From d829a3a94494b06af8d52d9181cdd00c26b81084 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Mon, 30 Apr 2018 13:26:16 +0300
Subject: [PATCH 2/5] pkey.getPrivateKey: encryption

---
 src/openssl.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/openssl.c b/src/openssl.c
index 0df6b61..a32dd1a 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -31,7 +31,7 @@
 
 #include <limits.h>       /* INT_MAX INT_MIN LLONG_MAX LLONG_MIN UCHAR_MAX ULLONG_MAX */
 #include <stdint.h>       /* uintptr_t */
-#include <string.h>       /* memset(3) strerror_r(3) */
+#include <string.h>       /* memset(3) strerror_r(3) strlen(3) */
 #include <math.h>         /* INFINITY fabs(3) floor(3) frexp(3) fmod(3) round(3) isfinite(3) */
 #include <time.h>         /* struct tm time_t strptime(3) time(2) */
 #include <ctype.h>        /* isdigit(3), isxdigit(3), tolower(3) */
@@ -4104,11 +4104,23 @@ static int pk_toPEM(lua_State *L) {
 
 
 static int pk_getPrivateKey(lua_State *L) {
+	EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
+	const char *cname = luaL_optstring(L, 2, NULL);
+	const char *pass = NULL;
+	EVP_CIPHER *cipher = NULL;
+
+	if (cname) {
+		pass = luaL_checkstring(L, 3);
+		cipher = EVP_get_cipherbyname(cname);
+		if (!cipher)
+			return luaL_error(L, "pkey:getPrivateKey: unknown cipher: %s", cname);
+	}
+
 	BIO *bio = getbio(L);
 	char *str;
 	long len;
 
-	if (!PEM_write_bio_PrivateKey(bio, checksimple(L, 1, PKEY_CLASS), 0, 0, 0, 0, 0))
+	if (!PEM_write_bio_PrivateKey(bio, key, cipher, pass, pass ? strlen(pass) : 0, 0, 0))
 		return auxL_error(L, auxL_EOPENSSL, "pkey:getPrivateKey");
 	len = BIO_get_mem_data(bio, &str);
 	lua_pushlstring(L, str, len);
-- 
2.18.0