @param length length of the data that data point to.
|
||||||
* @param signedContent external data used for signature
|
* @param signedContent external data used for signature.
|
||||||
* @param pool certificate pool to build certificates paths.
|
* @param pool certificate pool to build certificates paths.
|
||||||
* @param contentType free with der_free_oid()
|
* @param contentType free with der_free_oid().
|
||||||
* @param content the output of the function, free with
|
* @param content the output of the function, free with
|
||||||
* der_free_octet_string().
|
* der_free_octet_string().
|
||||||
* @param signer_certs list of the cerficates used to sign this
|
* @param signer_certs list of the cerficates used to sign this
|
||||||
@@ -755,6 +756,7 @@ find_attribute(const CMSAttributes *attr, const heim_oid *oid)
|
|||||||
int
|
int
|
||||||
hx509_cms_verify_signed(hx509_context context,
|
hx509_cms_verify_signed(hx509_context context,
|
||||||
hx509_verify_ctx ctx,
|
hx509_verify_ctx ctx,
|
||||||
|
unsigned int flags,
|
||||||
const void *data,
|
const void *data,
|
||||||
size_t length,
|
size_t length,
|
||||||
const heim_octet_string *signedContent,
|
const heim_octet_string *signedContent,
|
||||||
@@ -949,7 +951,8 @@ hx509_cms_verify_signed(hx509_context context,
|
|||||||
match_oid = oid_id_pkcs7_data();
|
match_oid = oid_id_pkcs7_data();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType)) {
|
if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType) &&
|
||||||
|
(flags & HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH) == 0) {
|
||||||
ret = HX509_CMS_DATA_OID_MISMATCH;
|
ret = HX509_CMS_DATA_OID_MISMATCH;
|
||||||
hx509_set_error_string(context, 0, ret,
|
hx509_set_error_string(context, 0, ret,
|
||||||
"Oid in message mismatch from the expected");
|
"Oid in message mismatch from the expected");
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
# $Id$
|
# $Id$
|
||||||
|
|
||||||
HEIMDAL_X509_1.1 {
|
HEIMDAL_X509_1.2 {
|
||||||
global:
|
global:
|
||||||
initialize_hx_error_table_r;
|
initialize_hx_error_table_r;
|
||||||
hx509_bitstring_print;
|
hx509_bitstring_print;
|
||||||
|
|||||||
Reference in New Issue
Block a user