aboutsummaryrefslogtreecommitdiffstats
path: root/src/pki/commands/self.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/pki/commands/self.c')
-rw-r--r--src/pki/commands/self.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/src/pki/commands/self.c b/src/pki/commands/self.c
index daefcdc10..813efb40f 100644
--- a/src/pki/commands/self.c
+++ b/src/pki/commands/self.c
@@ -57,7 +57,8 @@ static int self()
identification_t *id = NULL;
linked_list_t *san, *ocsp, *permitted, *excluded, *policies, *mappings;
int pathlen = X509_NO_CONSTRAINT, inhibit_any = X509_NO_CONSTRAINT;
- int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
+ int inhibit_mapping = X509_NO_CONSTRAINT;
+ int require_explicit = X509_NO_CONSTRAINT;
chunk_t serial = chunk_empty;
chunk_t encoding = chunk_empty;
time_t not_before, not_after, lifetime = 1095 * 24 * 60 * 60;
@@ -88,6 +89,11 @@ static int self()
{
type = KEY_ECDSA;
}
+ else if (streq(arg, "bliss"))
+ {
+ type = KEY_BLISS;
+ digest = HASH_SHA512;
+ }
else
{
error = "invalid input type";
@@ -407,7 +413,7 @@ static void __attribute__ ((constructor))reg()
command_register((command_t) {
self, 's', "self",
"create a self signed certificate",
- {" [--in file|--keyid hex] [--type rsa|ecdsa]",
+ {" [--in file|--keyid hex] [--type rsa|ecdsa|bliss]",
" --dn distinguished-name [--san subjectAltName]+",
"[--lifetime days] [--serial hex] [--ca] [--ocsp uri]+",
"[--flag serverAuth|clientAuth|crlSign|ocspSigning|msSmartcardLogon]+",
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-14 13:17:25 +0000