[openssl-project] To use or not use the iconv API, and to use or not use other libraries

Richard Levitte levitte at openssl.org
Tue Jun 12 19:39:02 UTC 2018

In message <F98BDC41-DDC8-4487-88F0-FF272A6771F3 at dukhovni.org> on Tue, 12 Jun 2018 11:06:40 -0400, Viktor Dukhovni <openssl-users at dukhovni.org> said:

openssl-users> > On Jun 7, 2018, at 3:40 PM, Salz, Rich <rsalz at akamai.com> wrote:
openssl-users> > 
openssl-users> > I think you forgot that this is not what I suggested.  One flag indicates it's utf-8 encoded, don't touch it.  The other flag indicates it might have high-bit chars, don't touch it.
openssl-users> The flags I'd like to see are:
openssl-users>   -latin1:  Passphrase is a stream of octets, each of which is a single unicode
openssl-users>             character in the range 0-255.

I would prefer to call it -binary or something like that...  it
certainly comes down to the same thing in practice, and should
translate exactly to the pre-1.1.0 behaviour.

openssl-users>   -utf8:    Passphrase is already utf-8 encoded
openssl-users>   -ascii:   Passphrase must be ASCII, reject inadvertent 8-bit input.

... and if none of these are given?

openssl-users> And as available:
openssl-users>   -toutf8:   Convert passphrase from the input encoding to UTF-8.
openssl-users> 	     Either using the locale-specific encoding, or yet
openssl-users>              another flag:
openssl-users>   -encoding: A platform-specific name for the input encoding understood
openssl-users>              by the system's encoding conversion library (iconv on Unix).

If the availability of -toutf8 depends on the presumed presence of
iconv(), then we can assume that nl_langinfo() is present as well.
That renders -encoding unnecessary, unless you want to use it to
override the locale-specific encoding.


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-project mailing list