[openssl] master update

Richard Levitte levitte at openssl.org
Thu Jun 10 06:34:55 UTC 2021 

The branch master has been updated
       via  5ac6d7d21b4e896fee2eca0488915faaea196448 (commit)
      from  b6298a7f8de45b287bfbad5de282fbceb68abb02 (commit)


- Log -----------------------------------------------------------------
commit 5ac6d7d21b4e896fee2eca0488915faaea196448
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Jun 8 12:22:31 2021 +0200

    APPS: Restore the possibility to combine -pubout with -text
    
    This applies to the 'openssl pkey' command.
    
    Fixes #15645
    
    Reviewed-by: Paul Dale <pauli at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15658)

-----------------------------------------------------------------------

Summary of changes:
 apps/pkey.c                  | 10 +++++++---
 doc/man1/openssl-pkey.pod.in |  6 ++++--
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/apps/pkey.c b/apps/pkey.c
index 781f376837..fb3899b08e 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -175,15 +175,19 @@ int pkey_main(int argc, char **argv)
     if (argc != 0)
         goto opthelp;
 
-    if (noout && pubout)
-        BIO_printf(bio_err,
-                   "Warning: The -pubout option is ignored with -noout\n");
     if (text && text_pub)
         BIO_printf(bio_err,
                    "Warning: The -text option is ignored with -text_pub\n");
     if (traditional && (noout || outformat != FORMAT_PEM))
         BIO_printf(bio_err,
                    "Warning: The -traditional is ignored since there is no PEM output\n");
+
+    /* -pubout and -text is the same as -text_pub */
+    if (!text_pub && pubout && text) {
+        text = 0;
+        text_pub = 1;
+    }
+
     private = (!noout && !pubout) || (text && !text_pub);
 
     if (ciphername != NULL) {
diff --git a/doc/man1/openssl-pkey.pod.in b/doc/man1/openssl-pkey.pod.in
index bf45643bce..34d57f7d14 100644
--- a/doc/man1/openssl-pkey.pod.in
+++ b/doc/man1/openssl-pkey.pod.in
@@ -131,10 +131,12 @@ option is specified then the older "traditional" format is used instead.
 
 =item B<-pubout>
 
-By default the encoded private and public key is output;
-this option restricts the encoded output to the public components.
+By default the private and public key is output;
+this option restricts the output to the public components.
 This option is automatically set if the input is a public key.
 
+When combined with B<-text>, this is equivalent to B<-text_pub>.
+
 =item B<-noout>
 
 Do not output the key in encoded form.

More information about the openssl-commits mailing list