Allow dhparam to run quietly in scripts, etc.
For other commands that took a -verbose flag already, also support -quiet.
For genpkey which only supported -quiet, add the -verbose flag.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17336)
OPT_CRLDAYS, OPT_CRLHOURS, OPT_CRLSEC,
OPT_INFILES, OPT_SS_CERT, OPT_SPKAC, OPT_REVOKE, OPT_VALID,
OPT_EXTENSIONS, OPT_EXTFILE, OPT_STATUS, OPT_UPDATEDB, OPT_CRLEXTS,
- OPT_RAND_SERIAL,
+ OPT_RAND_SERIAL, OPT_QUIET,
OPT_R_ENUM, OPT_PROV_ENUM,
/* Do not change the order here; see related case statements below */
OPT_CRL_REASON, OPT_CRL_HOLD, OPT_CRL_COMPROMISE, OPT_CRL_CA_COMPROMISE
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
{"verbose", OPT_VERBOSE, '-', "Verbose output during processing"},
+ {"quiet", OPT_QUIET, '-', "Terse output during processing"},
{"outdir", OPT_OUTDIR, '/', "Where to put output cert"},
{"in", OPT_IN, '<', "The input cert request(s)"},
{"inform", OPT_INFORM, 'F', "CSR input format (DER or PEM); default PEM"},
case OPT_VERBOSE:
verbose = 1;
break;
+ case OPT_QUIET:
+ verbose = 0;
+ break;
case OPT_CONFIG:
configfile = opt_arg();
break;
static EVP_PKEY *dsa_to_dh(EVP_PKEY *dh);
+static int verbose = 1;
+
typedef enum OPTION_choice {
OPT_COMMON,
OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT,
OPT_ENGINE, OPT_CHECK, OPT_TEXT, OPT_NOOUT,
- OPT_DSAPARAM, OPT_2, OPT_3, OPT_5,
+ OPT_DSAPARAM, OPT_2, OPT_3, OPT_5, OPT_VERBOSE, OPT_QUIET,
OPT_R_ENUM, OPT_PROV_ENUM
} OPTION_CHOICE;
{"2", OPT_2, '-', "Generate parameters using 2 as the generator value"},
{"3", OPT_3, '-', "Generate parameters using 3 as the generator value"},
{"5", OPT_5, '-', "Generate parameters using 5 as the generator value"},
+ {"verbose", OPT_VERBOSE, '-', "Verbose output"},
+ {"quiet", OPT_QUIET, '-', "Terse output"},
OPT_R_OPTIONS,
OPT_PROV_OPTIONS,
case OPT_NOOUT:
noout = 1;
break;
+ case OPT_VERBOSE:
+ verbose = 1;
+ break;
+ case OPT_QUIET:
+ verbose = 0;
+ break;
case OPT_R_CASES:
if (!opt_rand(o))
goto end;
alg);
goto end;
}
- EVP_PKEY_CTX_set_cb(ctx, progress_cb);
EVP_PKEY_CTX_set_app_data(ctx, bio_err);
- BIO_printf(bio_err,
- "Generating %s parameters, %d bit long %sprime\n",
- alg, num, dsaparam ? "" : "safe ");
+ if (verbose) {
+ EVP_PKEY_CTX_set_cb(ctx, progress_cb);
+ BIO_printf(bio_err,
+ "Generating %s parameters, %d bit long %sprime\n",
+ alg, num, dsaparam ? "" : "safe ");
+ }
if (EVP_PKEY_paramgen_init(ctx) <= 0) {
BIO_printf(bio_err,
typedef enum OPTION_choice {
OPT_COMMON,
OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT,
- OPT_NOOUT, OPT_GENKEY, OPT_ENGINE, OPT_VERBOSE,
+ OPT_NOOUT, OPT_GENKEY, OPT_ENGINE, OPT_VERBOSE, OPT_QUIET,
OPT_R_ENUM, OPT_PROV_ENUM
} OPTION_CHOICE;
{"text", OPT_TEXT, '-', "Print as text"},
{"noout", OPT_NOOUT, '-', "No output"},
{"verbose", OPT_VERBOSE, '-', "Verbose output"},
+ {"quiet", OPT_QUIET, '-', "Terse output"},
{"genkey", OPT_GENKEY, '-', "Generate a DSA key"},
OPT_R_OPTIONS,
case OPT_VERBOSE:
verbose = 1;
break;
+ case OPT_QUIET:
+ verbose = 0;
+ break;
}
}
typedef enum OPTION_choice {
OPT_COMMON,
- OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_CIPHER, OPT_VERBOSE,
+ OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_CIPHER, OPT_VERBOSE, OPT_QUIET,
OPT_R_ENUM, OPT_PROV_ENUM
} OPTION_CHOICE;
OPT_PROV_OPTIONS,
{"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"},
{"verbose", OPT_VERBOSE, '-', "Verbose output"},
+ {"quiet", OPT_QUIET, '-', "Terse output"},
OPT_PARAMETERS(),
{"dsaparam-file", 0, 0, "File containing DSA parameters"},
case OPT_VERBOSE:
verbose = 1;
break;
+ case OPT_QUIET:
+ verbose = 0;
+ break;
}
}
#include <openssl/err.h>
#include <openssl/evp.h>
-static int quiet;
+static int verbose = 1;
static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e,
OSSL_LIB_CTX *libctx, const char *propq);
OPT_COMMON,
OPT_ENGINE, OPT_OUTFORM, OPT_OUT, OPT_PASS, OPT_PARAMFILE,
OPT_ALGORITHM, OPT_PKEYOPT, OPT_GENPARAM, OPT_TEXT, OPT_CIPHER,
- OPT_QUIET, OPT_CONFIG,
+ OPT_VERBOSE, OPT_QUIET, OPT_CONFIG,
OPT_PROV_ENUM
} OPTION_CHOICE;
#endif
{"paramfile", OPT_PARAMFILE, '<', "Parameters file"},
{"algorithm", OPT_ALGORITHM, 's', "The public key algorithm"},
+ {"verbose", OPT_VERBOSE, '-', "Output status while generating keys"},
{"quiet", OPT_QUIET, '-', "Do not output status while generating keys"},
{"pkeyopt", OPT_PKEYOPT, 's',
"Set the public key algorithm option as opt:value"},
goto end;
break;
case OPT_QUIET:
- quiet = 1;
+ verbose = 0;
+ break;
+ case OPT_VERBOSE:
+ verbose = 1;
break;
case OPT_GENPARAM:
do_param = 1;
if (out == NULL)
goto end;
- if (!quiet)
+ if (verbose)
EVP_PKEY_CTX_set_cb(ctx, progress_cb);
EVP_PKEY_CTX_set_app_data(ctx, bio_err);
OPT_3,
#endif
OPT_F4, OPT_ENGINE,
- OPT_OUT, OPT_PASSOUT, OPT_CIPHER, OPT_PRIMES, OPT_VERBOSE,
+ OPT_OUT, OPT_PASSOUT, OPT_CIPHER, OPT_PRIMES, OPT_VERBOSE, OPT_QUIET,
OPT_R_ENUM, OPT_PROV_ENUM, OPT_TRADITIONAL
} OPTION_CHOICE;
{"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
{"primes", OPT_PRIMES, 'p', "Specify number of primes"},
{"verbose", OPT_VERBOSE, '-', "Verbose output"},
+ {"quiet", OPT_QUIET, '-', "Terse output"},
{"traditional", OPT_TRADITIONAL, '-',
"Use traditional format for private keys"},
{"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"},
case OPT_VERBOSE:
verbose = 1;
break;
+ case OPT_QUIET:
+ verbose = 0;
+ break;
case OPT_TRADITIONAL:
traditional = 1;
break;
if (!init_gen_str(&ctx, "RSA", eng, 0, NULL, NULL))
goto end;
- EVP_PKEY_CTX_set_cb(ctx, progress_cb);
+ if (verbose)
+ EVP_PKEY_CTX_set_cb(ctx, progress_cb);
EVP_PKEY_CTX_set_app_data(ctx, bio_err);
if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, num) <= 0) {
B<openssl> B<ca>
[B<-help>]
[B<-verbose>]
+[B<-quiet>]
[B<-config> I<filename>]
[B<-name> I<section>]
[B<-section> I<section>]
This prints extra details about the operations being performed.
+=item B<-quiet>
+
+This prints fewer details about the operations being performed, which may
+be handy during batch scripts or pipelines.
+
=item B<-config> I<filename>
Specifies the configuration file to use.
[B<-check>]
[B<-noout>]
[B<-text>]
+[B<-verbose>]
+[B<-quiet>]
[B<-2>]
[B<-3>]
[B<-5>]
{- $OpenSSL::safe::opt_provider_item -}
+=item B<-verbose>
+
+This option enables the output of progress messages, which is handy when
+running commands interactively that may take a long time to execute.
+
+=item B<-quiet>
+
+This option suppresses the output of progress messages, which may be
+undesirable in batch scripts or pipelines.
+
=back
=head1 NOTES
[B<-text>]
[B<-genkey>]
[B<-verbose>]
+[B<-quiet>]
{- $OpenSSL::safe::opt_r_synopsis -}
{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
[I<numbits>]
Print extra details about the operations being performed.
+=item B<-quiet>
+
+Print fewer details about the operations being performed, which may
+be handy during batch scripts and pipelines.
+
{- $OpenSSL::safe::opt_r_item -}
{- $OpenSSL::safe::opt_engine_item -}
[B<-des3>]
[B<-idea>]
[B<-verbose>]
+[B<-quiet>]
{- $OpenSSL::safe::opt_r_synopsis -}
{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
[I<paramfile>]
Print extra details about the operations being performed.
+=item B<-quiet>
+
+Print fewer details about the operations being performed, which may
+be handy during batch scripts and pipelines.
+
{- $OpenSSL::safe::opt_r_item -}
{- $OpenSSL::safe::opt_engine_item -}
[B<-help>]
[B<-out> I<filename>]
[B<-outform> B<DER>|B<PEM>]
+[B<-verbose>]
[B<-quiet>]
[B<-pass> I<arg>]
[B<-I<cipher>>]
When B<-genparam> is given, B<-outform> is ignored.
+=item B<-verbose>
+
+Output "status dots" while generating keys.
+
=item B<-quiet>
Do not output "status dots" while generating keys.
[B<-3>]
[B<-primes> I<num>]
[B<-verbose>]
+[B<-quiet>]
[B<-traditional>]
{- $OpenSSL::safe::opt_r_synopsis -}
{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -}
Print extra details about the operations being performed.
+=item B<-quiet>
+
+Print fewer details about the operations being performed, which may
+be handy during batch scripts and pipelines.
+
=item B<-traditional>
Write the key using the traditional PKCS#1 format instead of the PKCS#8 format.