summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/certtool-args.def7
-rw-r--r--src/certtool.c3
2 files changed, 10 insertions, 0 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def
index 91c6a59883..887e26afef 100644
--- a/src/certtool-args.def
+++ b/src/certtool-args.def
@@ -299,6 +299,7 @@ flag = {
doc = "This option generates a PKCS #7 structure containing a signature for the provided data. The data are stored within the structure. The signer certificate has to be specified using --load-certificate and --load-privkey.";
};
+
flag = {
name = p7-detached-sign;
descrip = "Signs using a detached PKCS #7 structure";
@@ -306,6 +307,12 @@ flag = {
};
flag = {
+ name = p7-include-cert;
+ descrip = "The signer's certificate will be included in the cert list.";
+ doc = "This options works with --p7-sign or --p7-detached-sign";
+};
+
+flag = {
name = p7-time;
descrip = "Will include a timestamp in the PKCS #7 structure";
doc = "This option will include a timestamp in the generated signature";
diff --git a/src/certtool.c b/src/certtool.c
index f184625e58..a5d8d09abe 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -2978,6 +2978,9 @@ void pkcs7_sign(common_info_st * cinfo, unsigned embed)
if (HAVE_OPT(P7_TIME))
flags |= GNUTLS_PKCS7_INCLUDE_TIME;
+ if (HAVE_OPT(P7_INCLUDE_CERT))
+ flags |= GNUTLS_PKCS7_INCLUDE_CERT;
+
ret = gnutls_pkcs7_init(&pkcs7);
if (ret < 0) {
fprintf(stderr, "p7_init: %s\n", gnutls_strerror(ret));
View Lorry Controller Status