lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-28 00:21:48 +03:00
Code Activity

Update prototype of x509write_set_key_usage()

Browse Source 
Allow for future support of decipherOnly and encipherOnly. Some work will be
required to ensure we still write only one byte when only one is needed.
This commit is contained in:
Manuel Pégourié-Gonnard
2015-06-23 11:07:37 +02:00
parent 655a964539
commit 1cd10adc7c
3 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
library/x509write_crt.c
View File

@ -217,15 +217,21 @@ int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *
}
#endif /* MBEDTLS_SHA1_C */
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, unsigned char key_usage )
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
unsigned int key_usage )
{
unsigned char buf[4];
unsigned char buf[4], ku;
unsigned char *c;
int ret;
c = buf + 4;
/* We currently only support 7 bits, from 0x80 to 0x02 */
if( ( key_usage & ~0xfe ) != 0 )
return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
c = buf + 4;
ku = (unsigned char) key_usage;
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ku, 7 ) ) != 4 )
return( ret );
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,