1 /******************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * LICENSE-2.0" target="_blank">http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
20 ******************************************************************/
26 #include "byte_array.h"
27 #include "pki_errors.h"
30 #include "oic_malloc.h"
35 const char COMMAND_CRT[] = "crt";
36 const char COMMAND_CRL[] = "crl";
39 * Shows program usage hint.
43 printf("Use next command:\n");
44 printf("x509_check -c <crt/crl> -f <path to crt/crl file> -s <path to CA certificate>\n");
45 printf("\t[-c]\t command name crt | crl\n");
46 printf("\t[-f]\t path to crt/crl file\n");
47 printf("\t[-s]\t path to CA certificate>\n");
51 * Converts DER file to byte array.
53 * @param[in] filePath - path to DER file (Certificate or CRL)
54 * @param[out] caPublicKey - ByteArray with DER encoded CRT or CRL
56 void FileToByteArray(const char *filePath, ByteArray *out)
60 printf("File path is NULL!\n");
64 FILE *inFile = fopen(filePath, "rb");
68 printf("Specified file doesn't exist!\n");
72 fseek(inFile, 0, SEEK_END);
73 out->len = ftell(inFile);
75 out->data = (uint8_t *)OICMalloc(out->len);
79 printf("Impossible to allocate memory!\n");
83 if (!fread(out->data, sizeof(uint8_t), out->len, inFile))
85 printf("No info in file!\n");
94 * Checks certificate and certificate revocation list
96 * @param[in] argc An integer argument count of the command line arguments
97 * @param[in] argv An argument vector of the command line arguments
99 * @return[out] an integer 0 upon exit success
101 int main(int argc, char *argv[])
104 const char *testedFileName = 0;
105 const char *caCrtFileName = 0;
107 // Parse command line arguments
110 while ((opt = getopt(argc, argv, "c:f:s:")) != -1)
115 if (!strcmp(COMMAND_CRT, optarg))
119 else if (!strcmp(COMMAND_CRL, optarg))
125 printf("Wrong command(-c)!\n");
131 testedFileName = optarg;
134 caCrtFileName = optarg;
142 if (testedFileName == NULL || caCrtFileName == NULL)
144 printf("Wrong file name\n");
150 ByteArray testedCrtCrl = BYTE_ARRAY_INITIALIZER; // Could contain either Certificate or CRL
151 ByteArray caCrt = BYTE_ARRAY_INITIALIZER;
153 // Copy DER files, specified in command line to ByteArray structure
154 FileToByteArray(testedFileName, &testedCrtCrl);
155 FileToByteArray(caCrtFileName, &caCrt);
157 // Decoding CA certificate
158 CertificateX509 caCrtStuct = CERTIFICATE_X509_INITIALIZER;
159 PKIError errorCode = DecodeCertificate(caCrt, &caCrtStuct);
161 if (errorCode != PKI_SUCCESS)
163 printf("Unable to decode CA Certificate!\n");
164 printf("Error code: %d\n", errorCode);
167 ByteArray caPublicKey = BYTE_ARRAY_INITIALIZER;
168 // Verifies Certificate or CRL depending on request
171 errorCode = CheckCertificate(testedCrtCrl, caCrtStuct.pubKey);
175 caPublicKey.data = caCrtStuct.pubKey.data;
176 caPublicKey.len = caCrtStuct.pubKey.len;
177 ParsePublicKey(&caPublicKey);
178 CertificateList crlStruct = CRL_INITIALIZER;
179 errorCode = DecodeCertificateList(testedCrtCrl, &crlStruct, caPublicKey);
182 if (errorCode == PKI_SUCCESS)
184 printf("Verification SUCCESS!\n");
188 printf("Verification FAILED!\n");
189 printf("Error code: %d\n", errorCode);
192 // Free the allocated memory
193 OICFree(testedCrtCrl.data);