--- /dev/null
+/*
+ * Testing tool for X.509v3 routines
+ * Copyright (c) 2006-2007, Jouni Malinen <j@w1.fi>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ *
+ * Alternatively, this software may be distributed under the terms of BSD
+ * license.
+ *
+ * See README and COPYING for more details.
+ */
+
+#include "includes.h"
+
+#include "common.h"
+#include "tls/asn1.h"
+#include "tls/x509v3.h"
+
+extern int wpa_debug_level;
+
+
+int main(int argc, char *argv[])
+{
+ char *buf;
+ size_t len;
+ struct x509_certificate *certs = NULL, *last = NULL, *cert;
+ int i, reason;
+
+ wpa_debug_level = 0;
+
+ if (argc < 3 || strcmp(argv[1], "-v") != 0) {
+ printf("usage: test_x509v3 -v <cert1.der> <cert2.der> ..\n");
+ return -1;
+ }
+
+ for (i = 2; i < argc; i++) {
+ printf("Reading: %s\n", argv[i]);
+ buf = os_readfile(argv[i], &len);
+ if (buf == NULL) {
+ printf("Failed to read '%s'\n", argv[i]);
+ return -1;
+ }
+
+ cert = x509_certificate_parse((u8 *) buf, len);
+ if (cert == NULL) {
+ printf("Failed to parse X.509 certificate\n");
+ return -1;
+ }
+
+ free(buf);
+
+ if (certs == NULL)
+ certs = cert;
+ else
+ last->next = cert;
+ last = cert;
+ }
+
+ printf("\n\nValidating certificate chain\n");
+ if (x509_certificate_chain_validate(last, certs, &reason) < 0) {
+ printf("\nCertificate chain validation failed: %d\n", reason);
+ return -1;
+ }
+ printf("\nCertificate chain is valid\n");
+
+ return 0;
+}
projects / libeap.git / blobdiff