WvStreams
printcert.cc
1#include "wvargs.h"
2#include "wvcrash.h"
3#include "wvfile.h"
4#include "wvlog.h"
5#include "wvstrutils.h"
6#include "wvx509.h"
7#include "wvautoconf.h"
8
9void print_details(WvX509 *x509)
10{
11 wvcon->print("Subject: %s\n", x509->get_subject());
12 wvcon->print("Issuer: %s\n", x509->get_issuer());
13 wvcon->print("Serial: %s\n", x509->get_serial());
14 time_t t1 = x509->get_notvalid_before();
15 time_t t2 = x509->get_notvalid_after();
16
17 wvcon->print("Not Valid Before: %s\n", ctime(&t1));
18 wvcon->print("Not Valid After: %s\n", ctime(&t2));
19 wvcon->print("Key Usage: %s\n", x509->get_key_usage());
20 wvcon->print("Ext Key Usage: %s\n", x509->get_ext_key_usage());
21 wvcon->print("Authority Info Access: \n%s\n", x509->get_aia());
22 WvStringList list;
23 x509->get_ca_urls(list);
24 wvcon->print("CA Issuers available from:\n%s\n", list.join("\n"));
25 list.zap();
26 x509->get_ocsp(list);
27 wvcon->print("OCSP Responders available from:\n%s\n", list.join("\n"));
28 list.zap();
29 x509->get_crl_urls(list);
30 wvcon->print("CRL Distribution Points:\n%s\n", list.join("\n"));
31 list.zap();
32 x509->get_policies(list);
33 wvcon->print("Certificate Policy OIDs:\n%s\n", list.join("\n"));
34
35#ifdef HAVE_OPENSSL_POLICY_MAPPING
36 int requireExplicitPolicy, inhibitPolicyMapping;
37 x509->get_policy_constraints(requireExplicitPolicy, inhibitPolicyMapping);
38 wvcon->print("Certificate Policy Constraints: requireExplicitPolicy: %s "
39 "inhibitPolicyMapping: %s\n", requireExplicitPolicy,
40 inhibitPolicyMapping);
41
42 WvX509::PolicyMapList maplist;
43 x509->get_policy_mapping(maplist);
44 wvcon->print("Policy mappings:\n");
45 WvX509::PolicyMapList::Iter i(maplist);
46 for (i.rewind(); i.next();)
47 wvcon->print("%s -> %s\n", i().issuer_domain, i().subject_domain);
48#endif
49}
50
51
52int main(int argc, char **argv)
53{
54 wvcrash_setup(argv[0]);
55
56 WvString certtype = "pem";
57 WvStringList remaining_args;
58
59 WvArgs args;
60 args.add_required_arg("certificate");
61 args.add_option('t', "type", "Certificate type: der or pem (default: pem)",
62 "type", certtype);
63 if (!args.process(argc, argv, &remaining_args) || remaining_args.count() < 1)
64 {
65 args.print_help(argc, argv);
66 return -1;
67 }
68 // FIXME: not working yet
69#if 0
70 WvX509 x509;
71 if (certtype == "der")
72 x509.load(WvX509Mgr::CertDER, remaining_args.popstr());
73 else if (certtype == "pem")
74 x509.load(WvX509Mgr::CertPEM, remaining_args.popstr());
75 else
76 {
77 wverr->print("Invalid certificate type '%s'\n", certtype);
78 return -1;
79 }
80
81 if (x509.isok())
82 print_details(&x509);
83 else
84 wverr->print("X509 certificate not valid\n");
85#endif
86 return 0;
87}
WvArgs - Sane command-line argument processing for WvStreams.
Definition wvargs.h:62
bool process(int argc, char **argv, WvStringList *remaining_args=NULL)
Process the command line arguments passed to main() using the options provided through calls to add_o...
Definition wvargs.cc:784
void add_option(char short_option, WvStringParm long_option, WvStringParm desc, WvStringParm arg_desc, int &val)
Add a switch that takes an integer argument.
Definition wvargs.cc:888
void add_required_arg(WvStringParm desc, bool multiple=false)
Add a required argument to the list of parameters.
Definition wvargs.cc:966
void print_help(int argc, char **argv)
Output the long usage message based on the provided options.
Definition wvargs.cc:850
This is a WvList of WvStrings, and is a really handy way to parse strings.
WvString join(const char *joinchars=" ") const
concatenates all elements of the list seperating on joinchars
WvString popstr()
get the first string in the list, or an empty string if the list is empty.
WvString is an implementation of a simple and efficient printable-string class.
Definition wvstring.h:330
X509 Class to handle certificates and their related functions.
Definition wvx509.h:42
time_t get_notvalid_before() const
Return the not before and not after in a format we're more able to easily use.
Definition wvx509.cc:1378
WvString get_serial(bool hex=false) const
get and set the serialNumber field of the certificate
Definition wvx509.cc:704
void get_ocsp(WvStringList &responders) const
Get a list of OCSP Responders for this certificate.
Definition wvx509.cc:1030
void get_ca_urls(WvStringList &urls) const
Get a list of urls that have the Certificate of the CA that issued this certificate.
Definition wvx509.cc:1036
bool get_policy_mapping(PolicyMapList &list) const
Get the policy mappings for this certificate.
WvString get_ext_key_usage() const
Get and set the extendedKeyUsage field.
Definition wvx509.cc:776
bool get_policies(WvStringList &policy_oids) const
Get any certificate Policy OIDs.
Definition wvx509.cc:1080
WvString get_subject() const
get and set the Subject field of the certificate
Definition wvx509.cc:624
bool get_policy_constraints(int &require_explicit_policy, int &inhibit_policy_mapping) const
Get the values in the policy constraints extension.
WvString get_issuer() const
Get and set the Certificate Issuer (usually the CA who signed the certificate).
Definition wvx509.cc:594
WvString get_aia() const
Get the authority info access information.
Definition wvx509.cc:1006
WvString get_key_usage() const
Get and set the keyUsage field.
Definition wvx509.cc:764
void get_crl_urls(WvStringList &urls) const
Get a list of URLs that are valid CRL distribution points for this certificate.
Definition wvx509.cc:1042
virtual bool isok() const
Is the certificate object valid?
Definition wvx509.cc:1285
Various little string functions.