#include <openssl/encoder.h>
/*
- * TODO: This include is to get OSSL_KEYMGMT_SELECT_*, which feels a bit
+ * This include is to get OSSL_KEYMGMT_SELECT_*, which feels a bit
* much just for those macros... they might serve better as EVP macros.
*/
#include <openssl/core_dispatch.h>
#endif
typedef enum OPTION_choice {
- OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
+ OPT_COMMON,
OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT,
OPT_PUBIN, OPT_PUBOUT, OPT_PASSOUT, OPT_PASSIN,
OPT_RSAPUBKEY_IN, OPT_RSAPUBKEY_OUT,
char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
int private = 0;
- int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
+ int informat = FORMAT_UNDEF, outformat = FORMAT_PEM, text = 0, check = 0;
int noout = 0, modulus = 0, pubin = 0, pubout = 0, ret = 1;
int pvk_encr = DEFAULT_PVK_ENCR_STRENGTH;
OPTION_CHOICE o;
}
if (pubin) {
- int tmpformat = -1;
+ int tmpformat = FORMAT_UNDEF;
if (pubin == 2) {
if (informat == FORMAT_PEM)
if (traditional)
output_structure = "pkcs1"; /* "type-specific" would work too */
else
- output_structure = "pkcs8";
+ output_structure = "PrivateKeyInfo";
}
}
goto end;
}
+ /* Passphrase setup */
+ if (enc != NULL)
+ OSSL_ENCODER_CTX_set_cipher(ectx, EVP_CIPHER_get0_name(enc), NULL);
+
+ /* Default passphrase prompter */
+ if (enc != NULL || outformat == FORMAT_PVK) {
+ OSSL_ENCODER_CTX_set_passphrase_ui(ectx, get_ui_method(), NULL);
+ if (passout != NULL)
+ /* When passout given, override the passphrase prompter */
+ OSSL_ENCODER_CTX_set_passphrase(ectx,
+ (const unsigned char *)passout,
+ strlen(passout));
+ }
+
/* PVK is a bit special... */
if (outformat == FORMAT_PVK) {
OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };