[openssl] master update

Fri Jun 4 05:09:37 UTC 2021

The branch master has been updated
       via  6a2f82b439924a2e096ec3288041b7f2d02f58fc (commit)
      from  5d8ea84efaf172af76461855988de2ac8b88beb0 (commit)


- Log -----------------------------------------------------------------
commit 6a2f82b439924a2e096ec3288041b7f2d02f58fc
Author: Tomas Mraz <tomas at openssl.org>
Date:   Wed Jun 2 09:35:44 2021 +0200

    req: fix default bits handling for -newkey
    
    Fixes #15569
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15582)

-----------------------------------------------------------------------

Summary of changes:
 apps/req.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/apps/req.c b/apps/req.c
index 284d03f40d..acb98e3560 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1587,7 +1587,8 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         *pkeytype = OPENSSL_strndup(keytype, keytypelen);
     else
         *pkeytype = OPENSSL_strdup(keytype);
-    *pkeylen = keylen;
+    if (keylen >= 0)
+        *pkeylen = keylen;
 
     if (param != NULL) {
         if (!EVP_PKEY_is_a(param, *pkeytype)) {
@@ -1626,6 +1627,10 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         EVP_PKEY_CTX_free(gctx);
         return NULL;
     }
+    if (keylen == -1 && (EVP_PKEY_CTX_is_a(gctx, "RSA")
+        || EVP_PKEY_CTX_is_a(gctx, "RSA-PSS")))
+        keylen = *pkeylen;
+
     if (keylen != -1) {
         OSSL_PARAM params[] = { OSSL_PARAM_END, OSSL_PARAM_END };
         size_t bits = keylen;
