diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2009-01-15 12:52:38 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2009-01-15 12:52:38 +0000 |
commit | 8125d9f99ceb3fcd81fdd191e85a73b27063383a (patch) | |
tree | 5fb9c3bab07088f694a13e1bea2ce0bb53fbf21b | |
parent | 8e6925b0cd0ece649fe6b83268528cf8c17adf41 (diff) |
Make PKCS#8 the standard write format for private keys, replacing the
ancient SSLeay format.
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | crypto/pem/pem_pkey.c | 2 |
2 files changed, 6 insertions, 1 deletions
@@ -4,6 +4,11 @@ Changes between 0.9.8j and 0.9.9 [xx XXX xxxx] + *) Make PKCS#8 the default write format for private keys, replacing the + traditional format. This form is standardised, more secure and doesn't + include an implicit MD5 dependency. + [Steve Henson] + *) Add a $gcc_devteam_warn option to Configure. The idea is that any code committed to OpenSSL should pass this lot as a minimum. [Steve Henson] diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index cb208a7518..8ecf24903b 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -142,7 +142,7 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, pem_password_cb *cb, void *u) { char pem_str[80]; - if (!x->ameth || !x->ameth->old_priv_encode) + if (!x->ameth || x->ameth->priv_encode) return PEM_write_bio_PKCS8PrivateKey(bp, x, enc, (char *)kstr, klen, cb, u); |