[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-53-gc781989
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-53-gc781989 |
|
Date: |
Wed, 21 Nov 2012 20:01:18 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=c781989b10e571b76d1a8c50d4a2f18c3b59677b
The branch, master has been updated
via c781989b10e571b76d1a8c50d4a2f18c3b59677b (commit)
via 86b0a21482e69268394efbd847cc078b77b07cde (commit)
from 28b4658aa523ed7abae9b3e0958515c341b1c648 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c781989b10e571b76d1a8c50d4a2f18c3b59677b
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Nov 21 20:57:00 2012 +0100
updated parameters
commit 86b0a21482e69268394efbd847cc078b77b07cde
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Nov 21 09:20:32 2012 +0100
update
-----------------------------------------------------------------------
Summary of changes:
NEWS | 5 +-
doc/invoke-certtool.texi | 26 ++-
lib/x509/x509.c | 3 +
src/certtool-args.c | 536 +++++++++++++++++++++++++---------------------
src/certtool-args.def | 13 +-
src/certtool-args.h | 56 +++---
src/certtool.c | 4 +-
7 files changed, 356 insertions(+), 287 deletions(-)
diff --git a/NEWS b/NEWS
index e516d04..dee4b16 100644
--- a/NEWS
+++ b/NEWS
@@ -17,12 +17,11 @@ public key on generation.
affected combined levels. Patch by Tim Kosse.
** certtool: The --pubkey-info option can be combined with the
---load-privkey in order to print the corresponding public key of a private
-key.
+--load-privkey or --load-request to print the corresponding public keys.
** certtool: It is able to set certificate policies via a template.
-** certtool: Added --simple-numbers option which prints big numbers in
+** certtool: Added --hex-numbers option which prints big numbers in
an easier to parse format.
** p11tool: After key generation, outputs the public key (useful in
diff --git a/doc/invoke-certtool.texi b/doc/invoke-certtool.texi
index 1ac06b6..29a6eae 100644
--- a/doc/invoke-certtool.texi
+++ b/doc/invoke-certtool.texi
@@ -6,7 +6,7 @@
#
# DO NOT EDIT THIS FILE (invoke-certtool.texi)
#
-# It has been AutoGen-ed November 20, 2012 at 05:51:14 PM by AutoGen 5.16
+# It has been AutoGen-ed November 21, 2012 at 09:00:30 PM by AutoGen 5.16
# From the definitions ../src/certtool-args.def
# and the template file agtexi-cmd.tpl
@end ignore
@@ -71,7 +71,7 @@ USAGE: certtool [ -<flag> [<val>] | --<name>address@hidden|
@}<val>] ]...
--load-ca-privkey=str Loads the certificate authority's private key
file
--load-ca-certificate=str Loads the certificate authority's certificate
file
--password=str Password to use
- --simple-numbers Print big number in an easier format to parse
+ --hex-numbers Print big number in an easier format to parse
--null-password Enforce a NULL password
-i, --certificate-info Print information on the given certificate
--certificate-pubkey Print certificate's public key
@@ -95,6 +95,7 @@ USAGE: certtool [ -<flag> [<val>] | --<name>address@hidden|
@}<val>] ]...
--rsa Generate RSA key
--dsa Generate DSA key
--ecc Generate ECC (ECDSA) key
+ --ecdsa This is an alias for 'ecc'
--hash=str Hash algorithm to use for signing.
--inder Use DER format for input certificates and
private keys.
- disabled as --no-inder
@@ -224,6 +225,27 @@ load-certificate.
@end itemize
It requires a certificate, a private key and possibly a CA certificate to be
specified.
address@hidden rsa}
address@hidden rsa option
+
+This is the ``generate rsa key'' option.
+When combined with --generate-privkey generates an RSA private key.
address@hidden dsa}
address@hidden dsa option
+
+This is the ``generate dsa key'' option.
+When combined with --generate-privkey generates a DSA private key.
address@hidden ecc}
address@hidden ecc option
+
+This is the ``generate ecc (ecdsa) key'' option.
+When combined with --generate-privkey generates an elliptic curve private key
to be used with ECDSA.
address@hidden ecdsa}
address@hidden ecdsa option
+
+This is an alias for the ecc option,
address@hidden ecc, the ecc option documentation}.
+
@anchor{certtool hash}
@subheading hash option
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index bbe5a62..45a24df 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -2421,6 +2421,9 @@ gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert,
gnutls_x509_dn_t * dn)
* unsigned long value_tag;
* };
*
+ * The X.509 distinguished name is a sequence of sequences of strings
+ * and this is what the @irdn and @iava indexes model.
+ *
* Note that @ava will contain pointers into the @dn structure, so you
* should not modify any data or deallocate it. Note also that the DN
* in turn points into the original certificate structure, and thus
diff --git a/src/certtool-args.c b/src/certtool-args.c
index 9eee3b9..436d563 100644
--- a/src/certtool-args.c
+++ b/src/certtool-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (certtool-args.c)
*
- * It has been AutoGen-ed November 20, 2012 at 05:51:05 PM by AutoGen 5.16
+ * It has been AutoGen-ed November 21, 2012 at 09:00:25 PM by AutoGen 5.16
* From the definitions certtool-args.def
* and the template file options
*
@@ -67,7 +67,7 @@ extern FILE * option_usage_fp;
/*
* certtool option static const strings
*/
-static char const certtool_opt_strs[4767] =
+static char const certtool_opt_strs[4794] =
/* 0 */ "certtool @address@hidden"
"Copyright (C) 2000-2012 Free Software Foundation, all rights
reserved.\n"
"This is free software. It is licensed for use, modification and\n"
@@ -157,117 +157,119 @@ static char const certtool_opt_strs[4767] =
/* 2309 */ "PASSWORD\0"
/* 2318 */ "password\0"
/* 2327 */ "Print big number in an easier format to parse\0"
-/* 2373 */ "SIMPLE_NUMBERS\0"
-/* 2388 */ "simple-numbers\0"
-/* 2403 */ "Enforce a NULL password\0"
-/* 2427 */ "NULL_PASSWORD\0"
-/* 2441 */ "null-password\0"
-/* 2455 */ "Print information on the given certificate\0"
-/* 2498 */ "CERTIFICATE_INFO\0"
-/* 2515 */ "certificate-info\0"
-/* 2532 */ "Print certificate's public key\0"
-/* 2563 */ "CERTIFICATE_PUBKEY\0"
-/* 2582 */ "certificate-pubkey\0"
-/* 2601 */ "Print information on the given OpenPGP certificate\0"
-/* 2652 */ "PGP_CERTIFICATE_INFO\0"
-/* 2673 */ "pgp-certificate-info\0"
-/* 2694 */ "Print information on the given OpenPGP keyring structure\0"
-/* 2751 */ "PGP_RING_INFO\0"
-/* 2765 */ "pgp-ring-info\0"
-/* 2779 */ "Print information on the given CRL structure\0"
-/* 2824 */ "CRL_INFO\0"
-/* 2833 */ "crl-info\0"
-/* 2842 */ "Print information on the given certificate request\0"
-/* 2893 */ "CRQ_INFO\0"
-/* 2902 */ "crq-info\0"
-/* 2911 */ "Do not use extensions in certificate requests\0"
-/* 2957 */ "NO_CRQ_EXTENSIONS\0"
-/* 2975 */ "no-crq-extensions\0"
-/* 2993 */ "Print information on a PKCS #12 structure\0"
-/* 3035 */ "P12_INFO\0"
-/* 3044 */ "p12-info\0"
-/* 3053 */ "Print information on a PKCS #7 structure\0"
-/* 3094 */ "P7_INFO\0"
-/* 3102 */ "p7-info\0"
-/* 3110 */ "Convert S/MIME to PKCS #7 structure\0"
-/* 3146 */ "SMIME_TO_P7\0"
-/* 3158 */ "smime-to-p7\0"
-/* 3170 */ "Print information on a private key\0"
-/* 3205 */ "KEY_INFO\0"
-/* 3214 */ "key-info\0"
-/* 3223 */ "Print information on an OpenPGP private key\0"
-/* 3267 */ "PGP_KEY_INFO\0"
-/* 3280 */ "pgp-key-info\0"
-/* 3293 */ "Print information on a public key\0"
-/* 3327 */ "PUBKEY_INFO\0"
-/* 3339 */ "pubkey-info\0"
-/* 3351 */ "Generate an X.509 version 1 certificate (with no extensions)\0"
-/* 3412 */ "V1\0"
-/* 3415 */ "v1\0"
-/* 3418 */ "Generate a PKCS #12 structure\0"
-/* 3448 */ "TO_P12\0"
-/* 3455 */ "to-p12\0"
-/* 3462 */ "Generate a PKCS #8 structure\0"
-/* 3491 */ "TO_P8\0"
-/* 3497 */ "to-p8\0"
-/* 3503 */ "Use PKCS #8 format for private keys\0"
-/* 3539 */ "PKCS8\0"
-/* 3545 */ "pkcs8\0"
-/* 3551 */ "Generate RSA key\0"
-/* 3568 */ "RSA\0"
-/* 3572 */ "rsa\0"
-/* 3576 */ "Generate DSA key\0"
-/* 3593 */ "DSA\0"
-/* 3597 */ "dsa\0"
-/* 3601 */ "Generate ECC (ECDSA) key\0"
-/* 3626 */ "ECC\0"
-/* 3630 */ "ecc\0"
-/* 3634 */ "Hash algorithm to use for signing.\0"
-/* 3669 */ "HASH\0"
-/* 3674 */ "hash\0"
-/* 3679 */ "Use DER format for input certificates and private keys.\0"
-/* 3735 */ "INDER\0"
-/* 3741 */ "no-inder\0"
-/* 3750 */ "no\0"
-/* 3753 */ "This is an alias for 'inder'\0"
-/* 3782 */ "inraw\0"
-/* 3788 */ "Use DER format for output certificates and private keys\0"
-/* 3844 */ "OUTDER\0"
-/* 3851 */ "no-outder\0"
-/* 3861 */ "This is an alias for 'outder'\0"
-/* 3891 */ "outraw\0"
-/* 3898 */ "Specify the number of bits for key generate\0"
-/* 3942 */ "BITS\0"
-/* 3947 */ "bits\0"
-/* 3952 */ "Specify the security level [low, legacy, normal, high, ultra].\0"
-/* 4015 */ "SEC_PARAM\0"
-/* 4025 */ "sec-param\0"
-/* 4035 */ "No effect\0"
-/* 4045 */ "DISABLE_QUICK_RANDOM\0"
-/* 4066 */ "disable-quick-random\0"
-/* 4087 */ "Template file to use for non-interactive operation\0"
-/* 4138 */ "TEMPLATE\0"
-/* 4147 */ "template\0"
-/* 4156 */ "Cipher to use for PKCS #8 and #12 operations\0"
-/* 4201 */ "PKCS_CIPHER\0"
-/* 4213 */ "pkcs-cipher\0"
-/* 4225 */ "Display extended usage information and exit\0"
-/* 4269 */ "help\0"
-/* 4274 */ "Extended usage information passed thru pager\0"
-/* 4319 */ "more-help\0"
-/* 4329 */ "Output version information and exit\0"
-/* 4365 */ "version\0"
-/* 4373 */ "CERTTOOL\0"
-/* 4382 */ "certtool - GnuTLS certificate tool - Ver. @address@hidden"
+/* 2373 */ "HEX_NUMBERS\0"
+/* 2385 */ "hex-numbers\0"
+/* 2397 */ "Enforce a NULL password\0"
+/* 2421 */ "NULL_PASSWORD\0"
+/* 2435 */ "null-password\0"
+/* 2449 */ "Print information on the given certificate\0"
+/* 2492 */ "CERTIFICATE_INFO\0"
+/* 2509 */ "certificate-info\0"
+/* 2526 */ "Print certificate's public key\0"
+/* 2557 */ "CERTIFICATE_PUBKEY\0"
+/* 2576 */ "certificate-pubkey\0"
+/* 2595 */ "Print information on the given OpenPGP certificate\0"
+/* 2646 */ "PGP_CERTIFICATE_INFO\0"
+/* 2667 */ "pgp-certificate-info\0"
+/* 2688 */ "Print information on the given OpenPGP keyring structure\0"
+/* 2745 */ "PGP_RING_INFO\0"
+/* 2759 */ "pgp-ring-info\0"
+/* 2773 */ "Print information on the given CRL structure\0"
+/* 2818 */ "CRL_INFO\0"
+/* 2827 */ "crl-info\0"
+/* 2836 */ "Print information on the given certificate request\0"
+/* 2887 */ "CRQ_INFO\0"
+/* 2896 */ "crq-info\0"
+/* 2905 */ "Do not use extensions in certificate requests\0"
+/* 2951 */ "NO_CRQ_EXTENSIONS\0"
+/* 2969 */ "no-crq-extensions\0"
+/* 2987 */ "Print information on a PKCS #12 structure\0"
+/* 3029 */ "P12_INFO\0"
+/* 3038 */ "p12-info\0"
+/* 3047 */ "Print information on a PKCS #7 structure\0"
+/* 3088 */ "P7_INFO\0"
+/* 3096 */ "p7-info\0"
+/* 3104 */ "Convert S/MIME to PKCS #7 structure\0"
+/* 3140 */ "SMIME_TO_P7\0"
+/* 3152 */ "smime-to-p7\0"
+/* 3164 */ "Print information on a private key\0"
+/* 3199 */ "KEY_INFO\0"
+/* 3208 */ "key-info\0"
+/* 3217 */ "Print information on an OpenPGP private key\0"
+/* 3261 */ "PGP_KEY_INFO\0"
+/* 3274 */ "pgp-key-info\0"
+/* 3287 */ "Print information on a public key\0"
+/* 3321 */ "PUBKEY_INFO\0"
+/* 3333 */ "pubkey-info\0"
+/* 3345 */ "Generate an X.509 version 1 certificate (with no extensions)\0"
+/* 3406 */ "V1\0"
+/* 3409 */ "v1\0"
+/* 3412 */ "Generate a PKCS #12 structure\0"
+/* 3442 */ "TO_P12\0"
+/* 3449 */ "to-p12\0"
+/* 3456 */ "Generate a PKCS #8 structure\0"
+/* 3485 */ "TO_P8\0"
+/* 3491 */ "to-p8\0"
+/* 3497 */ "Use PKCS #8 format for private keys\0"
+/* 3533 */ "PKCS8\0"
+/* 3539 */ "pkcs8\0"
+/* 3545 */ "Generate RSA key\0"
+/* 3562 */ "RSA\0"
+/* 3566 */ "rsa\0"
+/* 3570 */ "Generate DSA key\0"
+/* 3587 */ "DSA\0"
+/* 3591 */ "dsa\0"
+/* 3595 */ "Generate ECC (ECDSA) key\0"
+/* 3620 */ "ECC\0"
+/* 3624 */ "ecc\0"
+/* 3628 */ "This is an alias for 'ecc'\0"
+/* 3655 */ "ecdsa\0"
+/* 3661 */ "Hash algorithm to use for signing.\0"
+/* 3696 */ "HASH\0"
+/* 3701 */ "hash\0"
+/* 3706 */ "Use DER format for input certificates and private keys.\0"
+/* 3762 */ "INDER\0"
+/* 3768 */ "no-inder\0"
+/* 3777 */ "no\0"
+/* 3780 */ "This is an alias for 'inder'\0"
+/* 3809 */ "inraw\0"
+/* 3815 */ "Use DER format for output certificates and private keys\0"
+/* 3871 */ "OUTDER\0"
+/* 3878 */ "no-outder\0"
+/* 3888 */ "This is an alias for 'outder'\0"
+/* 3918 */ "outraw\0"
+/* 3925 */ "Specify the number of bits for key generate\0"
+/* 3969 */ "BITS\0"
+/* 3974 */ "bits\0"
+/* 3979 */ "Specify the security level [low, legacy, normal, high, ultra].\0"
+/* 4042 */ "SEC_PARAM\0"
+/* 4052 */ "sec-param\0"
+/* 4062 */ "No effect\0"
+/* 4072 */ "DISABLE_QUICK_RANDOM\0"
+/* 4093 */ "disable-quick-random\0"
+/* 4114 */ "Template file to use for non-interactive operation\0"
+/* 4165 */ "TEMPLATE\0"
+/* 4174 */ "template\0"
+/* 4183 */ "Cipher to use for PKCS #8 and #12 operations\0"
+/* 4228 */ "PKCS_CIPHER\0"
+/* 4240 */ "pkcs-cipher\0"
+/* 4252 */ "Display extended usage information and exit\0"
+/* 4296 */ "help\0"
+/* 4301 */ "Extended usage information passed thru pager\0"
+/* 4346 */ "more-help\0"
+/* 4356 */ "Output version information and exit\0"
+/* 4392 */ "version\0"
+/* 4400 */ "CERTTOOL\0"
+/* 4409 */ "certtool - GnuTLS certificate tool - Ver. @address@hidden"
"USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0"
-/* 4492 */ "address@hidden"
-/* 4511 */ "\n\n\0"
-/* 4514 */ "\n"
+/* 4519 */ "address@hidden"
+/* 4538 */ "\n\n\0"
+/* 4541 */ "\n"
"Tool to parse and generate X.509 certificates, requests and
private keys.\n"
"It can be used interactively or non interactively by specifying
the\n"
"template command line option.\n\0"
-/* 4688 */ "certtool @address@hidden"
-/* 4707 */ "certtool [options]\n"
+/* 4715 */ "certtool @address@hidden"
+/* 4734 */ "certtool [options]\n"
"certtool --help for usage instructions.\n";
/*
@@ -479,140 +481,140 @@ static int const aVerify_CrlMustList[] = {
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
- * simple-numbers option description:
+ * hex-numbers option description:
*/
-#define SIMPLE_NUMBERS_DESC (certtool_opt_strs+2327)
-#define SIMPLE_NUMBERS_NAME (certtool_opt_strs+2373)
-#define SIMPLE_NUMBERS_name (certtool_opt_strs+2388)
-#define SIMPLE_NUMBERS_FLAGS (OPTST_DISABLED)
+#define HEX_NUMBERS_DESC (certtool_opt_strs+2327)
+#define HEX_NUMBERS_NAME (certtool_opt_strs+2373)
+#define HEX_NUMBERS_name (certtool_opt_strs+2385)
+#define HEX_NUMBERS_FLAGS (OPTST_DISABLED)
/*
* null-password option description:
*/
-#define NULL_PASSWORD_DESC (certtool_opt_strs+2403)
-#define NULL_PASSWORD_NAME (certtool_opt_strs+2427)
-#define NULL_PASSWORD_name (certtool_opt_strs+2441)
+#define NULL_PASSWORD_DESC (certtool_opt_strs+2397)
+#define NULL_PASSWORD_NAME (certtool_opt_strs+2421)
+#define NULL_PASSWORD_name (certtool_opt_strs+2435)
#define NULL_PASSWORD_FLAGS (OPTST_DISABLED)
/*
* certificate-info option description:
*/
-#define CERTIFICATE_INFO_DESC (certtool_opt_strs+2455)
-#define CERTIFICATE_INFO_NAME (certtool_opt_strs+2498)
-#define CERTIFICATE_INFO_name (certtool_opt_strs+2515)
+#define CERTIFICATE_INFO_DESC (certtool_opt_strs+2449)
+#define CERTIFICATE_INFO_NAME (certtool_opt_strs+2492)
+#define CERTIFICATE_INFO_name (certtool_opt_strs+2509)
#define CERTIFICATE_INFO_FLAGS (OPTST_DISABLED)
/*
* certificate-pubkey option description:
*/
-#define CERTIFICATE_PUBKEY_DESC (certtool_opt_strs+2532)
-#define CERTIFICATE_PUBKEY_NAME (certtool_opt_strs+2563)
-#define CERTIFICATE_PUBKEY_name (certtool_opt_strs+2582)
+#define CERTIFICATE_PUBKEY_DESC (certtool_opt_strs+2526)
+#define CERTIFICATE_PUBKEY_NAME (certtool_opt_strs+2557)
+#define CERTIFICATE_PUBKEY_name (certtool_opt_strs+2576)
#define CERTIFICATE_PUBKEY_FLAGS (OPTST_DISABLED)
/*
* pgp-certificate-info option description:
*/
-#define PGP_CERTIFICATE_INFO_DESC (certtool_opt_strs+2601)
-#define PGP_CERTIFICATE_INFO_NAME (certtool_opt_strs+2652)
-#define PGP_CERTIFICATE_INFO_name (certtool_opt_strs+2673)
+#define PGP_CERTIFICATE_INFO_DESC (certtool_opt_strs+2595)
+#define PGP_CERTIFICATE_INFO_NAME (certtool_opt_strs+2646)
+#define PGP_CERTIFICATE_INFO_name (certtool_opt_strs+2667)
#define PGP_CERTIFICATE_INFO_FLAGS (OPTST_DISABLED)
/*
* pgp-ring-info option description:
*/
-#define PGP_RING_INFO_DESC (certtool_opt_strs+2694)
-#define PGP_RING_INFO_NAME (certtool_opt_strs+2751)
-#define PGP_RING_INFO_name (certtool_opt_strs+2765)
+#define PGP_RING_INFO_DESC (certtool_opt_strs+2688)
+#define PGP_RING_INFO_NAME (certtool_opt_strs+2745)
+#define PGP_RING_INFO_name (certtool_opt_strs+2759)
#define PGP_RING_INFO_FLAGS (OPTST_DISABLED)
/*
* crl-info option description:
*/
-#define CRL_INFO_DESC (certtool_opt_strs+2779)
-#define CRL_INFO_NAME (certtool_opt_strs+2824)
-#define CRL_INFO_name (certtool_opt_strs+2833)
+#define CRL_INFO_DESC (certtool_opt_strs+2773)
+#define CRL_INFO_NAME (certtool_opt_strs+2818)
+#define CRL_INFO_name (certtool_opt_strs+2827)
#define CRL_INFO_FLAGS (OPTST_DISABLED)
/*
* crq-info option description:
*/
-#define CRQ_INFO_DESC (certtool_opt_strs+2842)
-#define CRQ_INFO_NAME (certtool_opt_strs+2893)
-#define CRQ_INFO_name (certtool_opt_strs+2902)
+#define CRQ_INFO_DESC (certtool_opt_strs+2836)
+#define CRQ_INFO_NAME (certtool_opt_strs+2887)
+#define CRQ_INFO_name (certtool_opt_strs+2896)
#define CRQ_INFO_FLAGS (OPTST_DISABLED)
/*
* no-crq-extensions option description:
*/
-#define NO_CRQ_EXTENSIONS_DESC (certtool_opt_strs+2911)
-#define NO_CRQ_EXTENSIONS_NAME (certtool_opt_strs+2957)
-#define NO_CRQ_EXTENSIONS_name (certtool_opt_strs+2975)
+#define NO_CRQ_EXTENSIONS_DESC (certtool_opt_strs+2905)
+#define NO_CRQ_EXTENSIONS_NAME (certtool_opt_strs+2951)
+#define NO_CRQ_EXTENSIONS_name (certtool_opt_strs+2969)
#define NO_CRQ_EXTENSIONS_FLAGS (OPTST_DISABLED)
/*
* p12-info option description:
*/
-#define P12_INFO_DESC (certtool_opt_strs+2993)
-#define P12_INFO_NAME (certtool_opt_strs+3035)
-#define P12_INFO_name (certtool_opt_strs+3044)
+#define P12_INFO_DESC (certtool_opt_strs+2987)
+#define P12_INFO_NAME (certtool_opt_strs+3029)
+#define P12_INFO_name (certtool_opt_strs+3038)
#define P12_INFO_FLAGS (OPTST_DISABLED)
/*
* p7-info option description:
*/
-#define P7_INFO_DESC (certtool_opt_strs+3053)
-#define P7_INFO_NAME (certtool_opt_strs+3094)
-#define P7_INFO_name (certtool_opt_strs+3102)
+#define P7_INFO_DESC (certtool_opt_strs+3047)
+#define P7_INFO_NAME (certtool_opt_strs+3088)
+#define P7_INFO_name (certtool_opt_strs+3096)
#define P7_INFO_FLAGS (OPTST_DISABLED)
/*
* smime-to-p7 option description:
*/
-#define SMIME_TO_P7_DESC (certtool_opt_strs+3110)
-#define SMIME_TO_P7_NAME (certtool_opt_strs+3146)
-#define SMIME_TO_P7_name (certtool_opt_strs+3158)
+#define SMIME_TO_P7_DESC (certtool_opt_strs+3104)
+#define SMIME_TO_P7_NAME (certtool_opt_strs+3140)
+#define SMIME_TO_P7_name (certtool_opt_strs+3152)
#define SMIME_TO_P7_FLAGS (OPTST_DISABLED)
/*
* key-info option description:
*/
-#define KEY_INFO_DESC (certtool_opt_strs+3170)
-#define KEY_INFO_NAME (certtool_opt_strs+3205)
-#define KEY_INFO_name (certtool_opt_strs+3214)
+#define KEY_INFO_DESC (certtool_opt_strs+3164)
+#define KEY_INFO_NAME (certtool_opt_strs+3199)
+#define KEY_INFO_name (certtool_opt_strs+3208)
#define KEY_INFO_FLAGS (OPTST_DISABLED)
/*
* pgp-key-info option description:
*/
-#define PGP_KEY_INFO_DESC (certtool_opt_strs+3223)
-#define PGP_KEY_INFO_NAME (certtool_opt_strs+3267)
-#define PGP_KEY_INFO_name (certtool_opt_strs+3280)
+#define PGP_KEY_INFO_DESC (certtool_opt_strs+3217)
+#define PGP_KEY_INFO_NAME (certtool_opt_strs+3261)
+#define PGP_KEY_INFO_name (certtool_opt_strs+3274)
#define PGP_KEY_INFO_FLAGS (OPTST_DISABLED)
/*
* pubkey-info option description:
*/
-#define PUBKEY_INFO_DESC (certtool_opt_strs+3293)
-#define PUBKEY_INFO_NAME (certtool_opt_strs+3327)
-#define PUBKEY_INFO_name (certtool_opt_strs+3339)
+#define PUBKEY_INFO_DESC (certtool_opt_strs+3287)
+#define PUBKEY_INFO_NAME (certtool_opt_strs+3321)
+#define PUBKEY_INFO_name (certtool_opt_strs+3333)
#define PUBKEY_INFO_FLAGS (OPTST_DISABLED)
/*
* v1 option description:
*/
-#define V1_DESC (certtool_opt_strs+3351)
-#define V1_NAME (certtool_opt_strs+3412)
-#define V1_name (certtool_opt_strs+3415)
+#define V1_DESC (certtool_opt_strs+3345)
+#define V1_NAME (certtool_opt_strs+3406)
+#define V1_name (certtool_opt_strs+3409)
#define V1_FLAGS (OPTST_DISABLED)
/*
* to-p12 option description with
* "Must also have options" and "Incompatible options":
*/
-#define TO_P12_DESC (certtool_opt_strs+3418)
-#define TO_P12_NAME (certtool_opt_strs+3448)
-#define TO_P12_name (certtool_opt_strs+3455)
+#define TO_P12_DESC (certtool_opt_strs+3412)
+#define TO_P12_NAME (certtool_opt_strs+3442)
+#define TO_P12_name (certtool_opt_strs+3449)
static int const aTo_P12MustList[] = {
INDEX_OPT_LOAD_CERTIFICATE, NO_EQUIVALENT };
#define TO_P12_FLAGS (OPTST_DISABLED)
@@ -620,140 +622,148 @@ static int const aTo_P12MustList[] = {
/*
* to-p8 option description:
*/
-#define TO_P8_DESC (certtool_opt_strs+3462)
-#define TO_P8_NAME (certtool_opt_strs+3491)
-#define TO_P8_name (certtool_opt_strs+3497)
+#define TO_P8_DESC (certtool_opt_strs+3456)
+#define TO_P8_NAME (certtool_opt_strs+3485)
+#define TO_P8_name (certtool_opt_strs+3491)
#define TO_P8_FLAGS (OPTST_DISABLED)
/*
* pkcs8 option description:
*/
-#define PKCS8_DESC (certtool_opt_strs+3503)
-#define PKCS8_NAME (certtool_opt_strs+3539)
-#define PKCS8_name (certtool_opt_strs+3545)
+#define PKCS8_DESC (certtool_opt_strs+3497)
+#define PKCS8_NAME (certtool_opt_strs+3533)
+#define PKCS8_name (certtool_opt_strs+3539)
#define PKCS8_FLAGS (OPTST_DISABLED)
/*
* rsa option description:
*/
-#define RSA_DESC (certtool_opt_strs+3551)
-#define RSA_NAME (certtool_opt_strs+3568)
-#define RSA_name (certtool_opt_strs+3572)
+#define RSA_DESC (certtool_opt_strs+3545)
+#define RSA_NAME (certtool_opt_strs+3562)
+#define RSA_name (certtool_opt_strs+3566)
#define RSA_FLAGS (OPTST_DISABLED)
/*
* dsa option description:
*/
-#define DSA_DESC (certtool_opt_strs+3576)
-#define DSA_NAME (certtool_opt_strs+3593)
-#define DSA_name (certtool_opt_strs+3597)
+#define DSA_DESC (certtool_opt_strs+3570)
+#define DSA_NAME (certtool_opt_strs+3587)
+#define DSA_name (certtool_opt_strs+3591)
#define DSA_FLAGS (OPTST_DISABLED)
/*
* ecc option description:
*/
-#define ECC_DESC (certtool_opt_strs+3601)
-#define ECC_NAME (certtool_opt_strs+3626)
-#define ECC_name (certtool_opt_strs+3630)
+#define ECC_DESC (certtool_opt_strs+3595)
+#define ECC_NAME (certtool_opt_strs+3620)
+#define ECC_name (certtool_opt_strs+3624)
#define ECC_FLAGS (OPTST_DISABLED)
/*
+ * ecdsa option description:
+ */
+#define ECDSA_DESC (certtool_opt_strs+3628)
+#define ECDSA_NAME NULL
+#define ECDSA_name (certtool_opt_strs+3655)
+#define ECDSA_FLAGS (ECC_FLAGS | OPTST_ALIAS)
+
+/*
* hash option description:
*/
-#define HASH_DESC (certtool_opt_strs+3634)
-#define HASH_NAME (certtool_opt_strs+3669)
-#define HASH_name (certtool_opt_strs+3674)
+#define HASH_DESC (certtool_opt_strs+3661)
+#define HASH_NAME (certtool_opt_strs+3696)
+#define HASH_name (certtool_opt_strs+3701)
#define HASH_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* inder option description:
*/
-#define INDER_DESC (certtool_opt_strs+3679)
-#define INDER_NAME (certtool_opt_strs+3735)
-#define NOT_INDER_name (certtool_opt_strs+3741)
-#define NOT_INDER_PFX (certtool_opt_strs+3750)
+#define INDER_DESC (certtool_opt_strs+3706)
+#define INDER_NAME (certtool_opt_strs+3762)
+#define NOT_INDER_name (certtool_opt_strs+3768)
+#define NOT_INDER_PFX (certtool_opt_strs+3777)
#define INDER_name (NOT_INDER_name + 3)
#define INDER_FLAGS (OPTST_DISABLED)
/*
* inraw option description:
*/
-#define INRAW_DESC (certtool_opt_strs+3753)
+#define INRAW_DESC (certtool_opt_strs+3780)
#define INRAW_NAME NULL
-#define INRAW_name (certtool_opt_strs+3782)
+#define INRAW_name (certtool_opt_strs+3809)
#define INRAW_FLAGS (INDER_FLAGS | OPTST_ALIAS)
/*
* outder option description:
*/
-#define OUTDER_DESC (certtool_opt_strs+3788)
-#define OUTDER_NAME (certtool_opt_strs+3844)
-#define NOT_OUTDER_name (certtool_opt_strs+3851)
-#define NOT_OUTDER_PFX (certtool_opt_strs+3750)
+#define OUTDER_DESC (certtool_opt_strs+3815)
+#define OUTDER_NAME (certtool_opt_strs+3871)
+#define NOT_OUTDER_name (certtool_opt_strs+3878)
+#define NOT_OUTDER_PFX (certtool_opt_strs+3777)
#define OUTDER_name (NOT_OUTDER_name + 3)
#define OUTDER_FLAGS (OPTST_DISABLED)
/*
* outraw option description:
*/
-#define OUTRAW_DESC (certtool_opt_strs+3861)
+#define OUTRAW_DESC (certtool_opt_strs+3888)
#define OUTRAW_NAME NULL
-#define OUTRAW_name (certtool_opt_strs+3891)
+#define OUTRAW_name (certtool_opt_strs+3918)
#define OUTRAW_FLAGS (OUTDER_FLAGS | OPTST_ALIAS)
/*
* bits option description:
*/
-#define BITS_DESC (certtool_opt_strs+3898)
-#define BITS_NAME (certtool_opt_strs+3942)
-#define BITS_name (certtool_opt_strs+3947)
+#define BITS_DESC (certtool_opt_strs+3925)
+#define BITS_NAME (certtool_opt_strs+3969)
+#define BITS_name (certtool_opt_strs+3974)
#define BITS_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC))
/*
* sec-param option description:
*/
-#define SEC_PARAM_DESC (certtool_opt_strs+3952)
-#define SEC_PARAM_NAME (certtool_opt_strs+4015)
-#define SEC_PARAM_name (certtool_opt_strs+4025)
+#define SEC_PARAM_DESC (certtool_opt_strs+3979)
+#define SEC_PARAM_NAME (certtool_opt_strs+4042)
+#define SEC_PARAM_name (certtool_opt_strs+4052)
#define SEC_PARAM_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* disable-quick-random option description:
*/
-#define DISABLE_QUICK_RANDOM_DESC (certtool_opt_strs+4035)
-#define DISABLE_QUICK_RANDOM_NAME (certtool_opt_strs+4045)
-#define DISABLE_QUICK_RANDOM_name (certtool_opt_strs+4066)
+#define DISABLE_QUICK_RANDOM_DESC (certtool_opt_strs+4062)
+#define DISABLE_QUICK_RANDOM_NAME (certtool_opt_strs+4072)
+#define DISABLE_QUICK_RANDOM_name (certtool_opt_strs+4093)
#define DISABLE_QUICK_RANDOM_FLAGS (OPTST_DISABLED)
/*
* template option description:
*/
-#define TEMPLATE_DESC (certtool_opt_strs+4087)
-#define TEMPLATE_NAME (certtool_opt_strs+4138)
-#define TEMPLATE_name (certtool_opt_strs+4147)
+#define TEMPLATE_DESC (certtool_opt_strs+4114)
+#define TEMPLATE_NAME (certtool_opt_strs+4165)
+#define TEMPLATE_name (certtool_opt_strs+4174)
#define TEMPLATE_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_FILE))
/*
* pkcs-cipher option description:
*/
-#define PKCS_CIPHER_DESC (certtool_opt_strs+4156)
-#define PKCS_CIPHER_NAME (certtool_opt_strs+4201)
-#define PKCS_CIPHER_name (certtool_opt_strs+4213)
+#define PKCS_CIPHER_DESC (certtool_opt_strs+4183)
+#define PKCS_CIPHER_NAME (certtool_opt_strs+4228)
+#define PKCS_CIPHER_name (certtool_opt_strs+4240)
#define PKCS_CIPHER_FLAGS (OPTST_DISABLED \
| OPTST_SET_ARGTYPE(OPARG_TYPE_STRING))
/*
* Help/More_Help/Version option descriptions:
*/
-#define HELP_DESC (certtool_opt_strs+4225)
-#define HELP_name (certtool_opt_strs+4269)
+#define HELP_DESC (certtool_opt_strs+4252)
+#define HELP_name (certtool_opt_strs+4296)
#ifdef HAVE_WORKING_FORK
-#define MORE_HELP_DESC (certtool_opt_strs+4274)
-#define MORE_HELP_name (certtool_opt_strs+4319)
+#define MORE_HELP_DESC (certtool_opt_strs+4301)
+#define MORE_HELP_name (certtool_opt_strs+4346)
#define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
#else
#define MORE_HELP_DESC NULL
@@ -766,8 +776,8 @@ static int const aTo_P12MustList[] = {
# define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT)
#endif
-#define VER_DESC (certtool_opt_strs+4329)
-#define VER_name (certtool_opt_strs+4365)
+#define VER_DESC (certtool_opt_strs+4356)
+#define VER_name (certtool_opt_strs+4392)
/*
* Declare option callback procedures
*/
@@ -777,9 +787,9 @@ extern tOptProc
optionStackArg, optionTimeDate, optionTimeVal,
optionUnstackArg, optionVendorOption;
static tOptProc
- doOptDebug, doOptInfile, doOptInraw,
- doOptLoad_Request, doOptOutraw, doOptTemplate,
- doUsageOpt;
+ doOptDebug, doOptEcdsa, doOptInfile,
+ doOptInraw, doOptLoad_Request, doOptOutraw,
+ doOptTemplate, doUsageOpt;
#define VER_PROC optionPrintVersion
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -1077,16 +1087,16 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ PASSWORD_DESC, PASSWORD_NAME, PASSWORD_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 24, VALUE_OPT_SIMPLE_NUMBERS,
- /* equiv idx, value */ 24, VALUE_OPT_SIMPLE_NUMBERS,
+ { /* entry idx, value */ 24, VALUE_OPT_HEX_NUMBERS,
+ /* equiv idx, value */ 24, VALUE_OPT_HEX_NUMBERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ SIMPLE_NUMBERS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --simple-numbers */
+ /* opt state flags */ HEX_NUMBERS_FLAGS, 0,
+ /* last opt argumnt */ { NULL }, /* --hex-numbers */
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ SIMPLE_NUMBERS_DESC, SIMPLE_NUMBERS_NAME,
SIMPLE_NUMBERS_name,
+ /* desc, NAME, name */ HEX_NUMBERS_DESC, HEX_NUMBERS_NAME,
HEX_NUMBERS_name,
/* disablement strs */ NULL, NULL },
{ /* entry idx, value */ 25, VALUE_OPT_NULL_PASSWORD,
@@ -1341,8 +1351,20 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ ECC_DESC, ECC_NAME, ECC_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 46, VALUE_OPT_HASH,
- /* equiv idx, value */ 46, VALUE_OPT_HASH,
+ { /* entry idx, value */ 46, VALUE_OPT_ECDSA,
+ /* equiv idx, value */ 46, VALUE_OPT_ECDSA,
+ /* equivalenced to */ NO_EQUIVALENT,
+ /* min, max, act ct */ 0, 1, 0,
+ /* opt state flags */ ECDSA_FLAGS, 0,
+ /* last opt argumnt */ { NULL }, /* --ecdsa */
+ /* arg list/cookie */ NULL,
+ /* must/cannot opts */ NULL, NULL,
+ /* option proc */ doOptEcdsa,
+ /* desc, NAME, name */ ECDSA_DESC, ECDSA_NAME, ECDSA_name,
+ /* disablement strs */ 0, 0 },
+
+ { /* entry idx, value */ 47, VALUE_OPT_HASH,
+ /* equiv idx, value */ 47, VALUE_OPT_HASH,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ HASH_FLAGS, 0,
@@ -1353,8 +1375,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ HASH_DESC, HASH_NAME, HASH_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 47, VALUE_OPT_INDER,
- /* equiv idx, value */ 47, VALUE_OPT_INDER,
+ { /* entry idx, value */ 48, VALUE_OPT_INDER,
+ /* equiv idx, value */ 48, VALUE_OPT_INDER,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ INDER_FLAGS, 0,
@@ -1365,8 +1387,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ INDER_DESC, INDER_NAME, INDER_name,
/* disablement strs */ NOT_INDER_name, NOT_INDER_PFX },
- { /* entry idx, value */ 48, VALUE_OPT_INRAW,
- /* equiv idx, value */ 48, VALUE_OPT_INRAW,
+ { /* entry idx, value */ 49, VALUE_OPT_INRAW,
+ /* equiv idx, value */ 49, VALUE_OPT_INRAW,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ INRAW_FLAGS, 0,
@@ -1377,8 +1399,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ INRAW_DESC, INRAW_NAME, INRAW_name,
/* disablement strs */ 0, 0 },
- { /* entry idx, value */ 49, VALUE_OPT_OUTDER,
- /* equiv idx, value */ 49, VALUE_OPT_OUTDER,
+ { /* entry idx, value */ 50, VALUE_OPT_OUTDER,
+ /* equiv idx, value */ 50, VALUE_OPT_OUTDER,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OUTDER_FLAGS, 0,
@@ -1389,8 +1411,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ OUTDER_DESC, OUTDER_NAME, OUTDER_name,
/* disablement strs */ NOT_OUTDER_name, NOT_OUTDER_PFX },
- { /* entry idx, value */ 50, VALUE_OPT_OUTRAW,
- /* equiv idx, value */ 50, VALUE_OPT_OUTRAW,
+ { /* entry idx, value */ 51, VALUE_OPT_OUTRAW,
+ /* equiv idx, value */ 51, VALUE_OPT_OUTRAW,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ OUTRAW_FLAGS, 0,
@@ -1401,8 +1423,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ OUTRAW_DESC, OUTRAW_NAME, OUTRAW_name,
/* disablement strs */ 0, 0 },
- { /* entry idx, value */ 51, VALUE_OPT_BITS,
- /* equiv idx, value */ 51, VALUE_OPT_BITS,
+ { /* entry idx, value */ 52, VALUE_OPT_BITS,
+ /* equiv idx, value */ 52, VALUE_OPT_BITS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ BITS_FLAGS, 0,
@@ -1413,8 +1435,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ BITS_DESC, BITS_NAME, BITS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 52, VALUE_OPT_SEC_PARAM,
- /* equiv idx, value */ 52, VALUE_OPT_SEC_PARAM,
+ { /* entry idx, value */ 53, VALUE_OPT_SEC_PARAM,
+ /* equiv idx, value */ 53, VALUE_OPT_SEC_PARAM,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ SEC_PARAM_FLAGS, 0,
@@ -1425,8 +1447,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ SEC_PARAM_DESC, SEC_PARAM_NAME, SEC_PARAM_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 53, VALUE_OPT_DISABLE_QUICK_RANDOM,
- /* equiv idx, value */ 53, VALUE_OPT_DISABLE_QUICK_RANDOM,
+ { /* entry idx, value */ 54, VALUE_OPT_DISABLE_QUICK_RANDOM,
+ /* equiv idx, value */ 54, VALUE_OPT_DISABLE_QUICK_RANDOM,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ DISABLE_QUICK_RANDOM_FLAGS, 0,
@@ -1437,8 +1459,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ DISABLE_QUICK_RANDOM_DESC,
DISABLE_QUICK_RANDOM_NAME, DISABLE_QUICK_RANDOM_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 54, VALUE_OPT_TEMPLATE,
- /* equiv idx, value */ 54, VALUE_OPT_TEMPLATE,
+ { /* entry idx, value */ 55, VALUE_OPT_TEMPLATE,
+ /* equiv idx, value */ 55, VALUE_OPT_TEMPLATE,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ TEMPLATE_FLAGS, 0,
@@ -1449,8 +1471,8 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ TEMPLATE_DESC, TEMPLATE_NAME, TEMPLATE_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 55, VALUE_OPT_PKCS_CIPHER,
- /* equiv idx, value */ 55, VALUE_OPT_PKCS_CIPHER,
+ { /* entry idx, value */ 56, VALUE_OPT_PKCS_CIPHER,
+ /* equiv idx, value */ 56, VALUE_OPT_PKCS_CIPHER,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ PKCS_CIPHER_FLAGS, 0,
@@ -1505,14 +1527,14 @@ static tOptDesc optDesc[OPTION_CT] = {
*
* Define the certtool Option Environment
*/
-#define zPROGNAME (certtool_opt_strs+4373)
-#define zUsageTitle (certtool_opt_strs+4382)
+#define zPROGNAME (certtool_opt_strs+4400)
+#define zUsageTitle (certtool_opt_strs+4409)
#define zRcName NULL
#define apzHomeList NULL
-#define zBugsAddr (certtool_opt_strs+4492)
-#define zExplain (certtool_opt_strs+4511)
-#define zDetail (certtool_opt_strs+4514)
-#define zFullVersion (certtool_opt_strs+4688)
+#define zBugsAddr (certtool_opt_strs+4519)
+#define zExplain (certtool_opt_strs+4538)
+#define zDetail (certtool_opt_strs+4541)
+#define zFullVersion (certtool_opt_strs+4715)
/* extracted from optcode.tlib near line 350 */
#if defined(ENABLE_NLS)
@@ -1526,7 +1548,7 @@ static tOptDesc optDesc[OPTION_CT] = {
#define certtool_full_usage (NULL)
-#define certtool_short_usage (certtool_opt_strs+4707)
+#define certtool_short_usage (certtool_opt_strs+4734)
#endif /* not defined __doxygen__ */
@@ -1629,6 +1651,22 @@ doOptLoad_Request(tOptions* pOptions, tOptDesc* pOptDesc)
/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
/**
+ * Code to handle the ecdsa option.
+ *
+ * @param pOptions the certtool options data structure
+ * @param pOptDesc the option descriptor for this option.
+ */
+static void
+doOptEcdsa(tOptions* pOptions, tOptDesc* pOptDesc)
+{
+ int res = optionAlias(pOptions, pOptDesc, INDEX_OPT_ECC);
+ if ((res != 0) && ((pOptions->fOptSet & OPTPROC_ERRSTOP) != 0))
+ USAGE(CERTTOOL_EXIT_FAILURE);
+
+}
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+/**
* Code to handle the inraw option.
*
* @param pOptions the certtool options data structure
@@ -1743,7 +1781,7 @@ tOptions certtoolOptions = {
NO_EQUIVALENT, /* '-#' option index */
NO_EQUIVALENT /* index of default opt */
},
- 59 /* full option count */, 56 /* user option count */,
+ 60 /* full option count */, 57 /* user option count */,
certtool_full_usage, certtool_short_usage,
NULL, NULL,
PKGDATADIR, certtool_packager_info
diff --git a/src/certtool-args.def b/src/certtool-args.def
index 0cd94b5..07afadc 100644
--- a/src/certtool-args.def
+++ b/src/certtool-args.def
@@ -151,7 +151,7 @@ flag = {
};
flag = {
- name = simple-numbers;
+ name = hex-numbers;
descrip = "Print big number in an easier format to parse";
doc = "";
};
@@ -273,19 +273,24 @@ flag = {
flag = {
name = rsa;
descrip = "Generate RSA key";
- doc = "";
+ doc = "When combined with --generate-privkey generates an RSA private
key.";
};
flag = {
name = dsa;
descrip = "Generate DSA key";
- doc = "";
+ doc = "When combined with --generate-privkey generates a DSA private key.";
};
flag = {
name = ecc;
descrip = "Generate ECC (ECDSA) key";
- doc = "";
+ doc = "When combined with --generate-privkey generates an elliptic curve
private key to be used with ECDSA.";
+};
+
+flag = {
+ name = ecdsa;
+ aliases = ecc;
};
flag = {
diff --git a/src/certtool-args.h b/src/certtool-args.h
index 6816652..c82fc93 100644
--- a/src/certtool-args.h
+++ b/src/certtool-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (certtool-args.h)
*
- * It has been AutoGen-ed November 20, 2012 at 05:51:05 PM by AutoGen 5.16
+ * It has been AutoGen-ed November 21, 2012 at 09:00:25 PM by AutoGen 5.16
* From the definitions certtool-args.def
* and the template file options
*
@@ -91,7 +91,7 @@ typedef enum {
INDEX_OPT_LOAD_CA_PRIVKEY = 21,
INDEX_OPT_LOAD_CA_CERTIFICATE = 22,
INDEX_OPT_PASSWORD = 23,
- INDEX_OPT_SIMPLE_NUMBERS = 24,
+ INDEX_OPT_HEX_NUMBERS = 24,
INDEX_OPT_NULL_PASSWORD = 25,
INDEX_OPT_CERTIFICATE_INFO = 26,
INDEX_OPT_CERTIFICATE_PUBKEY = 27,
@@ -113,22 +113,23 @@ typedef enum {
INDEX_OPT_RSA = 43,
INDEX_OPT_DSA = 44,
INDEX_OPT_ECC = 45,
- INDEX_OPT_HASH = 46,
- INDEX_OPT_INDER = 47,
- INDEX_OPT_INRAW = 48,
- INDEX_OPT_OUTDER = 49,
- INDEX_OPT_OUTRAW = 50,
- INDEX_OPT_BITS = 51,
- INDEX_OPT_SEC_PARAM = 52,
- INDEX_OPT_DISABLE_QUICK_RANDOM = 53,
- INDEX_OPT_TEMPLATE = 54,
- INDEX_OPT_PKCS_CIPHER = 55,
- INDEX_OPT_VERSION = 56,
- INDEX_OPT_HELP = 57,
- INDEX_OPT_MORE_HELP = 58
+ INDEX_OPT_ECDSA = 46,
+ INDEX_OPT_HASH = 47,
+ INDEX_OPT_INDER = 48,
+ INDEX_OPT_INRAW = 49,
+ INDEX_OPT_OUTDER = 50,
+ INDEX_OPT_OUTRAW = 51,
+ INDEX_OPT_BITS = 52,
+ INDEX_OPT_SEC_PARAM = 53,
+ INDEX_OPT_DISABLE_QUICK_RANDOM = 54,
+ INDEX_OPT_TEMPLATE = 55,
+ INDEX_OPT_PKCS_CIPHER = 56,
+ INDEX_OPT_VERSION = 57,
+ INDEX_OPT_HELP = 58,
+ INDEX_OPT_MORE_HELP = 59
} teOptIndex;
-#define OPTION_CT 59
+#define OPTION_CT 60
#define CERTTOOL_VERSION "@VERSION@"
#define CERTTOOL_FULL_VERSION "certtool @VERSION@"
@@ -192,7 +193,7 @@ typedef enum {
#define VALUE_OPT_LOAD_CA_PRIVKEY 21
#define VALUE_OPT_LOAD_CA_CERTIFICATE 22
#define VALUE_OPT_PASSWORD 23
-#define VALUE_OPT_SIMPLE_NUMBERS 24
+#define VALUE_OPT_HEX_NUMBERS 24
#define VALUE_OPT_NULL_PASSWORD 25
#define VALUE_OPT_CERTIFICATE_INFO 'i'
#define VALUE_OPT_CERTIFICATE_PUBKEY 27
@@ -214,18 +215,19 @@ typedef enum {
#define VALUE_OPT_RSA 139
#define VALUE_OPT_DSA 140
#define VALUE_OPT_ECC 141
-#define VALUE_OPT_HASH 142
-#define VALUE_OPT_INDER 143
-#define VALUE_OPT_INRAW 144
-#define VALUE_OPT_OUTDER 145
-#define VALUE_OPT_OUTRAW 146
-#define VALUE_OPT_BITS 147
+#define VALUE_OPT_ECDSA 142
+#define VALUE_OPT_HASH 143
+#define VALUE_OPT_INDER 144
+#define VALUE_OPT_INRAW 145
+#define VALUE_OPT_OUTDER 146
+#define VALUE_OPT_OUTRAW 147
+#define VALUE_OPT_BITS 148
#define OPT_VALUE_BITS (DESC(BITS).optArg.argInt)
-#define VALUE_OPT_SEC_PARAM 148
-#define VALUE_OPT_DISABLE_QUICK_RANDOM 149
-#define VALUE_OPT_TEMPLATE 150
-#define VALUE_OPT_PKCS_CIPHER 151
+#define VALUE_OPT_SEC_PARAM 149
+#define VALUE_OPT_DISABLE_QUICK_RANDOM 150
+#define VALUE_OPT_TEMPLATE 151
+#define VALUE_OPT_PKCS_CIPHER 152
#define VALUE_OPT_HELP 'h'
#define VALUE_OPT_MORE_HELP '!'
#define VALUE_OPT_VERSION 'v'
diff --git a/src/certtool.c b/src/certtool.c
index d858be2..ab9c7ba 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -121,7 +121,7 @@ generate_private_key_int (common_info_st * cinfo)
if (bits > 1024 && key_type == GNUTLS_PK_DSA)
fprintf (stderr,
- "Note that DSA keys with size over 1024 can only be used with TLS
1.2 or later.\n\n");
+ "Note that DSA keys with size over 1024 may cause incompatibility
problems when used with earlier than TLS 1.2 versions.\n\n");
ret = gnutls_x509_privkey_generate (key, key_type, bits, 0);
if (ret < 0)
@@ -887,7 +887,7 @@ cmd_parser (int argc, char **argv)
HAVE_OPT(KEY_INFO) || HAVE_OPT(PGP_KEY_INFO))
privkey_op = 1;
- if (HAVE_OPT(SIMPLE_NUMBERS))
+ if (HAVE_OPT(HEX_NUMBERS))
full_format = GNUTLS_CRT_PRINT_FULL_NUMBERS;
if (HAVE_OPT(OUTFILE))
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_4-53-gc781989,
Nikos Mavrogiannopoulos <=