mirror of https://github.com/wolfSSL/wolfssl
X509_check_ca
This commit is contained in:
parent
3f6b7c8833
commit
c715bb5ade
10
src/ssl.c
10
src/ssl.c
|
@ -21583,19 +21583,19 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num)
|
|||
return ret;
|
||||
}
|
||||
|
||||
#define RAND_ENTROPY_SZ (256/16)
|
||||
|
||||
int wolfSSL_RAND_poll()
|
||||
{
|
||||
WOLFSSL_ENTER("wolfSSL_RAND_poll");
|
||||
byte entropy[RAND_ENTROPY_SZ];
|
||||
byte entropy[16];
|
||||
int ret = 0;
|
||||
const int entropy_sz = 16;
|
||||
|
||||
if (initGlobalRNG == 0){
|
||||
WOLFSSL_MSG("Global RNG no Init");
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
ret = wc_GenerateSeed(&globalRNG.seed, entropy, RAND_ENTROPY_SZ);
|
||||
ret = wc_GenerateSeed(&globalRNG.seed, entropy, entropy_sz);
|
||||
if (ret != 0){
|
||||
WOLFSSL_MSG("Bad wc_RNG_GenerateBlock");
|
||||
ret = WOLFSSL_FAILURE;
|
||||
|
@ -32628,8 +32628,12 @@ int wolfSSL_X509_check_ca(WOLFSSL_X509 *x509)
|
|||
{
|
||||
WOLFSSL_ENTER("X509_check_ca");
|
||||
|
||||
if (x509 == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
if (x509->isCa)
|
||||
return 1;
|
||||
if (x509->extKeyUsageCrit)
|
||||
return 4;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
15
tests/api.c
15
tests/api.c
|
@ -18581,6 +18581,20 @@ static void test_wolfSSL_ASN1_TIME_to_generalizedtime(void){
|
|||
#endif
|
||||
}
|
||||
|
||||
static void test_wolfSSL_X509_check_ca(void){
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
WOLFSSL_X509 *x509;
|
||||
|
||||
x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
|
||||
AssertIntEQ(wolfSSL_X509_check_ca(x509), 1);
|
||||
wolfSSL_X509_free(x509);
|
||||
|
||||
x509 = wolfSSL_X509_load_certificate_file(ntruCertFile, WOLFSSL_FILETYPE_PEM);
|
||||
AssertIntEQ(wolfSSL_X509_check_ca(x509), 0);
|
||||
wolfSSL_X509_free(x509);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void test_no_op_functions(void)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA)
|
||||
|
@ -19678,6 +19692,7 @@ void ApiTest(void)
|
|||
test_wolfSSL_ASN1_STRING_print_ex();
|
||||
test_wolfSSL_ASN1_TIME_to_generalizedtime();
|
||||
test_wolfSSL_i2c_ASN1_INTEGER();
|
||||
test_wolfSSL_X509_check_ca();
|
||||
|
||||
/* test the no op functions for compatibility */
|
||||
test_no_op_functions();
|
||||
|
|
Loading…
Reference in New Issue