git.gnupg.org Git - gnupg.git/commit

author	Werner Koch <wk@gnupg.org>
	Tue, 1 Mar 2011 13:42:56 +0000 (14:42 +0100)
committer	Werner Koch <wk@gnupg.org>
	Tue, 1 Mar 2011 13:42:56 +0000 (14:42 +0100)
commit	28c157b55cf6db6b6988def5c9512e388c512b10
tree	53b86eee5a2f3cfc131f4df068477b32076aae88	tree \| snapshot
parent	bb6d1b48f61d483fc75a17b4d140c489afe43ef0	commit \| diff

Support X.509 certificate creation.

Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file.  An example parameter file
is

    Key-Type: RSA
    Key-Length: 1024
    Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
    Key-Usage: sign, encrypt
    Serial: random
    Name-DN: CN=some test key
    Name-Email: foo@example.org
    Name-Email: bar@exmaple.org
    Hash-Algo: SHA384
    not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm.  The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.

NEWS		diff \| blob \| history
doc/DETAILS		diff \| blob \| history
sm/ChangeLog		diff \| blob \| history
sm/certreqgen-ui.c		diff \| blob \| history
sm/certreqgen.c		diff \| blob \| history
sm/gpgsm.h		diff \| blob \| history
sm/keylist.c		diff \| blob \| history
sm/misc.c		diff \| blob \| history