Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx)
- X509* x509_cert = ...
- // without X509_check_ca x509_cert->ex_kusage always returns 0 (no idea why)
- int ca = X509_check_ca(x509_cert);
- unsigned long usage = x509_cert->ex_kusage;
- SC_PKCS15INIT_X509_DIGITAL_SIGNATURE 0x0080UL
- SC_PKCS15INIT_X509_NON_REPUDIATION 0x0040UL
- SC_PKCS15INIT_X509_KEY_ENCIPHERMENT 0x0020UL
- SC_PKCS15INIT_X509_DATA_ENCIPHERMENT 0x0010UL
- SC_PKCS15INIT_X509_KEY_AGREEMENT 0x0008UL
- SC_PKCS15INIT_X509_KEY_CERT_SIGN 0x0004UL
- SC_PKCS15INIT_X509_CRL_SIGN 0x0002UL
- /* Handle key usage */
- if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {
- if(usage->length > 0) {
- x->ex_kusage = usage->data[0];
- if(usage->length > 1)
- x->ex_kusage |= usage->data[1] << 8;
- } else x->ex_kusage = 0;
- x->ex_flags |= EXFLAG_KUSAGE;
- ASN1_BIT_STRING_free(usage);
- }
Add Comment
Please, Sign In to add comment