diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-26 13:47:19 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-09-26 13:47:19 +0200 |
commit | 73129548538242131efafb4aa228d4b7f1f55c0c (patch) | |
tree | f6ad038b75e0dd7271a836c169ae679e35dfe01b | |
parent | da4c7a393d273076af4f650f6cb1fd6329078824 (diff) | |
download | gnutls-73129548538242131efafb4aa228d4b7f1f55c0c.tar.gz |
p11tool: allow to export a certificate with its stapled extensions
-rw-r--r-- | src/p11tool-args.def | 18 | ||||
-rw-r--r-- | src/p11tool.c | 2 |
2 files changed, 20 insertions, 0 deletions
diff --git a/src/p11tool-args.def b/src/p11tool-args.def index b9155c921c..b017ae9345 100644 --- a/src/p11tool-args.def +++ b/src/p11tool-args.def @@ -113,18 +113,36 @@ flag = { name = export; descrip = "Export the object specified by the URL"; doc = ""; + flags-cant = export-stapled; + flags-cant = export-chain; + flags-cant = export-pubkey; +}; + +flag = { + name = export-stapled; + descrip = "Export the certificate object specified by the URL"; + doc = "Exports the certificate specified by the URL while including any attached extensions to it."; + flags-cant = export; + flags-cant = export-chain; + flags-cant = export-pubkey; }; flag = { name = export-chain; descrip = "Export the certificate specified by the URL and its chain of trust"; doc = "Exports the certificate specified by the URL and generates its chain of trust based on the stored certificates in the module."; + flags-cant = export-stapled; + flags-cant = export; + flags-cant = export-pubkey; }; flag = { name = export-pubkey; descrip = "Export the public key for a private key"; doc = "Exports the public key for the specified private key"; + flags-cant = export-stapled; + flags-cant = export; + flags-cant = export-chain; }; flag = { diff --git a/src/p11tool.c b/src/p11tool.c index 15695bb21e..53a76016e3 100644 --- a/src/p11tool.c +++ b/src/p11tool.c @@ -284,6 +284,8 @@ static void cmd_parser(int argc, char **argv) flags, detailed_url, &cinfo); } else if (HAVE_OPT(EXPORT)) { pkcs11_export(outfile, url, flags, &cinfo); + } else if (HAVE_OPT(EXPORT_STAPLED)) { + pkcs11_export(outfile, url, flags|GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT, &cinfo); } else if (HAVE_OPT(EXPORT_CHAIN)) { pkcs11_export_chain(outfile, url, flags, &cinfo); } else if (HAVE_OPT(WRITE)) { |