diff options
| author | Jack Lloyd <[email protected]> | 2018-03-09 10:36:17 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2018-03-09 10:36:38 -0500 |
| commit | 3ecffa3916ec6a0c72a0b2eaa580de05eb4474f7 (patch) | |
| tree | bba8ff256f06977e63cc34372d35704b30c287a0 /src/cli | |
| parent | 0f871cb0f77cf0113a2f1598007fa9a76f5ece6c (diff) | |
Don't default to PSS signatures
Breaks with anything but RSA keys
GH #1480
Diffstat (limited to 'src/cli')
| -rw-r--r-- | src/cli/x509.cpp | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/src/cli/x509.cpp b/src/cli/x509.cpp index 9a059d799..021316d78 100644 --- a/src/cli/x509.cpp +++ b/src/cli/x509.cpp @@ -46,6 +46,8 @@ class Sign_Cert final : public Command Botan::X509_Certificate ca_cert(get_arg("ca_cert")); std::unique_ptr<Botan::Private_Key> key; const std::string pass = get_arg("ca-key-pass"); + const std::string emsa = get_arg("emsa"); + const std::string hash = get_arg("hash"); if(!pass.empty()) { @@ -61,8 +63,11 @@ class Sign_Cert final : public Command throw CLI_Error("Failed to load key from " + get_arg("ca_key")); } - Botan::X509_CA ca(ca_cert, *key, - {{"padding",get_arg_or("emsa", "EMSA4")}}, get_arg("hash"), rng()); + std::map<std::string, std::string> options; + if(emsa.empty() == false) + options["padding"] = emsa; + + Botan::X509_CA ca(ca_cert, *key, options, hash, rng()); Botan::PKCS10_Request req(get_arg("pkcs10_req")); @@ -255,7 +260,11 @@ class Gen_Self_Signed final : public Command opts.organization = get_arg("organization"); opts.email = get_arg("email"); opts.dns = get_arg("dns"); - opts.set_padding_scheme(get_arg_or("emsa", "EMSA4")); + + std::string emsa = get_arg("emsa"); + + if(emsa.empty() == false) + opts.set_padding_scheme(emsa); if(flag_set("ca")) { @@ -302,7 +311,11 @@ class Generate_PKCS10 final : public Command opts.country = get_arg("country"); opts.organization = get_arg("organization"); opts.email = get_arg("email"); - opts.set_padding_scheme(get_arg_or("emsa", "EMSA4")); + + std::string emsa = get_arg("emsa"); + + if(emsa.empty() == false) + opts.set_padding_scheme(emsa); Botan::PKCS10_Request req = Botan::X509::create_cert_req(opts, *key, get_arg("hash"), rng()); |