Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- CERTCertList *chain = NULL;
- int main(int argc,char **argv){
- FILE *f;
- SECStatus rv;
- char *pem;
- int i;
- rv = NSS_Initialize("./nss_db","","","secmod.db",0);
- //rv = NSS_NoDB_Init(NULL);
- if(rv != SECSuccess)
- printf("Wrong Initialization %d \n",PR_GetError());
- if(SECMOD_AddNewModule("Root Certs","../nss-3.21/dist/Linux4.0_x86_64_gcc_glibc_PTH_64_OPT.OBJ/lib/libnssckbi.so",0,0) != SECSuccess)
- printf("error adding module \n");
- CERTCertificate *end_entity = parse_cert(argv[1]);
- for(i=2;i<argc;i++)
- {
- if(!chain)
- chain = CERT_NewCertList();
- CERT_AddCertToListTail(chain,parse_cert(argv[i]));
- }
- CERTValInParam cvin[3];
- CERTValOutParam cvout[3];
- cvin[0].type = cert_pi_certList;
- cvin[0].value.pointer.chain = chain;
- cvin[1].type = cert_pi_useAIACertFetch;
- cvin[1].value.scalar.b = PR_TRUE;
- cvin[2].type = cert_pi_end;
- cvout[0].type = cert_po_trustAnchor;
- cvout[0].value.pointer.cert = NULL;
- cvout[1].type = cert_po_certList;
- cvout[1].value.pointer.chain = NULL;
- cvout[2].type = cert_po_end;
- //secuPWData pwdata = {PW_NONE,0};
- printf("%d %d \n",cert_pi_max,cert_pi_certList);
- if(CERT_PKIXVerifyCert(end_entity,certificateUsageCheckAllUsages,cvin,cvout,NULL) == SECSuccess)
- printf("verify ok \n");
- else
- printf("verify error %d \n",PR_GetError());
- if(CERT_VerifyCertNow(CERT_GetDefaultCertDB(),end_entity,PR_TRUE,certUsageSSLServer,NULL) == SECSuccess || CERT_VerifyCertNow(CERT_GetDefaultCertDB(),end_entity,PR_TRUE,certUsageSSLCA,NULL) == SECSuccess)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement