1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00

gpgsm: Use macro constants for cert_usage_p.

* sm/certlist.c (USE_MODE_): New.  Use them for easier reading.
This commit is contained in:
Werner Koch 2022-10-24 15:12:06 +02:00
parent 7ed523ca13
commit 1cdb67d41a
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B

View File

@ -34,7 +34,16 @@
#include "keydb.h"
#include "../common/i18n.h"
/* Mode values for cert_usage_p.
* Take care: the values have a semantic. */
#define USE_MODE_SIGN 0
#define USE_MODE_ENCR 1
#define USE_MODE_VRFY 2
#define USE_MODE_DECR 3
#define USE_MODE_CERT 4
#define USE_MODE_OCSP 5
/* OIDs we use here. */
static const char oid_kp_serverAuth[] = "1.3.6.1.5.5.7.3.1";
static const char oid_kp_clientAuth[] = "1.3.6.1.5.5.7.3.2";
static const char oid_kp_codeSigning[] = "1.3.6.1.5.5.7.3.3";
@ -42,6 +51,7 @@ static const char oid_kp_emailProtection[]= "1.3.6.1.5.5.7.3.4";
static const char oid_kp_timeStamping[] = "1.3.6.1.5.5.7.3.8";
static const char oid_kp_ocspSigning[] = "1.3.6.1.5.5.7.3.9";
/* Return 0 if the cert is usable for encryption. A MODE of 0 checks
for signing a MODE of 1 checks for encryption, a MODE of 2 checks
for verification and a MODE of 3 for decryption (just for
@ -120,7 +130,7 @@ cert_usage_p (ksba_cert_t cert, int mode, int silent)
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
{
err = 0;
if (opt.verbose && mode < 2 && !silent)
if (opt.verbose && mode < USE_MODE_VRFY && !silent)
log_info (_("no key usage specified - assuming all usages\n"));
use = ~0;
}
@ -137,7 +147,7 @@ cert_usage_p (ksba_cert_t cert, int mode, int silent)
return err;
}
if (mode == 4)
if (mode == USE_MODE_CERT)
{
if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN)))
return 0;
@ -147,7 +157,7 @@ cert_usage_p (ksba_cert_t cert, int mode, int silent)
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
}
if (mode == 5)
if (mode == USE_MODE_OCSP)
{
if (use != ~0
&& (have_ocsp_signing
@ -170,11 +180,13 @@ cert_usage_p (ksba_cert_t cert, int mode, int silent)
return 0;
if (!silent)
log_info
(mode==3? _("certificate should not have been used for encryption\n"):
mode==2? _("certificate should not have been used for signing\n"):
mode==1? _("certificate is not usable for encryption\n"):
/**/ _("certificate is not usable for signing\n"));
log_info (mode == USE_MODE_DECR?
_("certificate should not have been used for encryption\n") :
mode == USE_MODE_VRFY?
_("certificate should not have been used for signing\n") :
mode == USE_MODE_ENCR?
_("certificate is not usable for encryption\n") :
_("certificate is not usable for signing\n"));
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
}
@ -184,7 +196,7 @@ cert_usage_p (ksba_cert_t cert, int mode, int silent)
int
gpgsm_cert_use_sign_p (ksba_cert_t cert, int silent)
{
return cert_usage_p (cert, 0, silent);
return cert_usage_p (cert, USE_MODE_SIGN, silent);
}
@ -192,31 +204,31 @@ gpgsm_cert_use_sign_p (ksba_cert_t cert, int silent)
int
gpgsm_cert_use_encrypt_p (ksba_cert_t cert)
{
return cert_usage_p (cert, 1, 0);
return cert_usage_p (cert, USE_MODE_ENCR, 0);
}
int
gpgsm_cert_use_verify_p (ksba_cert_t cert)
{
return cert_usage_p (cert, 2, 0);
return cert_usage_p (cert, USE_MODE_VRFY, 0);
}
int
gpgsm_cert_use_decrypt_p (ksba_cert_t cert)
{
return cert_usage_p (cert, 3, 0);
return cert_usage_p (cert, USE_MODE_DECR, 0);
}
int
gpgsm_cert_use_cert_p (ksba_cert_t cert)
{
return cert_usage_p (cert, 4, 0);
return cert_usage_p (cert, USE_MODE_CERT, 0);
}
int
gpgsm_cert_use_ocsp_p (ksba_cert_t cert)
{
return cert_usage_p (cert, 5, 0);
return cert_usage_p (cert, USE_MODE_OCSP, 0);
}