From 48c0fb42feeea3aa180f60cf1b4beb649191f052 Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Sun, 21 Apr 2024 04:29:20 +0100
Subject: [PATCH] self-sign: simplify required curve EASYRSA_CURVE

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 8f057d231..a5768a31d 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -1900,17 +1900,19 @@ Conflicting certificate exists at:
 
 	# params-file
 	if [ "$EASYRSA_CURVE" ]; then
-		user_error "Only EC Curve 'secp384r1' is suported."
+		[ "$EASYRSA_CURVE" = secp384r1 ] || \
+			user_error "Only EC Curve 'secp384r1' is supported."
 	else
 		export EASYRSA_CURVE=secp384r1
-		"${EASYRSA_OPENSSL}" ecparam \
-			-name "${EASYRSA_CURVE}" \
-			-out "${selfsign_params_file}" || \
-				die "build_self_sign - params-file failed"
 	fi
 
+	"${EASYRSA_OPENSSL}" ecparam \
+		-name "${EASYRSA_CURVE}" \
+		-out "${selfsign_params_file}" || \
+			die "build_self_sign - params-file failed"
+
 	# create self-signed key pair
-	easyrsa_openssl req -x509  -utf8 -sha256 -text \
+	easyrsa_openssl req -x509 -utf8 -sha256 -text \
 		-newkey ec:"${selfsign_params_file}" \
 		-keyout "${key_out}" \
 		-out "${crt_out}" \
@@ -1918,9 +1920,10 @@ Conflicting certificate exists at:
 		-addext extendedKeyUsage="${selfsign_eku}" \
 		${EASYRSA_NO_PASS:+ "$no_password"} \
 		${EASYRSA_PASSIN:+ -passin "$EASYRSA_PASSIN"} \
+		${EASYRSA_PASSOUT:+ -passout "$EASYRSA_PASSOUT"} \
 		${EASYRSA_CERT_EXPIRE:+ -days "$EASYRSA_CERT_EXPIRE"} \
 		${EASYRSA_START_DATE:+ -startdate "$EASYRSA_START_DATE"} \
-		${EASYRSA_END_DATE:+ -enddate "$EASYRSA_END_DATE"} \
+		${EASYRSA_END_DATE:+ -enddate "$EASYRSA_END_DATE"}
 
 	# Generate fingerprint for inline file
 	crt_fingerprint="$(