diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-11-17 18:21:48 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-11-17 18:21:48 +0100 |
commit | 08cb8780902de3c684912d7be6e638171cd61b96 (patch) | |
tree | 6b614f68e8be324c39ae81e50851ca0b25fba7a6 /src/certtool-cfg.c | |
parent | 4b2878da2d91081e84ffb2dda2dd0951f16fc4d7 (diff) | |
download | gnutls-08cb8780902de3c684912d7be6e638171cd61b96.tar.gz |
certtool: Allow to set the nonRepudiation, keyAgreement and dataEncipherment flags
Diffstat (limited to 'src/certtool-cfg.c')
-rw-r--r-- | src/certtool-cfg.c | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c index 0ed2d1d58b..999d71196c 100644 --- a/src/certtool-cfg.c +++ b/src/certtool-cfg.c @@ -117,6 +117,9 @@ static struct cfg_options available_options[] = { { .name = "ocsp_signing_key", .type = OPTION_BOOLEAN }, { .name = "time_stamping_key", .type = OPTION_BOOLEAN }, { .name = "ipsec_ike_key", .type = OPTION_BOOLEAN }, + { .name = "key_agreement", .type = OPTION_BOOLEAN }, + { .name = "data_encipherment", .type = OPTION_BOOLEAN }, + { .name = "non_repudiation", .type = OPTION_BOOLEAN }, }; typedef struct _cfg_ctx { @@ -158,6 +161,9 @@ typedef struct _cfg_ctx { int encryption_key; int cert_sign_key; int crl_sign_key; + int non_repudiation; + int data_encipherment; + int key_agreement; int code_sign_key; int ocsp_sign_key; int time_stamping_key; @@ -429,6 +435,10 @@ int template_parse(const char *template) READ_BOOLEAN("time_stamping_key", cfg.time_stamping_key); READ_BOOLEAN("ipsec_ike_key", cfg.ipsec_ike_key); + READ_BOOLEAN("data_encipherment", cfg.data_encipherment); + READ_BOOLEAN("key_agreement", cfg.key_agreement); + READ_BOOLEAN("non_repudiation", cfg.non_repudiation); + optionUnloadNested(pov); return 0; @@ -1721,6 +1731,36 @@ int get_crl_sign_status(void) } } +int get_key_agreement_status(void) +{ + if (batch) { + return cfg.key_agreement; + } else { + /* this option is not asked in interactive mode */ + return 0; + } +} + +int get_non_repudiation_status(void) +{ + if (batch) { + return cfg.non_repudiation; + } else { + /* this option is not asked in interactive mode */ + return 0; + } +} + +int get_data_encipherment_status(void) +{ + if (batch) { + return cfg.data_encipherment; + } else { + /* this option is not asked in interactive mode */ + return 0; + } +} + int get_code_sign_status(void) { if (batch) { |