Make PKCS#8 the standard write format for private keys, replacing the ancient SSLeay format.

commit: 8125d9f99ceb3fcd81fdd191e85a73b27063383a [log] [tgz]
author: Dr. Stephen Henson <steve@openssl.org> Thu Jan 15 12:52:38 2009 +0000
committer: Dr. Stephen Henson <steve@openssl.org> Thu Jan 15 12:52:38 2009 +0000
tree: 5fb9c3bab07088f694a13e1bea2ce0bb53fbf21b
parent: 8e6925b0cd0ece649fe6b83268528cf8c17adf41 [diff]
diff --git a/CHANGES b/CHANGES
index 829a7da..66e812c 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,6 +4,11 @@
 
  Changes between 0.9.8j and 0.9.9  [xx XXX xxxx]
 
+  *) Make PKCS#8 the default write format for private keys, replacing the
+     traditional format. This form is standardised, more secure and doesn't
+     include an implicit MD5 dependency.
+     [Steve Henson]
+
   *) Add a $gcc_devteam_warn option to Configure. The idea is that any code
      committed to OpenSSL should pass this lot as a minimum.
      [Steve Henson]

diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index cb208a7..8ecf249 100644
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c

@@ -142,7 +142,7 @@
                                                pem_password_cb *cb, void *u)
 	{
 	char pem_str[80];
-	if (!x->ameth || !x->ameth->old_priv_encode)
+	if (!x->ameth || x->ameth->priv_encode)
 		return PEM_write_bio_PKCS8PrivateKey(bp, x, enc,
 							(char *)kstr, klen,
 							cb, u);
commit	8125d9f99ceb3fcd81fdd191e85a73b27063383a	[log] [tgz]
author	Dr. Stephen Henson <steve@openssl.org>	Thu Jan 15 12:52:38 2009 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	Thu Jan 15 12:52:38 2009 +0000
tree	5fb9c3bab07088f694a13e1bea2ce0bb53fbf21b
parent	8e6925b0cd0ece649fe6b83268528cf8c17adf41 [diff]