aboutsummaryrefslogtreecommitdiffstats
path: root/src/cli/x509.cpp
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-11-21 20:07:26 -0500
committerJack Lloyd <[email protected]>2016-11-23 08:31:07 -0500
commitcdd2e2babc0506d0c727aff06d1fc430cedbf695 (patch)
tree136e8ade4c31e4086245db2d87552bde1c584fe1 /src/cli/x509.cpp
parent7dbb31c5778ac1158fbf0979739f6c3c55a007f5 (diff)
Refactor X.509 path validation
Splits path building, path validation, CRL checks, and OCSP checks into distinct functions in namespace PKIX. The previous path validation APIs remain. Fixes to OCSP to store more information and to handle modern OCSP setups in at least some situations.
Diffstat (limited to 'src/cli/x509.cpp')
-rw-r--r--src/cli/x509.cpp7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/cli/x509.cpp b/src/cli/x509.cpp
index 25261a2d1..7ae980d76 100644
--- a/src/cli/x509.cpp
+++ b/src/cli/x509.cpp
@@ -104,7 +104,8 @@ class Cert_Info final : public Command
BOTAN_REGISTER_COMMAND("cert_info", Cert_Info);
-#if defined(BOTAN_HAS_OCSP)
+#if defined(BOTAN_HAS_OCSP) && defined(BOTAN_HAS_HTTP_UTIL)
+
class OCSP_Check final : public Command
{
public:
@@ -119,7 +120,7 @@ class OCSP_Check final : public Command
cas.add_certificate(issuer);
Botan::OCSP::Response resp = Botan::OCSP::online_check(issuer, subject, &cas);
- auto status = resp.status_for(issuer, subject);
+ auto status = resp.status_for(issuer, subject, std::chrono::system_clock::now());
if(status == Botan::Certificate_Status_Code::VERIFIED)
{
@@ -135,7 +136,7 @@ class OCSP_Check final : public Command
BOTAN_REGISTER_COMMAND("ocsp_check", OCSP_Check);
-#endif // OCSP
+#endif // OCSP && HTTP
class Cert_Verify final : public Command
{