diff options
Diffstat (limited to 'src/cli/cert_verify.cpp')
| -rw-r--r-- | src/cli/cert_verify.cpp | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/src/cli/cert_verify.cpp b/src/cli/cert_verify.cpp new file mode 100644 index 000000000..7a1bec983 --- /dev/null +++ b/src/cli/cert_verify.cpp @@ -0,0 +1,54 @@ +/* +* Simple example of a certificate validation +* (C) 2010 Jack Lloyd +* +* Botan is released under the Simplified BSD License (see license.txt) +*/ + +#include "apps.h" + +#if defined(BOTAN_HAS_X509_CERTIFICATES) + +#include <botan/x509path.h> + +namespace { + +int cert_verify(const std::vector<std::string> &args) + { + using namespace Botan; + + if(args.size() <= 2) + { + std::cout << "Usage: " << args[0] << " subject.pem [CA certificates...]" << std::endl; + return 1; + } + + X509_Certificate subject_cert(args[1]); + + Certificate_Store_In_Memory certs; + + for(const auto certfile : std::vector<std::string>(args.begin()+2, args.end())) + { + certs.add_certificate(X509_Certificate(certfile)); + } + + Path_Validation_Restrictions restrictions; + + Path_Validation_Result result = + x509_path_validate(subject_cert, + restrictions, + certs); + + if(result.successful_validation()) + std::cout << "Certificate validated" << std::endl; + else + std::cout << "Certificate did not validate - " << result.result_string() << std::endl; + + return 0; + } + +REGISTER_APP(cert_verify); + +} + +#endif // BOTAN_HAS_X509_CERTIFICATES |