From c81b02652aeeae0bf370670f475c4c2a8a987c42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20J=C3=B3zsa?= <peter.jozsa@icloud.com>
Date: Fri, 15 Dec 2023 14:43:43 +0100
Subject: [PATCH] `-legacy` option should be only passed to v3 openssl

---
 sketchcrapp.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/sketchcrapp.sh b/sketchcrapp.sh
index 6c0abd5..1260271 100755
--- a/sketchcrapp.sh
+++ b/sketchcrapp.sh
@@ -356,7 +356,9 @@ genSelfSignCert() {
    -keyform pem -keyout pk.pem \
    -outform pem -out crt.pem
   echo "[+] Creating pkcs package..."
-  openssl pkcs12 -export -legacy -out pkcs.p12 -in crt.pem -inkey pk.pem \
+  opensslMajorVersion=$(openssl version | cut -d' ' -f2 | cut -d'.' -f1)
+  opensslLegacyFlag=$([ "$opensslMajorVersion" -gt 2 ] && echo "-legacy")
+  openssl pkcs12 -export $opensslLegacy -out pkcs.p12 -in crt.pem -inkey pk.pem \
   -name "sketchcrapp" -nodes -passout pass:1234
 }