package main import ( "encoding/hex" "flag" "fmt" "log" "math/big" "os" "strings" "github.com/letsencrypt/boulder/test/ocsp/helper" ) func main() { flag.Usage = func() { fmt.Fprintf(os.Stderr, ` checkocsp [OPTION]... FILE [FILE]... OCSP-checking tool. Provide a list of filenames for certificates in PEM format, and this tool will check OCSP for each certificate based on its AIA field. It will return an error if the OCSP server fails to respond for any request, if any response is invalid or has a bad signature, or if any response is too stale. `) flag.PrintDefaults() } helper.RegisterFlags() serials := flag.Bool("serials", false, "Parameters are hex-encoded serial numbers instead of filenames. Requires --issuer-file and --url.") flag.Parse() var errors bool if len(flag.Args()) == 0 { flag.Usage() os.Exit(0) } config, err := helper.ConfigFromFlags() if err != nil { log.Fatal(err) } for _, a := range flag.Args() { var err error var bytes []byte if *serials { bytes, err = hex.DecodeString(strings.Replace(a, ":", "", -1)) if err != nil { log.Printf("error for %s: %s\n", a, err) } serialNumber := big.NewInt(0).SetBytes(bytes) _, err = helper.ReqSerial(serialNumber, config) } else { _, err = helper.ReqFile(a, config) } if err != nil { log.Printf("error for %s: %s\n", a, err) errors = true } } if errors { os.Exit(1) } }