From 28c157b55cf6db6b6988def5c9512e388c512b10 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 1 Mar 2011 14:42:56 +0100
Subject: Support X.509 certificate creation.

Using "gpgsm --genkey" allows the creation of a self-signed
certificate via a new prompt.

Using "gpgsm --genkey --batch" should allow the creation of arbitrary
certificates controlled by a parameter file.  An example parameter file
is

    Key-Type: RSA
    Key-Length: 1024
    Key-Grip: 2C50DC6101C10C9C643E315FE3EADCCBC24F4BEA
    Key-Usage: sign, encrypt
    Serial: random
    Name-DN: CN=some test key
    Name-Email: foo@example.org
    Name-Email: bar@exmaple.org
    Hash-Algo: SHA384
    not-after: 2038-01-16 12:44

This creates a self-signed X.509 certificate using the key given by
the keygrip and using SHA-384 as hash algorithm.  The keyword
signing-key can be used to sign the certificate with a different key.
See sm/certreggen.c for details.
---
 sm/gpgsm.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'sm/gpgsm.h')

diff --git a/sm/gpgsm.h b/sm/gpgsm.h
index 54d4aff93..31cd95150 100644
--- a/sm/gpgsm.h
+++ b/sm/gpgsm.h
@@ -429,6 +429,10 @@ int gpgsm_dirmngr_run_command (ctrl_t ctrl, const char *command,
 
 /*-- misc.c --*/
 void setup_pinentry_env (void);
+gpg_error_t transform_sigval (const unsigned char *sigval, size_t sigvallen,
+                              int mdalgo,
+                              unsigned char **r_newsigval,
+                              size_t *r_newsigvallen);
 
 
 
-- 
cgit v1.2.3