From: Richard Levitte <levitte@openssl.org>
Date: Fri, 25 Jun 2021 06:36:30 +0000 (+0200)
Subject: Fix 'openssl req' to correctly use the algorithm from '-newkey algo:nnnn'
X-Git-Tag: openssl-3.0.0-beta2~169
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=426005eea5afd64bb76006f0fda69502ab3e008d;p=thirdparty%2Fopenssl.git

Fix 'openssl req' to correctly use the algorithm from '-newkey algo:nnnn'

We used the original string, which meant fetching for, for example,
'rsa:2048'.  That was, of course, doomed to fail.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15912)
---

diff --git a/apps/req.c b/apps/req.c
index d0c620438bc..eb286f8a8e1 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -1615,14 +1615,14 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         EVP_PKEY_free(param);
     } else {
         if (keygen_engine != NULL) {
-            int pkey_id = get_legacy_pkey_id(app_get0_libctx(), keytype,
+            int pkey_id = get_legacy_pkey_id(app_get0_libctx(), *pkeytype,
                                              keygen_engine);
 
             if (pkey_id != NID_undef)
                 gctx = EVP_PKEY_CTX_new_id(pkey_id, keygen_engine);
         } else {
             gctx = EVP_PKEY_CTX_new_from_name(app_get0_libctx(),
-                                              keytype, app_get0_propq());
+                                              *pkeytype, app_get0_propq());
         }
     }