Most of the conversions to using PKEY were straightforward. One didn’t require any changes (dsa but my memory is suspect). One seemed quite difficult. Some I didn’t check.
Modifying the commands so that they continue to work and print (to stderr) an alternative pkey based command might be workable too. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 24 Feb 2020, at 5:53 am, Viktor Dukhovni <openssl-us...@dukhovni.org> > wrote: > >> On Feb 22, 2020, at 4:53 AM, Richard Levitte <levi...@openssl.org> wrote: >> >> Something that could be done is to take all those aged commands and >> rewrite them as wrappers for genpkey, pkey and pkeyutl. Simply create >> and populate a new argv and call genpkey_main(), pkey_main() or >> pkeyutl_main(). > > Agreed, that sounds quite reasonable at first blush, and could be fantastic > if it can be made to work (no immediate obstacles come to mind). > > -- > Viktor. >
