diff options
Diffstat (limited to 'src/daemon/https/x509/x509_verify.c')
-rw-r--r-- | src/daemon/https/x509/x509_verify.c | 64 |
1 files changed, 3 insertions, 61 deletions
diff --git a/src/daemon/https/x509/x509_verify.c b/src/daemon/https/x509/x509_verify.c index 3dc4c9f7..a3eea5e7 100644 --- a/src/daemon/https/x509/x509_verify.c +++ b/src/daemon/https/x509/x509_verify.c | |||
@@ -46,7 +46,7 @@ static int MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, | |||
46 | trusted_cas, int tcas_size, | 46 | trusted_cas, int tcas_size, |
47 | unsigned int flags, | 47 | unsigned int flags, |
48 | unsigned int *output); | 48 | unsigned int *output); |
49 | int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * signed_data, | 49 | static int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * signed_data, |
50 | const MHD_gnutls_datum_t * signature, | 50 | const MHD_gnutls_datum_t * signature, |
51 | MHD_gnutls_x509_crt_t issuer); | 51 | MHD_gnutls_x509_crt_t issuer); |
52 | 52 | ||
@@ -351,7 +351,7 @@ cleanup:MHD__gnutls_free_datum (&cert_signed_data); | |||
351 | * A negative value is returned in case of an error. | 351 | * A negative value is returned in case of an error. |
352 | * | 352 | * |
353 | **/ | 353 | **/ |
354 | int | 354 | static int |
355 | MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, | 355 | MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, |
356 | MHD_gnutls_x509_crt_t issuer) | 356 | MHD_gnutls_x509_crt_t issuer) |
357 | { | 357 | { |
@@ -618,7 +618,7 @@ verify_sig (const MHD_gnutls_datum_t * tbs, | |||
618 | * 'tbs' is the signed data | 618 | * 'tbs' is the signed data |
619 | * 'signature' is the signature! | 619 | * 'signature' is the signature! |
620 | */ | 620 | */ |
621 | int | 621 | static int |
622 | MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | 622 | MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, |
623 | const MHD_gnutls_datum_t * signature, | 623 | const MHD_gnutls_datum_t * signature, |
624 | MHD_gnutls_x509_crt_t issuer) | 624 | MHD_gnutls_x509_crt_t issuer) |
@@ -657,30 +657,6 @@ MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | |||
657 | return ret; | 657 | return ret; |
658 | } | 658 | } |
659 | 659 | ||
660 | /* verifies if the certificate is properly signed. | ||
661 | * returns 0 on failure and 1 on success. | ||
662 | * | ||
663 | * 'tbs' is the signed data | ||
664 | * 'signature' is the signature! | ||
665 | */ | ||
666 | int | ||
667 | MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, | ||
668 | const MHD_gnutls_datum_t * | ||
669 | signature, | ||
670 | MHD_gnutls_x509_privkey_t issuer) | ||
671 | { | ||
672 | int ret; | ||
673 | |||
674 | ret = verify_sig (tbs, signature, issuer->pk_algorithm, issuer->params, | ||
675 | issuer->params_size); | ||
676 | if (ret < 0) | ||
677 | { | ||
678 | MHD_gnutls_assert (); | ||
679 | } | ||
680 | |||
681 | return ret; | ||
682 | } | ||
683 | |||
684 | /** | 660 | /** |
685 | * MHD_gnutls_x509_crt_list_verify - This function verifies the given certificate list | 661 | * MHD_gnutls_x509_crt_list_verify - This function verifies the given certificate list |
686 | * @cert_list: is the certificate list to be verified | 662 | * @cert_list: is the certificate list to be verified |
@@ -737,37 +713,3 @@ MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, | |||
737 | return 0; | 713 | return 0; |
738 | } | 714 | } |
739 | 715 | ||
740 | /** | ||
741 | * MHD_gnutls_x509_crt_verify - This function verifies the given certificate against a given trusted one | ||
742 | * @cert: is the certificate to be verified | ||
743 | * @CA_list: is one certificate that is considered to be trusted one | ||
744 | * @CA_list_length: holds the number of CA certificate in CA_list | ||
745 | * @flags: Flags that may be used to change the verification algorithm. Use OR of the MHD_gnutls_certificate_verify_flags enumerations. | ||
746 | * @verify: will hold the certificate verification output. | ||
747 | * | ||
748 | * This function will try to verify the given certificate and return its status. | ||
749 | * The verification output in this functions cannot be GNUTLS_CERT_NOT_VALID. | ||
750 | * | ||
751 | * Returns 0 on success and a negative value in case of an error. | ||
752 | * | ||
753 | **/ | ||
754 | int | ||
755 | MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, | ||
756 | const MHD_gnutls_x509_crt_t * CA_list, | ||
757 | int CA_list_length, | ||
758 | unsigned int flags, unsigned int *verify) | ||
759 | { | ||
760 | int ret; | ||
761 | /* Verify certificate | ||
762 | */ | ||
763 | ret = MHD__gnutls_verify_certificate2 (cert, CA_list, CA_list_length, flags, | ||
764 | verify); | ||
765 | if (ret < 0) | ||
766 | { | ||
767 | MHD_gnutls_assert (); | ||
768 | return ret; | ||
769 | } | ||
770 | |||
771 | return 0; | ||
772 | } | ||
773 | |||