openssl req: don't try to report bits
authorRichard Levitte <levitte@openssl.org>
Mon, 3 Sep 2018 11:17:03 +0000 (13:17 +0200)
committerRichard Levitte <levitte@openssl.org>
Tue, 4 Sep 2018 12:29:36 +0000 (14:29 +0200)
With the introduction of -pkeyopt, the number of bits may change
without |newkey| being updated.  Unfortunately, there is no API to
retrieve the information from a EVP_PKEY_CTX either, so chances are
that we report incorrect information.  For the moment, it's better not
to try to report the number of bits at all.

Fixes #7086

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7096)

(cherry picked from commit 17147181bd3f97c53592e2a5c9319b854b954039)

apps/req.c

index 7fcab18cd1c93b61a1261d7f2b4a2b63f4c98b82..5422cac919c0ec53bc67466c0bd6f5a6a2b07404 100644 (file)
@@ -659,8 +659,7 @@ int MAIN(int argc, char **argv)
             }
         }
 
-        BIO_printf(bio_err, "Generating a %ld bit %s private key\n",
-                   newkey, keyalgstr);
+        BIO_printf(bio_err, "Generating a %s private key\n", keyalgstr);
 
         EVP_PKEY_CTX_set_cb(genctx, genpkey_cb);
         EVP_PKEY_CTX_set_app_data(genctx, bio_err);