From 760f9d2de44f47cd07998b1c274bfbd2dd207bd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= Date: Sun, 31 Dec 2006 01:10:00 +0000 Subject: [PATCH] add --lifetime to ca command. git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19604 ec53bebd-3082-4978-b11e-865c3cabbd6b --- lib/hx509/hxtool-commands.in | 5 +++++ lib/hx509/hxtool.c | 14 ++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/lib/hx509/hxtool-commands.in b/lib/hx509/hxtool-commands.in index fa9b18ed6..01f07689e 100644 --- a/lib/hx509/hxtool-commands.in +++ b/lib/hx509/hxtool-commands.in @@ -466,6 +466,11 @@ command = { type = "strings" help = "Type of certificate to issue" } + option = { + long = "lifetime" + type = "string" + help = "Lifetime of certificate" + } option = { long = "hostname" type = "strings" diff --git a/lib/hx509/hxtool.c b/lib/hx509/hxtool.c index a7551cd78..659d7afa8 100644 --- a/lib/hx509/hxtool.c +++ b/lib/hx509/hxtool.c @@ -36,6 +36,7 @@ RCSID("$Id$"); #include #include +#include static hx509_context context; @@ -1215,6 +1216,7 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) hx509_private_key private_key = NULL; hx509_name subject = NULL; SubjectPublicKeyInfo spki; + int delta = 0; memset(&spki, 0, sizeof(spki)); @@ -1232,6 +1234,12 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) errx(1, "both --req and --ca-private-key used"); } + if (opt->lifetime_string) { + delta = parse_time(opt->lifetime_string, "day"); + if (delta < 0) + errx(1, "Invalid lifetime: %s", opt->lifetime_string); + } + if (opt->ca_certificate_string) { hx509_query *q; @@ -1341,6 +1349,12 @@ hxtool_ca(struct certificate_sign_options *opt, int argc, char **argv) hx509_err(context, ret, 1, "hx509_ca_tbs_set_proxy"); } + if (delta) { + ret = hx509_ca_tbs_set_notAfter_lifetime(context, tbs, delta); + if (ret) + hx509_err(context, ret, 1, "hx509_ca_tbs_set_notAfter_lifetime"); + } + if (opt->self_signed_flag) { ret = hx509_ca_sign_self(context, tbs, private_key, &cert); if (ret)