commit 603116c570f55f3d00f705d1862e7f685522162f
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Wed Apr 09 09:50:03 2014 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Apr 09 15:50:57 2014 +0200
tree e2661ec6c569370b18ccbf4a80c5b200ab904a6f
parent 0f79babd4b95bf287728721ac4e24533917207fb

Add x509_crt_check_key_usage()

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index d9f25ed..6ab30e6 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1360,6 +1360,17 @@
     return( (int) ( size - n ) );
 }
 
+#if defined(POLARSSL_X509_CHECK_KEY_USAGE)
+int x509_crt_check_key_usage( const x509_crt *crt, int usage )
+{
+    if( ( crt->ext_types & EXT_KEY_USAGE ) != 0 &&
+        ( crt->key_usage & usage ) != usage )
+        return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
+
+    return( 0 );
+}
+#endif
+
 #if defined(POLARSSL_X509_CRL_PARSE_C)
 /*
  * Return 1 if the certificate is revoked, or 0 otherwise.