1 /*
2 * Testing tool for X.509v3 routines
3 * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 */
8
9 #include "includes.h"
10
11 #include "common.h"
12 #include "tls/asn1.h"
13 #include "tls/x509v3.h"
14
15
main(int argc,char * argv[])16 int main(int argc, char *argv[])
17 {
18 char *buf;
19 size_t len;
20 struct x509_certificate *certs = NULL, *last = NULL, *cert;
21 int i, reason;
22
23 wpa_debug_level = 0;
24 wpa_debug_show_keys = 1;
25
26 if (argc < 3 || strcmp(argv[1], "-v") != 0) {
27 printf("usage: test_x509v3 -v <cert1.der> <cert2.der> ..\n");
28 return -1;
29 }
30
31 for (i = 2; i < argc; i++) {
32 printf("Reading: %s\n", argv[i]);
33 buf = os_readfile(argv[i], &len);
34 if (buf == NULL) {
35 printf("Failed to read '%s'\n", argv[i]);
36 return -1;
37 }
38
39 cert = x509_certificate_parse((u8 *) buf, len);
40 if (cert == NULL) {
41 printf("Failed to parse X.509 certificate\n");
42 return -1;
43 }
44
45 free(buf);
46
47 if (certs == NULL)
48 certs = cert;
49 else
50 last->next = cert;
51 last = cert;
52 }
53
54 printf("\n\nValidating certificate chain\n");
55 if (x509_certificate_chain_validate(last, certs, &reason, 0) < 0) {
56 printf("\nCertificate chain validation failed: %d\n", reason);
57 return -1;
58 }
59 printf("\nCertificate chain is valid\n");
60
61 return 0;
62 }
63