00001 #include "wvargs.h"
00002 #include "wvcrash.h"
00003 #include "wvfile.h"
00004 #include "wvlog.h"
00005 #include "wvstrutils.h"
00006 #include "wvx509.h"
00007 #include "wvautoconf.h"
00008
00009 void print_details(WvX509 *x509)
00010 {
00011 wvcon->print("Subject: %s\n", x509->get_subject());
00012 wvcon->print("Issuer: %s\n", x509->get_issuer());
00013 wvcon->print("Serial: %s\n", x509->get_serial());
00014 time_t t1 = x509->get_notvalid_before();
00015 time_t t2 = x509->get_notvalid_after();
00016
00017 wvcon->print("Not Valid Before: %s\n", ctime(&t1));
00018 wvcon->print("Not Valid After: %s\n", ctime(&t2));
00019 wvcon->print("Key Usage: %s\n", x509->get_key_usage());
00020 wvcon->print("Ext Key Usage: %s\n", x509->get_ext_key_usage());
00021 wvcon->print("Authority Info Access: \n%s\n", x509->get_aia());
00022 WvStringList list;
00023 x509->get_ca_urls(list);
00024 wvcon->print("CA Issuers available from:\n%s\n", list.join("\n"));
00025 list.zap();
00026 x509->get_ocsp(list);
00027 wvcon->print("OCSP Responders available from:\n%s\n", list.join("\n"));
00028 list.zap();
00029 x509->get_crl_urls(list);
00030 wvcon->print("CRL Distribution Points:\n%s\n", list.join("\n"));
00031 list.zap();
00032 x509->get_policies(list);
00033 wvcon->print("Certificate Policy OIDs:\n%s\n", list.join("\n"));
00034
00035 #ifdef HAVE_OPENSSL_POLICY_MAPPING
00036 int requireExplicitPolicy, inhibitPolicyMapping;
00037 x509->get_policy_constraints(requireExplicitPolicy, inhibitPolicyMapping);
00038 wvcon->print("Certificate Policy Constraints: requireExplicitPolicy: %s "
00039 "inhibitPolicyMapping: %s\n", requireExplicitPolicy,
00040 inhibitPolicyMapping);
00041
00042 WvX509::PolicyMapList maplist;
00043 x509->get_policy_mapping(maplist);
00044 wvcon->print("Policy mappings:\n");
00045 WvX509::PolicyMapList::Iter i(maplist);
00046 for (i.rewind(); i.next();)
00047 wvcon->print("%s -> %s\n", i().issuer_domain, i().subject_domain);
00048 #endif
00049 }
00050
00051
00052 int main(int argc, char **argv)
00053 {
00054 wvcrash_setup(argv[0]);
00055
00056 WvString certtype = "pem";
00057 WvStringList remaining_args;
00058
00059 WvArgs args;
00060 args.add_required_arg("certificate");
00061 args.add_option('t', "type", "Certificate type: der or pem (default: pem)",
00062 "type", certtype);
00063 if (!args.process(argc, argv, &remaining_args) || remaining_args.count() < 1)
00064 {
00065 args.print_help(argc, argv);
00066 return -1;
00067 }
00068
00069 #if 0
00070 WvX509 x509;
00071 if (certtype == "der")
00072 x509.load(WvX509Mgr::CertDER, remaining_args.popstr());
00073 else if (certtype == "pem")
00074 x509.load(WvX509Mgr::CertPEM, remaining_args.popstr());
00075 else
00076 {
00077 wverr->print("Invalid certificate type '%s'\n", certtype);
00078 return -1;
00079 }
00080
00081 if (x509.isok())
00082 print_details(&x509);
00083 else
00084 wverr->print("X509 certificate not valid\n");
00085 #endif
00086 return 0;
00087 }