diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-05-26 09:22:48 +0200 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-05-27 11:06:01 +0200 |
commit | 8b893c35da65c7b9a126c779caf42500e1297e7d (patch) | |
tree | cebb3360c43033445dd37f598263e63db2fa5a25 /apps | |
parent | 54e8f7259bec08a6655a0693a315a75d9ce65e95 (diff) | |
download | openssl-new-8b893c35da65c7b9a126c779caf42500e1297e7d.tar.gz |
APPS req: Extend the -keyout option to be respected also with -key
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13715)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/req.c | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/apps/req.c b/apps/req.c index 9edb1deb96..a9769b7452 100644 --- a/apps/req.c +++ b/apps/req.c @@ -142,7 +142,7 @@ const OPTIONS req_options[] = { {"key", OPT_KEY, 's', "Private key to use"}, {"keyform", OPT_KEYFORM, 'f', "Key file format (ENGINE, other values ignored)"}, {"pubkey", OPT_PUBKEY, '-', "Output public key"}, - {"keyout", OPT_KEYOUT, '>', "File to save newly created private key"}, + {"keyout", OPT_KEYOUT, '>', "File to write private key to"}, {"passin", OPT_PASSIN, 's', "Private key and certificate password source"}, {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, {"newkey", OPT_NEWKEY, 's', @@ -676,17 +676,21 @@ int req_main(int argc, char **argv) EVP_PKEY_CTX_free(genctx); genctx = NULL; + } + if (keyout == NULL) { + keyout = NCONF_get_string(req_conf, section, KEYFILE); + if (keyout == NULL) + ERR_clear_error(); + } - if (keyout == NULL) { - keyout = NCONF_get_string(req_conf, section, KEYFILE); + if (pkey != NULL && (keyfile == NULL || keyout != NULL)) { + if (verbose) { + BIO_printf(bio_err, "Writing private key to "); if (keyout == NULL) - ERR_clear_error(); + BIO_printf(bio_err, "stdout\n"); + else + BIO_printf(bio_err, "'%s'\n", keyout); } - - if (keyout == NULL) - BIO_printf(bio_err, "Writing new private key to stdout\n"); - else - BIO_printf(bio_err, "Writing new private key to '%s'\n", keyout); out = bio_open_owner(keyout, outformat, newreq); if (out == NULL) goto end; @@ -705,7 +709,6 @@ int req_main(int argc, char **argv) i = 0; loop: - assert(newreq); if (!PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, passout)) { if ((ERR_GET_REASON(ERR_peek_error()) == |