projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
req: fix default bits handling for -newkey
[openssl.git] / apps / req.c
diff --git a/apps/req.c b/apps/req.c
index 284d03f40dc00d70b7749ee34c02b2f8261863fb..acb98e3560c1c8fc3b9e377bc08e10c9792955c2 100644 (file)
--- a/apps/req.c
+++ b/apps/req.c
@@ -1587,7 +1587,8 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         *pkeytype = OPENSSL_strndup(keytype, keytypelen);
     else
         *pkeytype = OPENSSL_strdup(keytype);
-    *pkeylen = keylen;
+    if (keylen >= 0)
+        *pkeylen = keylen;
 
     if (param != NULL) {
         if (!EVP_PKEY_is_a(param, *pkeytype)) {
@@ -1626,6 +1627,10 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         EVP_PKEY_CTX_free(gctx);
         return NULL;
     }
+    if (keylen == -1 && (EVP_PKEY_CTX_is_a(gctx, "RSA")
+        || EVP_PKEY_CTX_is_a(gctx, "RSA-PSS")))
+        keylen = *pkeylen;
+
     if (keylen != -1) {
         OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
         size_t bits = keylen;
Unnamed repository; edit this file 'description' to name the repository.