Add options for setting start, end dates and signtime in openssl command #205
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-startdate arg notBefore field a certificate generated by -x509 is valid for. -enddate arg notAfter field a certificate generated by -x509 is valid for. arg format: YYMMDDHHMMSSZ
-xstartdate arg - set notBefore field when sign certificate
-xenddate arg - set notAfter field when sign certificate
arg format: YYMMDDHHMMSSZ
-signtime arg set signtime attribute arg format: YYMMDDHHMMSSZ
|
The patches look sane so far (first impression, not tested or deeper analysis), but a minor wish: Could you please include an option to keep the existing timestamps on X.509 certificate re-signing? |
|
Which attributes should be kept when doing re-signing ? Or just read timestamps from existing X.509 certificate and sign a new CSR ? |
richsalz
added
the
issue: feature request
christianpaquin
referenced
this pull request
in christianpaquin/openssl
Jan 23, 2018
46a8976 (Re)Added SIDHv3/SIKE to Visual Studio. (open-quantum-safe#213) 872c68a Picnic update and direct code commit (vs. being a submodule) (open-quantum-safe#212) 28007ec Merge branch 'christianpaquin-paquin_add_sike' ae488e6 Merge branch 'paquin_add_sike' of https://github.com/christianpaquin/liboqs into christianpaquin-paquin_add_sike 5fd3475 Remove old version of Kyber (open-quantum-safe#211) e559be3 Fixed typo in SIDH inclusion macro. ee88fe0 Removed SIDH from the Visual Studio project, until it is properly added back in a different PR. 36d0868 Removed extern keyword from functions that are directly included in source file. f8f28c9 Ignore SIDH_MSR for prettyprint. 980d78d make prettyprint 1695d0f Renamed extern functions that can't be made static to satisfy coding conventions. d8e03d0 Added missing SIDH's config.h, and modified gitignore that ignored it in the first place. bc3e9ff Removed SIDH CLN16 implementation (replaced with SIDH MSR). Added new datasheet. Fixed refs to SIDH header. dcd57e2 Revised the SIDH/SIKE bits of security. 76201b0 Merge remote-tracking branch 'upstream/master' into paquin_add_sike 6b9e575 Added SIDHv3/SIKE from https://github.com/Microsoft/PQCrypto-SIDH. test_kex pass. Still some refactoring needed. 98e683e Move UNUSED attribute definition into common header (open-quantum-safe#205) e4ed173 Removed old info about Picnic in README (open-quantum-safe#201) 04d161a Merge remote-tracking branch 'upstream/master' into paquin_add_sike ed65bd4 Created placeholders for sidhv3 + sike git-subtree-dir: vendor/liboqs git-subtree-split: 46a8976399db885bce84fa7631165f64d93518d2
openssl-machine
pushed a commit
to openssl/web
that referenced
this pull request
Nov 10, 2020
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl/openssl#205)
openssl-machine
pushed a commit
to openssl/web
that referenced
this pull request
Nov 10, 2020
Due to rules changes, this will not be happening. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl/openssl#205)
openssl-machine
pushed a commit
to openssl/web
that referenced
this pull request
Nov 10, 2020
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl/openssl#205)
iamamoose
pushed a commit
to iamamoose/openssl-web
that referenced
this pull request
Jan 4, 2021
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl/openssl#205)
iamamoose
pushed a commit
to iamamoose/openssl-web
that referenced
this pull request
Jan 4, 2021
Due to rules changes, this will not be happening. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl/openssl#205)
iamamoose
pushed a commit
to iamamoose/openssl-web
that referenced
this pull request
Jan 4, 2021
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from openssl/openssl#205)
t8m
added
branch: master
2 tasks
mcr
pushed a commit
to mcr/openssl
that referenced
this pull request
Jun 22, 2021
…t-resume pkey: resume key generation after interrupt [Bug openssl#14882]
mamckee
pushed a commit
to mamckee/openssl
that referenced
this pull request
Dec 28, 2022
|
Are you still interested in having this feature included in OpenSSL? If so please rebase the PR to resolve conflicts. Marking as inactive to be closed at the end of 3.4 dev barring further input. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In X509 manual has the statement
"There should be options to explicitly set such things as start and end dates rather than an offset from the current time."
The modify add the options, also add this kinds options for "req" and "smime" command