> with a fairly recent snapshot (20001201) I've noticed the following
> problem. This works fine:
>
> openssl req -newkey dsa:dsa1024.pem -keyout foo-key.pem -nodes \
> -out foo.pem
> Using configuration from d:\ssleay\ssleay.cnf
> Loading 'screen' into random state - done
> Generating a 1024 bit DSA private key
> writing new private key to 'foo-key.pem'
>
> but add the -new switch and instead of using DSA it generates RSA
> keys:
>
> openssl req -newkey dsa:dsa1024.pem -keyout foo-key.pem -nodes \
> -out foo.pem -new
> Using configuration from d:\ssleay\ssleay.cnf
> Loading 'screen' into random state - done
> Generating a 1024 bit RSA private key
>
> Is this expected behavior?
In apps/req.c I believe
else if (strcmp(*argv,"-new") == 0)
{
pkey_type=TYPE_RSA;
newreq=1;
}
should read:
else if (strcmp(*argv,"-new") == 0)
{
if (pkey_type == 0)
pkey_type=TYPE_RSA;
newreq=1;
}
Jeffrey Altman * Sr.Software Designer
The Kermit Project * Columbia University
612 West 115th St * New York, NY * 10025 * USA
http://www.kermit-project.org/ * [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
