1/* 2 * Testing tool for X.509v3 routines 3 * Copyright (c) 2006, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#include "includes.h" 16 17#include "common.h" 18#include "asn1.h" 19#include "x509v3.h" 20 21extern int wpa_debug_level; 22 23 24int main(int argc, char *argv[]) 25{ 26 char *buf; 27 size_t len; 28 struct x509_certificate *certs = NULL, *last = NULL, *cert; 29 int i, reason; 30 31 wpa_debug_level = 0; 32 33 if (argc < 3 || strcmp(argv[1], "-v") != 0) { 34 printf("usage: test_x509v3 -v <cert1.der> <cert2.der> ..\n"); 35 return -1; 36 } 37 38 for (i = 2; i < argc; i++) { 39 printf("Reading: %s\n", argv[i]); 40 buf = os_readfile(argv[i], &len); 41 if (buf == NULL) { 42 printf("Failed to read '%s'\n", argv[i]); 43 return -1; 44 } 45 46 cert = x509_certificate_parse(buf, len); 47 if (cert == NULL) { 48 printf("Failed to parse X.509 certificate\n"); 49 return -1; 50 } 51 52 free(buf); 53 54 if (certs == NULL) 55 certs = cert; 56 else 57 last->next = cert; 58 last = cert; 59 } 60 61 printf("\n\nValidating certificate chain\n"); 62 if (x509_certificate_chain_validate(last, certs, &reason) < 0) { 63 printf("\nCertificate chain validation failed: %d\n", reason); 64 return -1; 65 } 66 printf("\nCertificate chain is valid\n"); 67 68 return 0; 69} 70