nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'pkcs8' of https://github.com/nkakouros/easy-rsa into nkakouros-pkcs8

Browse Source
This commit is contained in:
Eric F Crist 2020-04-14 20:52:06 -05:00
commit 2189cc6f99
No known key found for this signature in database
GPG Key ID: 72964219390D0D0E
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
easyrsa3/easyrsa
View File

@ -43,6 +43,7 @@ Here is the list of commands available with a short syntax reminder. Use the
show-ca [ cmd-opts ] show-ca [ cmd-opts ]
import-req <request_file_path> <short_basename> import-req <request_file_path> <short_basename>
export-p7 <filename_base> [ cmd-opts ] export-p7 <filename_base> [ cmd-opts ]
export-p8 <filename_base> [ cmd-opts ]
export-p12 <filename_base> [ cmd-opts ] export-p12 <filename_base> [ cmd-opts ]
set-rsa-pass <filename_base> [ cmd-opts ] set-rsa-pass <filename_base> [ cmd-opts ]
set-ec-pass <filename_base> [ cmd-opts ] set-ec-pass <filename_base> [ cmd-opts ]
@ -164,6 +165,11 @@ cmd_help() {
export-p7 <filename_base> [ cmd-opts ] export-p7 <filename_base> [ cmd-opts ]
Export a PKCS#7 file with the pubkey specified by <filename_base>" Export a PKCS#7 file with the pubkey specified by <filename_base>"
opts=" opts="
noca - do not include the ca.crt file in the PKCS7 output" ;;
export-p8) text="
export-p8 <filename_base> [ cmd-opts ]
Export a PKCS#8 file with the private key specified by <filename_base>"
opts="
noca - do not include the ca.crt file in the PKCS7 output" ;; noca - do not include the ca.crt file in the PKCS7 output" ;;
set-rsa-pass|set-ec-pass) text=" set-rsa-pass|set-ec-pass) text="
set-rsa-pass <filename_base> [ cmd-opts ] set-rsa-pass <filename_base> [ cmd-opts ]
@ -1362,10 +1368,12 @@ Run easyrsa without commands for usage and command help."
# opts support # opts support
want_ca=1 want_ca=1
want_key=1 want_key=1
want_pass=1
while [ -n "$1" ]; do while [ -n "$1" ]; do
case "$1" in case "$1" in
noca) want_ca="" ;; noca) want_ca="" ;;
nokey) want_key="" ;; nokey) want_key="" ;;
nopass) want_pass="" ;;
*) warn "Ignoring unknown command option: '$1'" ;; *) warn "Ignoring unknown command option: '$1'" ;;
esac esac
shift shift
@ -1412,6 +1420,20 @@ Export of p12 failed: see above for related openssl errors."
-out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\ -out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
Export of p7 failed: see above for related openssl errors." Export of p7 failed: see above for related openssl errors."
;; ;;
p8)
if [ -z $want_pass ]; then
pkcs_opts="-nocrypt"
else
pkcs_opts=""
fi
pkcs_out="$EASYRSA_PKI/private/$short_name.p8"
# export the p8:
# shellcheck disable=SC2086
easyrsa_openssl pkcs8 -in "$key_in" -topk8 \
-out "$pkcs_out" $pkcs_opts ${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} ${EASYRSA_PASSOUT:+-passout "$EASYRSA_PASSOUT"} || die "\
Export of p8 failed: see above for related openssl errors."
;;
esac esac
notice "\ notice "\
@ -2503,6 +2525,9 @@ case "$cmd" in
export-p7) export-p7)
export_pkcs p7 "$@" export_pkcs p7 "$@"
;; ;;
export-p8)
export_pkcs p8 "$@"
;;
set-rsa-pass) set-rsa-pass)
set_pass rsa "$@" set_pass rsa "$@"
;; ;;