Handle older versions of openssl

On Ubuntu openssl's genpkey does not have -outpubkey as a genpkey option. So avoid using it for now and just get the pubkey out in a second step. Signed-off-by: Simo Sorce <[email protected]>
latchset · Sep 5, 2024 · f4cd8b7 · f4cd8b7
1 parent 0c69ac1
commit f4cd8b7
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/tests/timported b/tests/timported
@@ -8,10 +8,16 @@ source "${TESTSSRCDIR}/helpers.sh"
 title PARA "Test imported key in token session"
 
 title LINE "Generate keypair in files"
+# older versions of openssl don't support -outpubkey ...
+#ossl 'genpkey -algorithm EC -out ${TMPPDIR}/file.ec.key.pem
+#              -pkeyopt ec_paramgen_curve:P-256
+#              -pkeyopt ec_param_enc:named_curve
+#              -outpubkey ${TMPPDIR}/file.ec.pub.key.pem'
+# .. so we'll use two steps
 ossl 'genpkey -algorithm EC -out ${TMPPDIR}/file.ec.key.pem
-              -pkeyopt ec_paramgen_curve:P-256
-              -pkeyopt ec_param_enc:named_curve
-              -outpubkey ${TMPPDIR}/file.ec.pub.key.pem'
+              -pkeyopt ec_paramgen_curve:P-256'
+ossl 'pkey -in ${TMPPDIR}/file.ec.key.pem
+           -pubout -out ${TMPPDIR}/file.ec.pub.key.pem'
 
 #After key generation force all operations to happen on the token
 ORIG_OPENSSL_CONF=${OPENSSL_CONF}