summaryrefslogtreecommitdiff
path: root/tools/cred_verify.c
diff options
context:
space:
mode:
Diffstat (limited to 'tools/cred_verify.c')
-rw-r--r--tools/cred_verify.c26
1 files changed, 15 insertions, 11 deletions
diff --git a/tools/cred_verify.c b/tools/cred_verify.c
index 3f7a400..d622ed7 100644
--- a/tools/cred_verify.c
+++ b/tools/cred_verify.c
@@ -109,11 +109,16 @@ cred_verify(int argc, char **argv)
109 FILE *out_f = NULL; 109 FILE *out_f = NULL;
110 int type = COSE_ES256; 110 int type = COSE_ES256;
111 int flags = 0; 111 int flags = 0;
112 int cred_prot = -1;
112 int ch; 113 int ch;
113 int r; 114 int r;
114 115
115 while ((ch = getopt(argc, argv, "dhi:o:v")) != -1) { 116 while ((ch = getopt(argc, argv, "c:dhi:o:v")) != -1) {
116 switch (ch) { 117 switch (ch) {
118 case 'c':
119 if ((cred_prot = base10(optarg)) < 0)
120 errx(1, "-c: invalid argument '%s'", optarg);
121 break;
117 case 'd': 122 case 'd':
118 flags |= FLAG_DEBUG; 123 flags |= FLAG_DEBUG;
119 break; 124 break;
@@ -143,20 +148,19 @@ cred_verify(int argc, char **argv)
143 in_f = open_read(in_path); 148 in_f = open_read(in_path);
144 out_f = open_write(out_path); 149 out_f = open_write(out_path);
145 150
146 if (argc > 0) { 151 if (argc > 0 && cose_type(argv[0], &type) < 0)
147 if (strcmp(argv[0], "es256") == 0) 152 errx(1, "unknown type %s", argv[0]);
148 type = COSE_ES256;
149 else if (strcmp(argv[0], "rs256") == 0)
150 type = COSE_RS256;
151 else if (strcmp(argv[0], "eddsa") == 0)
152 type = COSE_EDDSA;
153 else
154 errx(1, "unknown type %s", argv[0]);
155 }
156 153
157 fido_init((flags & FLAG_DEBUG) ? FIDO_DEBUG : 0); 154 fido_init((flags & FLAG_DEBUG) ? FIDO_DEBUG : 0);
158 cred = prepare_cred(in_f, type, flags); 155 cred = prepare_cred(in_f, type, flags);
159 156
157 if (cred_prot > 0) {
158 r = fido_cred_set_prot(cred, cred_prot);
159 if (r != FIDO_OK) {
160 errx(1, "fido_cred_set_prot: %s", fido_strerr(r));
161 }
162 }
163
160 if (fido_cred_x5c_ptr(cred) == NULL) { 164 if (fido_cred_x5c_ptr(cred) == NULL) {
161 if ((r = fido_cred_verify_self(cred)) != FIDO_OK) 165 if ((r = fido_cred_verify_self(cred)) != FIDO_OK)
162 errx(1, "fido_cred_verify_self: %s", fido_strerr(r)); 166 errx(1, "fido_cred_verify_self: %s", fido_strerr(r));