oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Sprinkle error strings.

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18932 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2006-11-07 17:19:17 +00:00
parent a04ab012c3
commit dcb53a0099
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/hx509/revoke.c
View File

@@ -169,8 +169,11 @@ verify_ocsp(hx509_context context,
&s->signatureAlgorithm, &s->signatureAlgorithm,
&s->tbsCertificate._save, &s->tbsCertificate._save,
&s->signatureValue); &s->signatureValue);
if (ret) if (ret) {
hx509_set_error_string(context, 0, ret,
"OSCP signer signature invalid");
goto out; goto out;
}
ret = hx509_cert_check_eku(context, signer, ret = hx509_cert_check_eku(context, signer,
oid_id_kp_OCSPSigning(), 0); oid_id_kp_OCSPSigning(), 0);
@@ -182,8 +185,10 @@ verify_ocsp(hx509_context context,
&ocsp->ocsp.signatureAlgorithm, &ocsp->ocsp.signatureAlgorithm,
&ocsp->ocsp.tbsResponseData._save, &ocsp->ocsp.tbsResponseData._save,
&ocsp->ocsp.signature); &ocsp->ocsp.signature);
if (ret) if (ret) {
hx509_set_error_string(context, 0, ret, "OSCP signature invalid");
goto out; goto out;
}
ocsp->signer = signer; ocsp->signer = signer;
signer = NULL; signer = NULL;
@@ -416,8 +421,11 @@ verify_crl(hx509_context context,
&s->signatureAlgorithm, &s->signatureAlgorithm,
&s->tbsCertificate._save, &s->tbsCertificate._save,
&s->signatureValue); &s->signatureValue);
if (ret) if (ret) {
hx509_set_error_string(context, 0, ret,
"CRL signer signature invalid");
goto out; goto out;
}
ret = _hx509_check_key_usage(context, signer, 1 << 6, TRUE); /* crl */ ret = _hx509_check_key_usage(context, signer, 1 << 6, TRUE); /* crl */
if (ret != 0) if (ret != 0)
@@ -428,8 +436,10 @@ verify_crl(hx509_context context,
&crl->signatureAlgorithm, &crl->signatureAlgorithm,
&crl->tbsCertList._save, &crl->tbsCertList._save,
&crl->signatureValue); &crl->signatureValue);
if (ret) if (ret) {
hx509_set_error_string(context, 0, ret, "CRL signature invalid");
goto out; goto out;
}
out: out:
hx509_cert_free(signer); hx509_cert_free(signer);