Make PKCS#8 the standard write format for private keys, replacing the

ancient SSLeay format.
2009-01-15 12:52:38 +00:00 · 2009-01-15 12:52:38 +00:00 · 8125d9f99c
commit 8125d9f99c
parent 8e6925b0cd
2 changed files with 6 additions and 1 deletions
--- a/5
+++ b/5
@ -4,6 +4,11 @@

 Changes between 0.9.8j and 0.9.9  [xx XXX xxxx]

+  *) Make PKCS#8 the default write format for private keys, replacing the
+     traditional format. This form is standardised, more secure and doesn't
+     include an implicit MD5 dependency.
+     [Steve Henson]
+
  *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
     committed to OpenSSL should pass this lot as a minimum.
     [Steve Henson]
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@ -142,7 +142,7 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
                                               pem_password_cb *cb, void *u)
 	{
 	char pem_str[80];
-	if (!x->ameth || !x->ameth->old_priv_encode)
+	if (!x->ameth || x->ameth->priv_encode)
 		return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
 							(char *)kstr, klen,
 							cb, u);