WvStreams
printcert.cc
1 #include "wvargs.h"
2 #include "wvcrash.h"
3 #include "wvfile.h"
4 #include "wvlog.h"
5 #include "wvstrutils.h"
6 #include "wvx509.h"
7 #include "wvautoconf.h"
8 
9 void print_details(WvX509 *x509)
10 {
11  wvcon->print("Subject: %s\n", x509->get_subject());
12  wvcon->print("Issuer: %s\n", x509->get_issuer());
13  wvcon->print("Serial: %s\n", x509->get_serial());
14  time_t t1 = x509->get_notvalid_before();
15  time_t t2 = x509->get_notvalid_after();
16 
17  wvcon->print("Not Valid Before: %s\n", ctime(&t1));
18  wvcon->print("Not Valid After: %s\n", ctime(&t2));
19  wvcon->print("Key Usage: %s\n", x509->get_key_usage());
20  wvcon->print("Ext Key Usage: %s\n", x509->get_ext_key_usage());
21  wvcon->print("Authority Info Access: \n%s\n", x509->get_aia());
22  WvStringList list;
23  x509->get_ca_urls(list);
24  wvcon->print("CA Issuers available from:\n%s\n", list.join("\n"));
25  list.zap();
26  x509->get_ocsp(list);
27  wvcon->print("OCSP Responders available from:\n%s\n", list.join("\n"));
28  list.zap();
29  x509->get_crl_urls(list);
30  wvcon->print("CRL Distribution Points:\n%s\n", list.join("\n"));
31  list.zap();
32  x509->get_policies(list);
33  wvcon->print("Certificate Policy OIDs:\n%s\n", list.join("\n"));
34 
35 #ifdef HAVE_OPENSSL_POLICY_MAPPING
36  int requireExplicitPolicy, inhibitPolicyMapping;
37  x509->get_policy_constraints(requireExplicitPolicy, inhibitPolicyMapping);
38  wvcon->print("Certificate Policy Constraints: requireExplicitPolicy: %s "
39  "inhibitPolicyMapping: %s\n", requireExplicitPolicy,
40  inhibitPolicyMapping);
41 
42  WvX509::PolicyMapList maplist;
43  x509->get_policy_mapping(maplist);
44  wvcon->print("Policy mappings:\n");
45  WvX509::PolicyMapList::Iter i(maplist);
46  for (i.rewind(); i.next();)
47  wvcon->print("%s -> %s\n", i().issuer_domain, i().subject_domain);
48 #endif
49 }
50 
51 
52 int main(int argc, char **argv)
53 {
54  wvcrash_setup(argv[0]);
55 
56  WvString certtype = "pem";
57  WvStringList remaining_args;
58 
59  WvArgs args;
60  args.add_required_arg("certificate");
61  args.add_option('t', "type", "Certificate type: der or pem (default: pem)",
62  "type", certtype);
63  if (!args.process(argc, argv, &remaining_args) || remaining_args.count() < 1)
64  {
65  args.print_help(argc, argv);
66  return -1;
67  }
68  // FIXME: not working yet
69 #if 0
70  WvX509 x509;
71  if (certtype == "der")
72  x509.load(WvX509Mgr::CertDER, remaining_args.popstr());
73  else if (certtype == "pem")
74  x509.load(WvX509Mgr::CertPEM, remaining_args.popstr());
75  else
76  {
77  wverr->print("Invalid certificate type '%s'\n", certtype);
78  return -1;
79  }
80 
81  if (x509.isok())
82  print_details(&x509);
83  else
84  wverr->print("X509 certificate not valid\n");
85 #endif
86  return 0;
87 }
WvX509::get_notvalid_before
time_t get_notvalid_before() const
Return the not before and not after in a format we're more able to easily use.
Definition: wvx509.cc:1378
WvArgs::add_option
void add_option(char short_option, WvStringParm long_option, WvStringParm desc, WvStringParm arg_desc, int &val)
Add a switch that takes an integer argument.
Definition: wvargs.cc:888
WvX509::get_policy_mapping
bool get_policy_mapping(PolicyMapList &list) const
Get the policy mappings for this certificate.
WvStringList::popstr
WvString popstr()
get the first string in the list, or an empty string if the list is empty.
Definition: wvstringlist.cc:55
WvX509
X509 Class to handle certificates and their related functions.
Definition: wvx509.h:41
WvX509::get_policy_constraints
bool get_policy_constraints(int &require_explicit_policy, int &inhibit_policy_mapping) const
Get the values in the policy constraints extension.
WvX509::get_ocsp
void get_ocsp(WvStringList &responders) const
Get a list of OCSP Responders for this certificate.
Definition: wvx509.cc:1030
WvX509::get_ext_key_usage
WvString get_ext_key_usage() const
Get and set the extendedKeyUsage field.
Definition: wvx509.cc:776
WvX509::isok
virtual bool isok() const
Is the certificate object valid?
Definition: wvx509.cc:1285
WvX509::get_aia
WvString get_aia() const
Get the authority info access information.
Definition: wvx509.cc:1006
WvString
WvString is an implementation of a simple and efficient printable-string class.
Definition: wvstring.h:329
WvArgs
WvArgs - Sane command-line argument processing for WvStreams.
Definition: wvargs.h:61
wvstrutils.h
WvStringList::join
WvString join(const char *joinchars=" ") const
concatenates all elements of the list seperating on joinchars
Definition: wvstringlist.cc:14
WvX509::get_serial
WvString get_serial(bool hex=false) const
get and set the serialNumber field of the certificate
Definition: wvx509.cc:704
WvX509::get_crl_urls
void get_crl_urls(WvStringList &urls) const
Get a list of URLs that are valid CRL distribution points for this certificate.
Definition: wvx509.cc:1042
WvX509::get_issuer
WvString get_issuer() const
Get and set the Certificate Issuer (usually the CA who signed the certificate).
Definition: wvx509.cc:594
WvX509::get_policies
bool get_policies(WvStringList &policy_oids) const
Get any certificate Policy OIDs.
Definition: wvx509.cc:1080
WvArgs::process
bool process(int argc, char **argv, WvStringList *remaining_args=NULL)
Process the command line arguments passed to main() using the options provided through calls to add_o...
Definition: wvargs.cc:784
WvArgs::add_required_arg
void add_required_arg(WvStringParm desc, bool multiple=false)
Add a required argument to the list of parameters.
Definition: wvargs.cc:966
WvStringList
This is a WvList of WvStrings, and is a really handy way to parse strings.
Definition: wvstringlist.h:27
WvX509::get_subject
WvString get_subject() const
get and set the Subject field of the certificate
Definition: wvx509.cc:624
WvX509::get_key_usage
WvString get_key_usage() const
Get and set the keyUsage field.
Definition: wvx509.cc:764
WvX509::get_ca_urls
void get_ca_urls(WvStringList &urls) const
Get a list of urls that have the Certificate of the CA that issued this certificate.
Definition: wvx509.cc:1036
WvArgs::print_help
void print_help(int argc, char **argv)
Output the long usage message based on the provided options.
Definition: wvargs.cc:850