/**
* Maximum number of usage summary lines (+1)
*/
-#define MAX_LINES 12
+#define MAX_LINES 13
typedef struct command_t command_t;
typedef struct command_option_t command_option_t;
{
type = KEY_ED25519;
}
+ else if (streq(arg, "ed448"))
+ {
+ type = KEY_ED448;
+ }
else if (streq(arg, "bliss"))
{
type = KEY_BLISS;
case KEY_ED25519:
size = 256;
break;
+ case KEY_ED448:
+ size = 456;
+ break;
case KEY_BLISS:
size = 1;
break;
{
command_register((command_t) {
gen, 'g', "gen", "generate a new private key",
- {"[--type rsa|ecdsa|ed25519|bliss] [--size bits] [--safe-primes]",
+ {"[--type rsa|ecdsa|ed25519|ed448|bliss] [--size bits] [--safe-primes]",
"[--shares n] [--threshold l] [--outform der|pem]"},
{
{"help", 'h', 0, "show usage information"},
type = CRED_PRIVATE_KEY;
subtype = KEY_ED25519;
}
+ else if (streq(arg, "ed448"))
+ {
+ type = CRED_PRIVATE_KEY;
+ subtype = KEY_ED448;
+ }
else if (streq(arg, "bliss"))
{
type = CRED_PRIVATE_KEY;
command_register((command_t) {
issue, 'i', "issue",
"issue a certificate using a CA certificate and key",
- {"[--in file] [--type pub|pkcs10|priv|rsa|ecdsa|ed25519|bliss] --cakey file|--cakeyid hex",
- " --cacert file [--dn subject-dn] [--san subjectAltName]+",
- "[--lifetime days] [--serial hex] [--ca] [--pathlen len]",
+ {"[--in file] [--type pub|pkcs10|priv|rsa|ecdsa|ed25519|ed448|bliss]",
+ "--cakey file|--cakeyid hex --cacert file [--dn subject-dn]",
+ "[--san subjectAltName]+ [--lifetime days] [--serial hex]",
+ "[--ca] [--pathlen len]",
"[--flag serverAuth|clientAuth|crlSign|ocspSigning|msSmartcardLogon]+",
"[--crl uri [--crlissuer i]]+ [--ocsp uri]+ [--nc-permitted name]",
"[--nc-excluded name] [--policy-mapping issuer-oid:subject-oid]",
type = CRED_PRIVATE_KEY;
subtype = KEY_ED25519;
}
+ else if (streq(arg, "ed448") ||
+ streq(arg, "ed448-priv"))
+ {
+ type = CRED_PRIVATE_KEY;
+ subtype = KEY_ED448;
+ }
else if (streq(arg, "bliss") ||
streq(arg, "bliss-priv"))
{
command_register((command_t)
{ print, 'a', "print",
"print a credential in a human readable form",
- {"[--in file|--keyid hex] "
- "[--type x509|crl|ac|pub|priv|rsa|ecdsa|ed25519|bliss]"},
+ {"[--in file|--keyid hex]",
+ "[--type x509|crl|ac|pub|priv|rsa|ecdsa|ed25519|ed448|bliss]"},
{
{"help", 'h', 0, "show usage information"},
{"in", 'i', 1, "input file, default: stdin"},
{
type = KEY_ED25519;
}
+ else if (streq(arg, "ed448"))
+ {
+ type = KEY_ED448;
+ }
else if (streq(arg, "bliss"))
{
type = KEY_BLISS;
command_register((command_t) {
self, 's', "self",
"create a self signed certificate",
- {"[--in file|--keyid hex] [--type rsa|ecdsa|ed25519|bliss|priv]",
+ {"[--in file|--keyid hex] [--type rsa|ecdsa|ed25519|ed448|bliss|priv]",
" --dn distinguished-name [--san subjectAltName]+",
"[--lifetime days] [--serial hex] [--ca] [--ocsp uri]+",
"[--flag serverAuth|clientAuth|crlSign|ocspSigning|msSmartcardLogon]+",
Read command line options from \fIfile\fR.
.TP
.BI "\-t, \-\-type " type
-Type of key to generate. Either \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR or
-\fIbliss\fR, defaults to \fIrsa\fR.
+Type of key to generate. Either \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR,
+\fIed448\fR or \fIbliss\fR, defaults to \fIrsa\fR.
.TP
.BI "\-s, \-\-size " bits
Key length in bits. Defaults to 2048 for \fIrsa\fR and 384 for \fIecdsa\fR.
.BI "\-t, \-\-type " type
Type of the input. One of \fIpub\fR (public key), \fIpriv\fR (private key),
\fIrsa\fR (RSA private key), \fIecdsa\fR (ECDSA private key),
-\fIed25519\fR (Ed25519 private key) \fIbliss\fR (BLISS private key) or
-\fIpkcs10\fR (PKCS#10 certificate request), defaults to \fIpub\fR.
+\fIed25519\fR (Ed25519 private key), \fIed448\fR (Ed448 private key),
+\fIbliss\fR (BLISS private key) or \fIpkcs10\fR (PKCS#10 certificate request),
+defaults to \fIpub\fR.
.TP
.BI "\-k, \-\-cakey " file
CA private key file. Either this or
Type of input. One of \fIx509\fR (X.509 certificate), \fIcrl\fR (Certificate
Revocation List, CRL), \fIac\fR (Attribute Certificate), \fIpub\fR (public key),
\fIpriv\fR (private key), \fIrsa\fR (RSA private key), \fIecdsa\fR (ECDSA
-private key), \fIed25519\fR (Ed25519 private key), \fIbliss\fR (BLISS private
-key), defaults to \fIx509\fR.
+private key), \fIed25519\fR (Ed25519 private key), \fIed448\fR (Ed448 private
+key), \fIbliss\fR (BLISS private key), defaults to \fIx509\fR.
.
.SH "SEE ALSO"
.
0x prefix.
.TP
.BI "\-t, \-\-type " type
-Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR
-or \fIbliss\fR, defaults to \fIpriv\fR.
+Type of the input key. Either \fIpriv\fR, \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR,
+\fIed448\fR or \fIbliss\fR, defaults to \fIpriv\fR.
.TP
.BI "\-d, \-\-dn " distinguished-name
Subject and issuer distinguished name (DN). Required.
projects / thirdparty / strongswan.git / commitdiff
