From c5580da6c96b53e934fc44c477bb02df9d131fd3 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 11 Jul 2023 13:29:04 +0200
Subject: [PATCH] VPN/IPSEC/Key Pairs - fix RSA keypair generation, closes
 https://github.com/opnsense/core/issues/6638

---
 .../app/controllers/OPNsense/IPsec/Api/KeyPairsController.php   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/KeyPairsController.php b/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/KeyPairsController.php
index 29db5487d..74ba0cdce 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/KeyPairsController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IPsec/Api/KeyPairsController.php
@@ -129,7 +129,7 @@ class KeyPairsController extends ApiMutableModelControllerBase
                 return ['status' => 'failed', 'message' => sprintf('invalid key size %s', $size)];
             }
             $attrs['private_key_type'] = OPENSSL_KEYTYPE_RSA;
-            $attrs['private_key_bits'] = !empty($size) ? $size : 2048;
+            $attrs['private_key_bits'] = !empty($size) ? intval($size) : 2048;
         } elseif ($type == 'ecdsa') {
             if (!empty($size) && !in_array($size, ['256', '384', '521'])) {
                 return ['status' => 'failed', 'message' => sprintf('invalid key size %s', $size)];