iPXE
certmgmt.c
Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2016 Michael Brown <mbrown@fensystems.co.uk>.
00003  *
00004  * This program is free software; you can redistribute it and/or
00005  * modify it under the terms of the GNU General Public License as
00006  * published by the Free Software Foundation; either version 2 of the
00007  * License, or any later version.
00008  *
00009  * This program is distributed in the hope that it will be useful, but
00010  * WITHOUT ANY WARRANTY; without even the implied warranty of
00011  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00012  * General Public License for more details.
00013  *
00014  * You should have received a copy of the GNU General Public License
00015  * along with this program; if not, write to the Free Software
00016  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
00017  * 02110-1301, USA.
00018  *
00019  * You can also choose to distribute this program under the terms of
00020  * the Unmodified Binary Distribution Licence (as given in the file
00021  * COPYING.UBDL), provided that you have satisfied its requirements.
00022  */
00023 
00024 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
00025 
00026 #include <stdio.h>
00027 #include <errno.h>
00028 #include <ipxe/x509.h>
00029 #include <ipxe/sha1.h>
00030 #include <ipxe/base16.h>
00031 #include <usr/certmgmt.h>
00032 
00033 /** @file
00034  *
00035  * Certificate management
00036  *
00037  */
00038 
00039 /**
00040  * Display status of a certificate
00041  *
00042  * @v cert              X.509 certificate
00043  */
00044 void certstat ( struct x509_certificate *cert ) {
00045         struct digest_algorithm *digest = &sha1_algorithm;
00046         uint8_t fingerprint[ digest->digestsize ];
00047         char buf[ base16_encoded_len ( sizeof ( fingerprint ) ) + 1 /* NUL */ ];
00048 
00049         /* Generate fingerprint */
00050         x509_fingerprint ( cert, digest, fingerprint );
00051         base16_encode ( fingerprint, sizeof ( fingerprint ),
00052                         buf, sizeof ( buf ) );
00053 
00054         /* Print certificate status */
00055         printf ( "%s : %s", x509_name ( cert ), buf );
00056         if ( cert->flags & X509_FL_PERMANENT )
00057                 printf ( " [PERMANENT]" );
00058         if ( cert->flags & X509_FL_EXPLICIT )
00059                 printf ( " [EXPLICIT]" );
00060         if ( x509_is_valid ( cert ) )
00061                 printf ( " [VALIDATED]" );
00062         printf ( "\n" );
00063 }