aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/cert/x509
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/cert/x509')
-rw-r--r--src/lib/cert/x509/x509path.cpp2
-rw-r--r--src/lib/cert/x509/x509path.h3
2 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/cert/x509/x509path.cpp b/src/lib/cert/x509/x509path.cpp
index a6c3ce6e9..b5345c272 100644
--- a/src/lib/cert/x509/x509path.cpp
+++ b/src/lib/cert/x509/x509path.cpp
@@ -338,6 +338,8 @@ const X509_Certificate& Path_Validation_Result::trust_root() const
{
if(m_cert_path.empty())
throw std::runtime_error("Path_Validation_Result::trust_root no path set");
+ if(result() != Certificate_Status_Code::VERIFIED)
+ throw std::runtime_error("Path_Validation_Result::trust_root meaningless with invalid status");
return m_cert_path[m_cert_path.size()-1];
}
diff --git a/src/lib/cert/x509/x509path.h b/src/lib/cert/x509/x509path.h
index c56aef21f..08d92915d 100644
--- a/src/lib/cert/x509/x509path.h
+++ b/src/lib/cert/x509/x509path.h
@@ -84,7 +84,8 @@ class BOTAN_DLL Path_Validation_Result
std::set<std::string> trusted_hashes() const;
/**
- * @return the trust root of the validation
+ * @return the trust root of the validation if successful
+ * throws an exception if the validation failed
*/
const X509_Certificate& trust_root() const;
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 01:11:45 +0000