From 5cdad8ff000152b4bd01953646bb87fe8703c70d Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 6 Dec 2011 19:57:27 +0100 Subject: gpgsm: Allow arbitrary extensions for cert creation. * sm/certreqgen.c (pSUBJKEYID, pEXTENSION): New. (read_parameters): Add new keywords. (proc_parameters): Check values of new keywords. (create_request): Add SubjectKeyId and extensions. (parse_parameter_usage): Support "cert" and the encrypt alias "encr". --- doc/DETAILS | 1 + doc/gpgsm.texi | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'doc') diff --git a/doc/DETAILS b/doc/DETAILS index 543ae4d96..2e6874e9a 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -1036,6 +1036,7 @@ OIDs below the GnuPG arc: 1.3.6.1.4.1.11591.2.1.1 pkaAddress 1.3.6.1.4.1.11591.2.2 X.509 extensions 1.3.6.1.4.1.11591.2.2.1 standaloneCertificate + 1.3.6.1.4.1.11591.2.2.2 wellKnownPrivateKey 1.3.6.1.4.1.11591.2.12242973 invalid encoded OID diff --git a/doc/gpgsm.texi b/doc/gpgsm.texi index 892083335..8e25baf62 100644 --- a/doc/gpgsm.texi +++ b/doc/gpgsm.texi @@ -1042,9 +1042,9 @@ already existing key. Key-Length will be ignored when given. @item Key-Usage: @var{usage-list} Space or comma delimited list of key usage, allowed values are -@samp{encrypt} and @samp{sign}. This is used to generate the keyUsage -extension. Please make sure that the algorithm is capable of this -usage. Default is to allow encrypt and sign. +@samp{encrypt}, @samp{sign} and @samp{cert}. This is used to generate +the keyUsage extension. Please make sure that the algorithm is +capable of this usage. Default is to allow encrypt and sign. @item Name-DN: @var{subject-name} This is the Distinguished Name (DN) of the subject in RFC-2253 format. -- cgit v1.2.3