API convention: autodetection of PEM/DER?

[gknocke]

Openssl defines "-inform", "-keyform" etc. We have two possibilities here when parsing input parameters by ourselves:

1. Let the user configure which one to use for each input/output file
2. Try to read input as a PEM. If it failes, try DER and the user don't need to worry about input formats.

What would you prefer?

[Javex]

I think if we have an input line like ---- BEGIN X ---- we should assume PEM. Without it, we could assume DER. Then offer an option to give the format explicitly and we make no assumptions.

I wouldn't like to assume that just because it looks like PEM (i.e. it is base 64 encoded) that it must be PEM. And just giving it to OpenSSL and let it try seems ugly: It will log error messages we have to clear and maybe other stuff.

I suggested we make a detection of our own (maybe OpenSSL even has something for this?) that uses the above condition to decide the format. So kind of a hybrid between both. I especially like the convenience this gives to users.

[Javex]

Seems this is part of external interfaces, right? The library receives the final structures, so this is a decision our interfaces make.