From: Dr. David von Oheimb Date: Tue, 15 Dec 2020 13:30:38 +0000 (+0100) Subject: apps/pkey.c: Make clear that -passout is not supported for DER output X-Git-Tag: openssl-3.0.0-alpha11~147 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=475d10028e57ae0987911af580f0de8d701325ec;p=thirdparty%2Fopenssl.git apps/pkey.c: Make clear that -passout is not supported for DER output Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13712) --- diff --git a/apps/pkey.c b/apps/pkey.c index 67dc8c012c3..c6308e2f0a3 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -66,7 +66,7 @@ const OPTIONS pkey_options[] = { OPT_SECTION("Output"), {"outform", OPT_OUTFORM, 'F', "Output format (DER or PEM)"}, - {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, + {"passout", OPT_PASSOUT, 's', "Output PEM file pass phrase source"}, {"out", OPT_OUT, '>', "Output file"}, {"pubout", OPT_PUBOUT, '-', "Output public key, not private"}, {"text_pub", OPT_TEXT_PUB, '-', "Only output public key components"}, @@ -196,6 +196,11 @@ int pkey_main(int argc, char **argv) if (text && !pubtext) private = 1; + if (outformat == FORMAT_ASN1 && passoutarg != NULL) { + BIO_printf(bio_err, "The -passout option is not supported for DER output\n"); + goto end; + } + if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; diff --git a/doc/man1/openssl-pkey.pod.in b/doc/man1/openssl-pkey.pod.in index 86597c9e369..2900fc24c7e 100644 --- a/doc/man1/openssl-pkey.pod.in +++ b/doc/man1/openssl-pkey.pod.in @@ -67,6 +67,8 @@ prompted for. =item B<-passin> I, B<-passout> I The password source for the input and output file. +The -passout option is not supported for DER output. + For more information about the format of B see L.