From 62125521f863c2cbf7937b8723f8ba1384357c1a Mon Sep 17 00:00:00 2001
From: Brad Hards <bradh@frogmouth.net>
Date: Fri, 6 May 2005 11:09:29 +0000
Subject: [PATCH] Add in support for checking usage when validating keys.

CCMAIL: justin-psi2@affinix.com

svn path=/trunk/kdesupport/qca/; revision=409986
---
 plugins/qca-openssl/qca-openssl.cpp | 30 +++++++++++++++++++++++++----
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/plugins/qca-openssl/qca-openssl.cpp b/plugins/qca-openssl/qca-openssl.cpp
index 26bcf440..1f16a6af 100644
--- a/plugins/qca-openssl/qca-openssl.cpp
+++ b/plugins/qca-openssl/qca-openssl.cpp
@@ -3253,10 +3253,32 @@ public:
 
 static bool usage_check(const MyCertContext &cc, QCA::UsageMode u)
 {
-	// TODO: check usage
-	Q_UNUSED(cc);
-	Q_UNUSED(u);
-	return true;
+	switch (u)
+	{
+	case QCA::UsageAny :
+		return true;
+		break;
+	case QCA::UsageTLSServer :
+		return cc._props.constraints.contains(QCA::ServerAuth);
+		break;
+	case QCA::UsageTLSClient :
+		return cc._props.constraints.contains(QCA::ClientAuth);
+		break;
+	case QCA::UsageCodeSigning :
+		return cc._props.constraints.contains(QCA::CodeSigning);
+		break;
+	case QCA::UsageEmailProtection :
+		return cc._props.constraints.contains(QCA::EmailProtection);
+		break;
+	case QCA::UsageTimeStamping :
+		return cc._props.constraints.contains(QCA::TimeStamping);
+		break;
+	case QCA::UsageCRLSigning :
+		return cc._props.constraints.contains(QCA::CRLSign);
+		break;
+	default:
+		return true;
+	}
 }
 
 QCA::Validity MyCertContext::validate(const QList<QCA::CertContext*> &trusted, const QList<QCA::CertContext*> &untrusted, const QList<QCA::CRLContext *> &crls, QCA::UsageMode u) const