diff options
| -rw-r--r-- | src/pki/commands/issue.c | 6 | ||||
| -rw-r--r-- | src/pki/commands/print.c | 4 | ||||
| -rw-r--r-- | src/pki/commands/self.c | 6 |
3 files changed, 14 insertions, 2 deletions
diff --git a/src/pki/commands/issue.c b/src/pki/commands/issue.c index 98335fca0..f1af5ebf0 100644 --- a/src/pki/commands/issue.c +++ b/src/pki/commands/issue.c @@ -120,6 +120,10 @@ static int issue() { flags |= X509_CLIENT_AUTH; } + else if (streq(arg, "crlSign")) + { + flags |= X509_CRL_SIGN; + } else if (streq(arg, "ocspSigning")) { flags |= X509_OCSP_SIGNER; @@ -378,7 +382,7 @@ static void __attribute__ ((constructor))reg() {"[--in file] [--type pub|pkcs10] --cakey file | --cakeyid hex", " --cacert file --dn subject-dn [--san subjectAltName]+", "[--lifetime days] [--serial hex] [--crl uri]+ [--ocsp uri]+", - "[--ca] [--pathlen len] [--flag serverAuth|clientAuth|ocspSigning]+", + "[--ca] [--pathlen len] [--flag serverAuth|clientAuth|crlSign|ocspSigning]+", "[--digest md5|sha1|sha224|sha256|sha384|sha512] [--outform der|pem]"}, { {"help", 'h', 0, "show usage information"}, diff --git a/src/pki/commands/print.c b/src/pki/commands/print.c index 4dcc4718e..35fdaac95 100644 --- a/src/pki/commands/print.c +++ b/src/pki/commands/print.c @@ -105,6 +105,10 @@ static void print_x509(x509_t *x509) { printf("CA "); } + if (flags & X509_CRL_SIGN) + { + printf("CRLSign "); + } if (flags & X509_AA) { printf("AA "); diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c index 5e6f0bd14..d15b1e26e 100644 --- a/src/pki/commands/self.c +++ b/src/pki/commands/self.c @@ -113,6 +113,10 @@ static int self() { flags |= X509_CLIENT_AUTH; } + else if (streq(arg, "crlSign")) + { + flags |= X509_CRL_SIGN; + } else if (streq(arg, "ocspSigning")) { flags |= X509_OCSP_SIGNER; @@ -257,7 +261,7 @@ static void __attribute__ ((constructor))reg() {"[--in file | --keyid hex] [--type rsa|ecdsa]", " --dn distinguished-name [--san subjectAltName]+", "[--lifetime days] [--serial hex] [--ca] [--ocsp uri]+", - "[--flag serverAuth|clientAuth|ocspSigning]+", + "[--flag serverAuth|clientAuth|crlSign|ocspSigning]+", "[--digest md5|sha1|sha224|sha256|sha384|sha512] [--outform der|pem]"}, { {"help", 'h', 0, "show usage information"}, |