Added support for SHA256. Applied fixes from debian and some other sources.

Improved gui behavior.
master
Thomas Hooge 8 years ago
parent e136e7cbbf
commit 4bb2b88a2a
  1. 6
      install.sh
  2. 5
      lib/CA.pm
  3. 3
      lib/CERT.pm
  4. 72
      lib/GUI.pm
  5. 3
      lib/GUI/WORDS.pm
  6. 2
      lib/GUI/X509_browser.pm
  7. 9
      lib/GUI/X509_infobox.pm
  8. 17
      lib/KEY.pm
  9. 136
      lib/OpenSSL.pm
  10. 8
      lib/REQ.pm
  11. 2
      po/cs.po
  12. 2
      po/de.po
  13. 2
      po/es.po
  14. 2
      po/fr.po
  15. 14
      po/sv.po
  16. 6
      templates/openssl.cnf
  17. 9
      tinyca2

@ -1,9 +1,15 @@
#!/bin/bash
rm -rf locale
mkdir -p locale/de/LC_MESSAGES
mkdir -p locale/es/LC_MESSAGES
mkdir -p locale/cs/LC_MESSAGES
mkdir -p locale/fr/LC_MESSAGES
mkdir -p locale/sv/LC_MESSAGES
msgfmt po/de.po -o locale/de/LC_MESSAGES/tinyca2.mo
msgfmt po/es.po -o locale/es/LC_MESSAGES/tinyca2.mo
msgfmt po/cs.po -o locale/cs/LC_MESSAGES/tinyca2.mo
msgfmt po/fr.po -o locale/fr/LC_MESSAGES/tinyca2.mo
msgfmt po/sv.po -o locale/sv/LC_MESSAGES/tinyca2.mo

@ -349,7 +349,7 @@ sub get_ca_create {
$opts = {};
$opts->{'days'} = 3650; # set default to 10 years
$opts->{'bits'} = 4096;
$opts->{'digest'} = 'sha1';
$opts->{'digest'} = 'sha256';
if(defined($mode) && $mode eq "sub") { # create SubCA, use defaults
$opts->{'parentca'} = $main->{'CA'}->{'actca'};
@ -453,7 +453,7 @@ sub get_ca_import {
$opts = {};
$opts->{'days'} = 3650; # set default to 10 years
$opts->{'bits'} = 4096;
$opts->{'digest'} = 'sha1';
$opts->{'digest'} = 'sha256';
$main->show_ca_import_dialog($opts);
return;
@ -1062,6 +1062,7 @@ sub create_ca {
'outdir' => $self->{$ca}->{'dir'}."/newcerts/",
'keyfile' => $self->{$ca}->{'dir'}."/cacert.key",
'cacertfile' => $self->{$ca}->{'dir'}."/cacert.pem",
'digest' => $opts->{'digest'},
'pass' => $opts->{'passwd'},
'days' => $opts->{'days'},
'parentpw' => $opts->{'parentpw'},

@ -480,6 +480,9 @@ sub export_cert {
$out = '';
$out .= "Fingerprint (MD5): $opts->{'parsed'}->{'FINGERPRINTMD5'}\n";
$out .= "Fingerprint (SHA1): $opts->{'parsed'}->{'FINGERPRINTSHA1'}\n\n";
$out .= "Fingerprint (SHA256): $opts->{'parsed'}->{'FINGERPRINTSHA256'}\n\n";
$out .= "Fingerprint (SHA384): $opts->{'parsed'}->{'FINGERPRINTSHA384'}\n\n";
$out .= "Fingerprint (SHA512): $opts->{'parsed'}->{'FINGERPRINTSHA512'}\n\n";
} else {
$out = '';
}

@ -29,14 +29,16 @@ my $true=1;
# This hash maps our internal MD names to the displayed digest names.
# Maybe it should live in a crypto-related file instead of a UI-related file?
my %md_algorithms = (
'md5' => 'MD5',
'sha1' => 'SHA1',
'md2' => 'MD2',
'mdc2' => 'MDC2',
'md4' => 'MD4',
'sha256' => 'SHA-256',
'md5' => 'ins.MD5',
# n/a 'md2' => 'MD2',
# n/a 'mdc2' => 'MDC2',
'md4' => 'ins.MD4',
'ripemd160' => 'RIPEMD-160',
# 'sha' => 'SHA',
'sha1' => 'SHA-1',
'sha1' => 'ins.SHA-1',
'sha384' => 'SHA-384',
'sha512' => 'SHA-512',
);
my %bit_lengths = (
@ -58,7 +60,7 @@ sub new {
bless($self, $class);
$self->{'version'} = '0.7.5';
$self->{'version'} = '0.7.6';
$self->{'words'} = GUI::WORDS->new();
@ -573,6 +575,12 @@ sub create_toolbar {
} elsif($mode eq 'key') {
$button = Gtk2::ToolButton->new_from_stock('gtk-revert-to-saved');
$self->{'toolbar'}->insert($button, -1);
$button->set_label(_("Import"));
$button->signal_connect('clicked', sub {
$self->{'KEY'}->get_import_key($self) });
$button = Gtk2::ToolButton->new_from_stock('gtk-save');
$self->{'toolbar'}->insert($button, -1);
$button->set_label(_("Export"));
@ -978,7 +986,7 @@ sub create_detail_tree {
$piter = $store->append($root);
$store->set($piter, 0 => $t);
for my $l qw(CN EMAIL O OU C ST L) {
for my $l (qw(CN EMAIL O OU C ST L)) {
if(defined($parsed->{$l})) {
if($l eq "OU") {
foreach my $ou (@{$parsed->{'OU'}}) {
@ -1003,7 +1011,7 @@ sub create_detail_tree {
$piter = $store->append($root);
$store->set($piter, 0 => $t);
for my $l qw(CN EMAIL O OU C ST L) {
for my $l (qw(CN EMAIL O OU C ST L)) {
if(defined($parsed->{'ISSUERDN'}->{$l})) {
if($l eq "OU") {
foreach my $ou (@{$parsed->{'ISSUERDN'}->{'OU'}}) {
@ -1029,7 +1037,7 @@ sub create_detail_tree {
$piter = $store->append($root);
$store->set($piter, 0 => $t);
for my $l qw(STATUS NOTBEFORE NOTAFTER) {
for my $l (qw(STATUS NOTBEFORE NOTAFTER)) {
if(defined($parsed->{$l})) {
$citer = $store->append($piter);
$store->set($citer,
@ -1045,7 +1053,7 @@ sub create_detail_tree {
$store->set($piter, 0 => $t);
for my $l qw(STATUS SERIAL KEYSIZE PK_ALGORITHM SIG_ALGORITHM TYPE) {
for my $l (qw(STATUS SERIAL KEYSIZE PK_ALGORITHM SIG_ALGORITHM TYPE)) {
if(defined($parsed->{$l})) {
$citer = $store->append($piter);
$store->set($citer,
@ -1060,7 +1068,7 @@ sub create_detail_tree {
$piter = $store->append($root);
$store->set($piter, 0 => $t);
for my $l qw(FINGERPRINTMD5 FINGERPRINTSHA1) {
for my $l (qw(FINGERPRINTMD5 FINGERPRINTSHA1 FINGERPRINTSHA256 FINGERPRINTSHA384 FINGERPRINTSHA512)) {
if(defined($parsed->{$l})) {
$citer = $store->append($piter);
$store->set($citer,
@ -1171,6 +1179,7 @@ sub show_select_ca_dialog {
);
$box = GUI::HELPERS::dialog_box($t, $t, $button_ok, $button_cancel);
$box->set_default_size(240,320);
$button_ok->grab_default();
@ -1249,7 +1258,7 @@ sub show_req_dialog {
# table for request data
my $cc=0;
my $ous = 1;
if(defined($opts->{'OU'})) {
if(defined($opts->{'OU'}) and ref($opts->{'OU'}) eq 'ARRAY') {
$ous = @{$opts->{'OU'}} - 1;
}
$reqtable = Gtk2::Table->new(1, 13 + $ous, 0);
@ -1297,7 +1306,7 @@ sub show_req_dialog {
_("Organization Name (eg. company):"),
\$opts->{'O'}, $reqtable, 10, 1);
if(defined($opts->{'OU'})) {
if(defined($opts->{'OU'}) and ref($opts->{'OU'}) eq 'ARRAY') {
foreach my $ou (@{$opts->{'OU'}}) {
$entry = GUI::HELPERS::entry_to_table(
_("Organizational Unit Name (eg. section):"),
@ -1616,6 +1625,17 @@ sub show_ca_export_dialog {
return;
}
#
# get filename for importing keys
#
sub show_key_import_dialog {
my ($self, $opts) = @_;
# my $opts = {};
my($box, $button_ok, $button_cancel, $button, $entry, $table, $label);
}
#
# get password for exporting keys
#
@ -1746,6 +1766,7 @@ sub show_export_dialog {
}
$box = GUI::HELPERS::dialog_box($title, $text, $button_ok, $button_cancel);
$box->set_default_size(640, -1);
# small table for file selection
$table = Gtk2::Table->new(1, 3, 0);
@ -1753,7 +1774,7 @@ sub show_export_dialog {
$box->vbox->add($table);
$label = GUI::HELPERS::create_label(_("File:"), 'left', 0, 0);
$table->attach_defaults($label, 0, 1, 0, 1);
$table->attach($label, 0, 1, 0, 1, 'fill', 'fill', 0, 0);
if($mode eq 'cert') {
$t = _("Export Certificate");
@ -1773,7 +1794,7 @@ sub show_export_dialog {
$button->signal_connect('clicked' =>
sub{GUI::HELPERS::browse_file(
$t, $fileentry, 'save')});
$table->attach_defaults($button, 2, 3, 0, 1);
$table->attach($button, 2, 3, 0, 1, 'fill', 'fill', 0, 0);
$label = GUI::HELPERS::create_label(
_("Export Format:"), 'center', 0, 0);
@ -2521,12 +2542,14 @@ sub about {
my ($aboutdialog, $href, $label);
$aboutdialog = Gtk2::AboutDialog->new();
$aboutdialog->set_name("TinyCA2");
$aboutdialog->set_program_name("TinyCA2");
$aboutdialog->set_version($main->{'version'});
$aboutdialog->set_copyright("2002-2006 Stephan Martin");
$aboutdialog->set_license("GNU Public License (GPL)");
$aboutdialog->set_website("http://tinyca.sm-zone.net/");
$aboutdialog->set_authors("Stephan Martin <sm\@sm-zone.net>");
$aboutdialog->set_authors(
"Stephan Martin <sm\@sm-zone.net>"."\n".
"Thomas Hooge <thomas\@hoogi.de>");
$aboutdialog->set_translator_credits(
_("Czech: Robert Wolf <gentoo\@slave.umbr.cas.cz>")."\n".
_("Swedish: Daniel Nylander <yeager\@lidkoping.net>")."\n".
@ -2534,6 +2557,8 @@ sub about {
_("French: Thibault Le Meur <Thibault.Lemeur\@supelec.fr>"));
$aboutdialog->show_all();
$aboutdialog->run;
$aboutdialog->destroy;
return;
}
@ -2634,7 +2659,7 @@ sub show_req_date_warning {
my ($box, $button_ok, $button_cancel, $t);
$t = _("The Certificate will be longer valid than your CA!");
$t = _("The certificate will be valid longer than its CA!");
$t .= "\n";
$t .= _("This may cause problems with some software!!");
@ -3088,18 +3113,21 @@ sub _create_req_menu {
sub _fill_radiobox {
my($radiobox, $var, %values) = @_;
my($previous_key, $value);
my($active_key, $previous_key, $value);
$active_key = undef;
$previous_key = undef;
for $value (keys %values) {
for $value (sort keys %values) {
my $display_name = $values{$value};
my $key = Gtk2::RadioButton->new($previous_key, $display_name);
$key->set_active(1) if(defined($$var) && $$var eq $value);
#$key->set_active(1) if(defined($$var) && $$var eq $value);
$active_key = $key if(defined($$var) && $$var eq $value);
$key->signal_connect('toggled' =>
sub{GUI::CALLBACK::toggle_to_var($key, $var, $value)});
$radiobox->add($key);
$previous_key = $key;
}
$active_key->set_active(1) if ($active_key);
}
1

@ -70,6 +70,9 @@ sub new {
'STATUS' => _("Status"),
'FINGERPRINTMD5' => _("Fingerprint (MD5)"),
'FINGERPRINTSHA1' => _("Fingerprint (SHA1)"),
'FINGERPRINTSHA256' => _("Fingerprint (SHA256)"),
'FINGERPRINTSHA384' => _("Fingerprint (SHA384)"),
'FINGERPRINTSHA512' => _("Fingerprint (SHA512)"),
_("Not set") => 'none',
_("Ask User") => 'user',
_("critical") => 'critical',

@ -624,7 +624,7 @@ sub selection_cadir {
$dir = $self->{'actdir'};
# cut off the last directory name to provide the ca-directory
$dir =~ s/\/certs|\/req|\/keys$//;
$dir =~ s/(\/certs|\/req|\/keys)$//;
return($dir);
}

@ -90,6 +90,15 @@ sub display {
'center', 0, 0);
$self->{'x509textbox'}->pack_start($self->{'certfingerprintsha1'},
0, 0, 0);
if(defined($self->{'certfingerprintsha256'})) {
$self->{'certfingerprintsha256'}->destroy();
}
$self->{'certfingerprintsha256'} = GUI::HELPERS::create_label(
_("Fingerprint (SHA256)").": ".$parsed->{'FINGERPRINTSHA256'},
'center', 0, 0);
$self->{'x509textbox'}->pack_start($self->{'certfingerprintsha256'},
0, 0, 0);
}
if (($mode eq 'cert') || ($mode eq 'cacert')) {

@ -30,6 +30,23 @@ sub new {
bless($self, $class);
}
#
# get informations to import key from file
#
sub get_import_key {
my ($self, $main, $opts, $box) = @_;
$box->destroy() if(defined($box));
GUI::HELPERS::print_warning(_("Import Key: Function does not yet exist."));
# if(not defined($opts)) {
# $main->show_key_import_dialog();
# return;
# }
}
#
# get name of keyfile to delete
#

@ -22,6 +22,7 @@ package OpenSSL;
use POSIX;
use IPC::Open3;
use IO::Select;
use Time::Local;
sub new {
@ -41,7 +42,7 @@ sub new {
close(TEST);
# set version (format: e.g. 0.9.7 or 0.9.7a)
if($v =~ /\b(0\.9\.[678][a-z]?)\b/) {
if($v =~ /\b(0\.9\.[6-9][a-z]?)\b/ || $v =~ /\b(1\.0\.[01][a-z]?)\b/) {
$self->{'version'} = $1;
}
@ -142,7 +143,13 @@ sub signreq {
$cmd .= " -in \"$opts->{'reqfile'}\"";
$cmd .= " -days $opts->{'days'}";
$cmd .= " -preserveDN";
$cmd .= " -md $opts->{'digest'}" if($opts->{'digest'});
if($opts->{'digest'}){
if (lc $opts->{'digest'} eq 'sha1') {
# force sha256 instead of deprecated sha1
$opts->{'digest'} = "sha256";
}
$cmd .= " -md $opts->{'digest'}";
};
if(defined($opts->{'mode'}) && $opts->{'mode'} eq "sub") {
$cmd .= " -keyfile \"$opts->{'keyfile'}\"";
@ -673,6 +680,47 @@ sub parsecert {
GUI::HELPERS::print_warning($t, $ext);
}
$cmd = "$self->{'bin'} x509 -noout -fingerprint -sha256 -in $file";
$ext = "$cmd\n\n";
$pid = open3($wtfh, $rdfh, $rdfh, $cmd);
while(<$rdfh>){
$ext .= $_;
($k, $v) = split(/=/);
$tmp->{'FINGERPRINTSHA256'} = $v if($k =~ /SHA256 Fingerprint/i);
chomp($tmp->{'FINGERPRINTSHA256'});
}
waitpid($pid, 0);
$ret = $? >> 8;
$cmd = "$self->{'bin'} x509 -noout -fingerprint -sha384 -in $file";
$ext = "$cmd\n\n";
$pid = open3($wtfh, $rdfh, $rdfh, $cmd);
while(<$rdfh>){
$ext .= $_;
($k, $v) = split(/=/);
$tmp->{'FINGERPRINTSHA384'} = $v if($k =~ /SHA384 Fingerprint/i);
chomp($tmp->{'FINGERPRINTSHA384'});
}
waitpid($pid, 0);
$ret = $? >> 8;
$cmd = "$self->{'bin'} x509 -noout -fingerprint -sha512 -in $file";
$ext = "$cmd\n\n";
$pid = open3($wtfh, $rdfh, $rdfh, $cmd);
while(<$rdfh>){
$ext .= $_;
($k, $v) = split(/=/);
$tmp->{'FINGERPRINTSHA512'} = $v if($k =~ /SHA512 Fingerprint/i);
chomp($tmp->{'FINGERPRINTSHA512'});
}
waitpid($pid, 0);
$ret = $? >> 8;
if($ret) {
$t = _("Error reading fingerprint from Certificate");
GUI::HELPERS::print_warning($t, $ext);
}
# get subject in openssl format
$cmd = "$self->{'bin'} x509 -noout -subject -in $file";
$ext = "$cmd\n\n";
@ -817,7 +865,7 @@ sub convdata {
my $self = shift;
my $opts = { @_ };
my ($tmp, $ext, $ret, $file, $pid, $cmd);
my ($tmp, $ext, $ret, $file, $pid, $cmd, $cmdout, $cmderr);
$file = HELPERS::mktmp($self->{'tmp'}."/data");
$cmd = "$self->{'bin'} $opts->{'cmd'}";
@ -830,16 +878,7 @@ sub convdata {
$cmd .= " -outform $opts->{'outform'}";
}
my($rdfh, $wtfh);
$ext = "$cmd\n\n";
$pid = open3($wtfh, $rdfh, $rdfh, $cmd);
print $wtfh "$opts->{'data'}\n";
while(<$rdfh>){
$ext .= $_;
# print STDERR "DEBUG: cmd ret: $_";
};
waitpid($pid, 0);
$ret = $?>>8;
($ret, $tmp, $ext) = _run_with_fixed_input($cmd, $opts->{'data'});
if($self->{'broken'}) {
if(($ret != 0 && $opts->{'cmd'} ne 'crl') ||
@ -859,6 +898,7 @@ sub convdata {
}
}
if (-s $file) { # If the file is empty, the payload is in $tmp (via STDOUT of the called process).
open(IN, $file) || do {
my $t = sprintf(_("Can't open file %s: %s"), $file, $!);
GUI::HELPERS::print_warning($t);
@ -866,7 +906,7 @@ sub convdata {
};
$tmp .= $_ while(<IN>);
close(IN);
}
unlink($file);
return($ret, $tmp, $ext);
@ -1076,4 +1116,72 @@ sub _get_index {
}
}
=over
=item _run_with_fixed_input($cmd, $input)
This function runs C<$cmd> and writes the C<$input> to STDIN of the
new process (all at once).
While the command runs, all of its output to STDOUT and STDERR is
collected.
After the command terminates (closes both STDOUT and STDIN) the
function returns the command's return value as well as everything it
wrote to its STDOUT and STDERR in a list.
=back
=cut
sub _run_with_fixed_input {
my $cmd = shift;
my $input = shift;
my ($wtfh, $rdfh, $erfh, $pid, $sel, $ret, $stdout, $stderr);
$erfh = Symbol::gensym; # Must not be false, otherwise it is lumped together with rdfh
# Run the command
$pid = open3($wtfh, $rdfh, $erfh, $cmd);
print $wtfh $input, "\n";
$stdout = '';
$stderr = '';
$sel = new IO::Select($rdfh, $erfh);
while (my @fhs = $sel->can_read()) {
foreach my $fh (@fhs) {
if ($fh == $rdfh) { # STDOUT
my $bytes_read = sysread($fh, my $buf='', 1024);
if ($bytes_read == -1) {
warn("Error reading from child's STDOUT: $!\n");
$sel->remove($fh);
} elsif ($bytes_read == 0) {
# print("Child's STDOUT closed.\n");
$sel->remove($fh);
} else {
$stdout .= $buf;
}
}
elsif ($fh == $erfh) { # STDERR
my $bytes_read = sysread($fh, my $buf='', 1024);
if ($bytes_read == -1) {
warn("Error reading from child's STDERR: $!\n");
$sel->remove($fh);
} elsif ($bytes_read == 0) {
# print("Child's STDERR closed.\n");
$sel->remove($fh);
} else {
$stderr .= $buf;
}
}
}
}
waitpid($pid, 0);
$ret = $?>>8;
return ($ret, $stdout, $stderr)
}
1

@ -59,7 +59,7 @@ sub get_req_create {
GUI::HELPERS::print_error($t);
}
$opts->{'bits'} = 4096;
$opts->{'digest'} = 'sha1';
$opts->{'digest'} = 'sha256';
$opts->{'algo'} = 'rsa';
if(defined($opts) && $opts eq "sign") {
$opts->{'sign'} = 1;
@ -426,6 +426,12 @@ sub get_sign_req {
$opts->{'digest'} = "md5";
} elsif ($opts->{'digest'} =~ /^sha1/) {
$opts->{'digest'} = "sha1";
} elsif ($opts->{'digest'} =~ /^sha256/) {
$opts->{'digest'} = "sha256";
} elsif ($opts->{'digest'} =~ /^sha384/) {
$opts->{'digest'} = "sha384";
} elsif ($opts->{'digest'} =~ /^sha512/) {
$opts->{'digest'} = "sha512";
} elsif ($opts->{'digest'} =~ /^ripemd160/) {
$opts->{'digest'} = "ripemd160";
} else {

@ -1257,7 +1257,7 @@ msgid "if the corresponding certificate is still valid"
msgstr "pokud odpovídající certifikát je stále platný"
#: ../lib/GUI.pm:2636
msgid "The Certificate will be longer valid than your CA!"
msgid "The certificate will be valid longer than its CA!"
msgstr "Certifikát bude platný déle než Vaše CA!"
#: ../lib/GUI.pm:2638

@ -1245,7 +1245,7 @@ msgid "if the corresponding certificate is still valid"
msgstr "falls das Zertifikat noch gültig ist"
#: ../lib/GUI.pm:2636
msgid "The Certificate will be longer valid than your CA!"
msgid "The certificate will be valid longer than its CA!"
msgstr "Das Zertifikat wird länger gültig sein als die CA!"
#: ../lib/GUI.pm:2638

@ -1260,7 +1260,7 @@ msgid "if the corresponding certificate is still valid"
msgstr "¡Si el Certificado correspondiente no ha caducado o ha sido revocado "
#: ../lib/GUI.pm:2636
msgid "The Certificate will be longer valid than your CA!"
msgid "The certificate will be valid longer than its CA!"
msgstr "¡El Certificado tendrá mayor duración que la CA!"
#: ../lib/GUI.pm:2638

@ -1257,7 +1257,7 @@ msgid "if the corresponding certificate is still valid"
msgstr "Si le Certificat correspondant est tjours valide"
#: ../lib/GUI.pm:2636
msgid "The Certificate will be longer valid than your CA!"
msgid "The certificate will be valid longer than its CA!"
msgstr ""
"La date de validité du Certificat dépasse la date de validité de la CA!"

@ -1,19 +1,23 @@
# Swedish translation of tinyca.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
# This file is distributed under the same license as the tinyca package.
#
# Daniel Nylander <po@danielnylander.se>, 2006.
# Marcus Better <marcus@better.se>, 2009.
#
msgid ""
msgstr ""
"Project-Id-Version: tinyca\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2005-06-05 18:44+0200\n"
"PO-Revision-Date: 2006-07-10 16:23+0100\n"
"Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
"PO-Revision-Date: 2009-10-19 12:02+0200\n"
"Last-Translator: Marcus Better <marcus@better.se>\n"
"Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=utf-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Lokalize 1.0\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ../lib/CA.pm:45
msgid "error: can't open basedir: "
@ -253,7 +257,7 @@ msgstr "Kan inte skriva certifikatfil: %s"
#: ../lib/CA.pm:766
#: ../lib/CA.pm:912
msgid "Can't open Index file: "
msgstr "Kan inte öppna Index-fil: "
msgstr "Kan inte öppna indexfil: "
#: ../lib/CA.pm:774
#: ../lib/CA.pm:919
@ -652,7 +656,7 @@ msgstr "Typ"
#: ../lib/GUI.pm:246
msgid "Keys"
msgstr "Tangenter"
msgstr "Nycklar"
#: ../lib/GUI.pm:289
msgid "Requests"
@ -1383,7 +1387,7 @@ msgid "if the corresponding certificate is still valid"
msgstr "om det korresponderande certifikatet är giltigt fortfarande"
#: ../lib/GUI.pm:2675
msgid "The Certificate will be longer valid than your CA!"
msgid "The certificate will be valid longer than its CA!"
msgstr "Certifikatet kommer vara giltigt längre än ditt CA!"
#: ../lib/GUI.pm:2677

@ -15,7 +15,7 @@ RANDFILE = $dir/.rand
x509_extensions = client_cert
default_days = 365
default_crl_days= 30
default_md = sha1
default_md = sha256
preserve = no
policy = policy_client
@ -33,7 +33,7 @@ RANDFILE = $dir/.rand
x509_extensions = server_cert
default_days = 365
default_crl_days= 30
default_md = sha1
default_md = sha256
preserve = no
policy = policy_server
@ -51,7 +51,7 @@ RANDFILE = $dir/.rand
x509_extensions = v3_ca
default_days = 365
default_crl_days= 30
default_md = sha1
default_md = sha256
preserve = no
policy = policy_ca

@ -85,8 +85,17 @@ if(not -d $init->{'templatedir'}) {
}
# location for CA files
if( exists $ENV{'TINYCA_BASEDIR'}) {
$init->{'basedir'} = $ENV{'TINYCA_BASEDIR'}
} else {
$init->{'basedir'} = $ENV{HOME}."/.TinyCA";
}
if( exists $ENV{'TINYCA_EXPORTDIR'}) {
$init->{'exportdir'} = $ENV{'TINYCA_EXPORTDIR'};
} else {
$init->{'exportdir'} = $ENV{HOME};
}
umask(0077);