diff options
author | Jack Lloyd <[email protected]> | 2016-11-21 20:07:26 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-11-23 08:31:07 -0500 |
commit | cdd2e2babc0506d0c727aff06d1fc430cedbf695 (patch) | |
tree | 136e8ade4c31e4086245db2d87552bde1c584fe1 /src/cli/x509.cpp | |
parent | 7dbb31c5778ac1158fbf0979739f6c3c55a007f5 (diff) |
Refactor X.509 path validation
Splits path building, path validation, CRL checks, and OCSP checks
into distinct functions in namespace PKIX. The previous path validation
APIs remain.
Fixes to OCSP to store more information and to handle modern OCSP setups
in at least some situations.
Diffstat (limited to 'src/cli/x509.cpp')
-rw-r--r-- | src/cli/x509.cpp | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/cli/x509.cpp b/src/cli/x509.cpp index 25261a2d1..7ae980d76 100644 --- a/src/cli/x509.cpp +++ b/src/cli/x509.cpp @@ -104,7 +104,8 @@ class Cert_Info final : public Command BOTAN_REGISTER_COMMAND("cert_info", Cert_Info); -#if defined(BOTAN_HAS_OCSP) +#if defined(BOTAN_HAS_OCSP) && defined(BOTAN_HAS_HTTP_UTIL) + class OCSP_Check final : public Command { public: @@ -119,7 +120,7 @@ class OCSP_Check final : public Command cas.add_certificate(issuer); Botan::OCSP::Response resp = Botan::OCSP::online_check(issuer, subject, &cas); - auto status = resp.status_for(issuer, subject); + auto status = resp.status_for(issuer, subject, std::chrono::system_clock::now()); if(status == Botan::Certificate_Status_Code::VERIFIED) { @@ -135,7 +136,7 @@ class OCSP_Check final : public Command BOTAN_REGISTER_COMMAND("ocsp_check", OCSP_Check); -#endif // OCSP +#endif // OCSP && HTTP class Cert_Verify final : public Command { |