diff options
| author | sskaje <sskaje@gmail.com> | 2015-12-13 16:31:19 +0800 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-12-13 17:17:43 +0100 |
| commit | a4e7bc5d926bf0a54a7592f0a64c624d3663c9d1 (patch) | |
| tree | 2bb3c41a1ae9c9f23c4462905385088ae65638c8 /src | |
| parent | 82ad445cb8164eb9e445b3c09e874151ded9f297 (diff) | |
| download | gnutls-a4e7bc5d926bf0a54a7592f0a64c624d3663c9d1.tar.gz | |
#56 Feature: certtool --p7-sign support GNUTLS_PKCS7_INCLUDE_CERT
Diffstat (limited to 'src')
| -rw-r--r-- | src/certtool-args.def | 7 | ||||
| -rw-r--r-- | src/certtool.c | 3 |
2 files changed, 10 insertions, 0 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def index 91c6a59883..887e26afef 100644 --- a/src/certtool-args.def +++ b/src/certtool-args.def @@ -299,6 +299,7 @@ flag = { doc = "This option generates a PKCS #7 structure containing a signature for the provided data. The data are stored within the structure. The signer certificate has to be specified using --load-certificate and --load-privkey."; }; + flag = { name = p7-detached-sign; descrip = "Signs using a detached PKCS #7 structure"; @@ -306,6 +307,12 @@ flag = { }; flag = { + name = p7-include-cert; + descrip = "The signer's certificate will be included in the cert list."; + doc = "This options works with --p7-sign or --p7-detached-sign"; +}; + +flag = { name = p7-time; descrip = "Will include a timestamp in the PKCS #7 structure"; doc = "This option will include a timestamp in the generated signature"; diff --git a/src/certtool.c b/src/certtool.c index f184625e58..a5d8d09abe 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -2978,6 +2978,9 @@ void pkcs7_sign(common_info_st * cinfo, unsigned embed) if (HAVE_OPT(P7_TIME)) flags |= GNUTLS_PKCS7_INCLUDE_TIME; + if (HAVE_OPT(P7_INCLUDE_CERT)) + flags |= GNUTLS_PKCS7_INCLUDE_CERT; + ret = gnutls_pkcs7_init(&pkcs7); if (ret < 0) { fprintf(stderr, "p7_init: %s\n", gnutls_strerror(ret)); |