diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/certtool-args.def | 2 | ||||
-rw-r--r-- | src/certtool-common.c | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def index 5eef8e7110..61dcb712a5 100644 --- a/src/certtool-args.def +++ b/src/certtool-args.def @@ -200,7 +200,7 @@ flag = { arg-type = string; descrip = "Specify the key type to use on key generation"; doc = "This option can be combined with --generate-privkey, to specify -the key type to be generated. Valid options are, 'rsa', 'rsa-pss', 'dsa', 'ecdsa', 'ed25519, and 'ed448'.'. +the key type to be generated. Valid options are, 'rsa', 'rsa-pss', 'dsa', 'ecdsa', 'ed25519, 'ed448', 'x25519', and 'x448'.'. When combined with certificate generation it can be used to specify an RSA-PSS certificate when an RSA key is given."; }; diff --git a/src/certtool-common.c b/src/certtool-common.c index dba89df9a0..3fd63ab7aa 100644 --- a/src/certtool-common.c +++ b/src/certtool-common.c @@ -1647,6 +1647,10 @@ gnutls_pk_algorithm_t figure_key_type(const char *key_type) return GNUTLS_PK_EDDSA_ED25519; else if (strcasecmp(key_type, "ed448") == 0) return GNUTLS_PK_EDDSA_ED448; + else if (strcasecmp(key_type, "x25519") == 0) + return GNUTLS_PK_ECDH_X25519; + else if (strcasecmp(key_type, "x448") == 0) + return GNUTLS_PK_ECDH_X448; else if (strcasecmp(key_type, "dsa") == 0) return GNUTLS_PK_DSA; else if (strcasecmp(key_type, "ecdsa") == 0 || strcasecmp(key_type, "ecc") == 0) |