From 20d1f4156394e76c7d9b08013dd04ce6fbc6f949 Mon Sep 17 00:00:00 2001
From: Dimitri Staessens <dimitri@ouroboros.rocks>
Date: Sun, 7 Sep 2025 09:22:44 +0200
Subject: lib: Fail on encrypted PEM keys

The IRMd currently only supports unencrypted PEM keys, and passing an
encrypted one should fail instead of opening a prompt.

Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
---
 src/lib/crypt/openssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lib/crypt/openssl.c b/src/lib/crypt/openssl.c
index 03662914..291a3418 100644
--- a/src/lib/crypt/openssl.c
+++ b/src/lib/crypt/openssl.c
@@ -447,7 +447,7 @@ int openssl_load_privkey_file(const char * path,
         if (fp == NULL)
                 goto fail_file;
 
-        pkey = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
+        pkey = PEM_read_PrivateKey(fp, NULL, NULL, "");
         if (pkey == NULL)
                 goto fail_key;
 
-- 
cgit v1.2.3