diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-06-16 17:18:51 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-06-16 17:23:04 +0200 |
| commit | 265667ac9fc6196b7b8628e57fa1a0495b5771ed (patch) | |
| tree | c929e6509e0af52c4d54bb62458e335c56772473 /src | |
| parent | afa0e506834afd848ca5461f6450b528dde49fb2 (diff) | |
| download | gnutls-265667ac9fc6196b7b8628e57fa1a0495b5771ed.tar.gz | |
certtool: made explicit the inclusion of time in PKCS #7 signatures
Diffstat (limited to 'src')
| -rw-r--r-- | src/certtool-args.def | 6 | ||||
| -rw-r--r-- | src/certtool.c | 5 |
2 files changed, 10 insertions, 1 deletions
diff --git a/src/certtool-args.def b/src/certtool-args.def index 84d970991b..ac644f8fdb 100644 --- a/src/certtool-args.def +++ b/src/certtool-args.def @@ -306,6 +306,12 @@ flag = { }; flag = { + name = p7-time; + descrip = "Will include a timestamp in the PKCS #7 structure"; + doc = "This option will include a timestamp in the generated signature"; +}; + +flag = { name = p7-info; descrip = "Print information on a PKCS #7 structure"; doc = ""; diff --git a/src/certtool.c b/src/certtool.c index 09aff171ed..49633f994b 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -2931,9 +2931,12 @@ void pkcs7_sign(common_info_st * cinfo, unsigned embed) int ret; size_t size; gnutls_datum_t data; - unsigned flags = GNUTLS_PKCS7_INCLUDE_TIME; + unsigned flags = 0; gnutls_x509_crt_t signer; + if (HAVE_OPT(P7_TIME)) + flags |= GNUTLS_PKCS7_INCLUDE_TIME; + ret = gnutls_pkcs7_init(&pkcs7); if (ret < 0) { fprintf(stderr, "p7_init: %s\n", gnutls_strerror(ret)); |