From bf4006a6f9be691ba6eef0e8629e63369a033ccf Mon Sep 17 00:00:00 2001
From: Jussi Keranen <jussi.keranen@vincit.com>
Date: Wed, 11 Dec 2019 15:08:04 +0200
Subject: [PATCH 1/1] Fix regression on x509 keyform argument

In OpenSSL pre 1.1.0, 'openssl x509 -keyform engine' was possible
and supported.  In 1.1.0, type of keyform argument is OPT_FMT_PEMDER
which doesn't support engine. This changes type of keyform argument
to OPT_FMT_PDE which means PEM, DER or engine and updates the manpage
including keyform and CAkeyform.

This restores the pre 1.1.0 behavior.

This issue is very similar than https://github.com/openssl/openssl/issues/4366

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10609)

(cherry picked from commit 0ab6fc79a9a63370be1a615729dc2a6ed0d6c89b)
---
 apps/x509.c       | 4 ++--
 doc/man1/x509.pod | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/x509.c b/apps/x509.c
index 81291a9a4f..f81741f4e7 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -72,7 +72,7 @@ const OPTIONS x509_options[] = {
     {"outform", OPT_OUTFORM, 'f',
      "Output format - default PEM (one of DER or PEM)"},
     {"out", OPT_OUT, '>', "Output file - default stdout"},
-    {"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"},
+    {"keyform", OPT_KEYFORM, 'E', "Private key format - default PEM"},
     {"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"},
     {"serial", OPT_SERIAL, '-', "Print serial number value"},
     {"subject_hash", OPT_HASH, '-', "Print subject hash value"},
@@ -217,7 +217,7 @@ int x509_main(int argc, char **argv)
                 goto opthelp;
             break;
         case OPT_KEYFORM:
-            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &keyformat))
+            if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyformat))
                 goto opthelp;
             break;
         case OPT_CAFORM:
diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod
index 503d5e9fd4..a6cea337d2 100644
--- a/doc/man1/x509.pod
+++ b/doc/man1/x509.pod
@@ -11,7 +11,7 @@ B<openssl> B<x509>
 [B<-help>]
 [B<-inform DER|PEM>]
 [B<-outform DER|PEM>]
-[B<-keyform DER|PEM>]
+[B<-keyform DER|PEM|ENGINE>]
 [B<-CAform DER|PEM>]
 [B<-CAkeyform DER|PEM>]
 [B<-in filename>]
-- 
2.25.1