security: use DES-EDE3-CBC to encrypt private keys in PKCS #8 format Change-Id: Ib05f8790fdc446eea6c0a8c4f6956aaf059741c6

commit: cafa4026ec5e06d04137a040ba05ed36b4eda86e [log] [tgz]
author: Davide Pesavento <davide.pesavento@lip6.fr> Fri Sep 15 23:20:20 2017 -0400
committer: Davide Pesavento <davide.pesavento@lip6.fr> Fri Sep 15 23:20:20 2017 -0400
tree: 1fb903fdbcdd4d579d39fb2e4e0f04e75e2bef76
parent: c3dfc24ea64bfa108a67cc8b2600a0a4689ccac9 [diff]
diff --git a/src/security/transform/private-key.cpp b/src/security/transform/private-key.cpp
index 17251c4..b7820c3 100644
--- a/src/security/transform/private-key.cpp
+++ b/src/security/transform/private-key.cpp

@@ -312,7 +312,7 @@
   opensslInitAlgorithms();
 
   detail::Bio membio(BIO_s_mem());
-  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_des_cbc(), nullptr, 0,
+  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_des_ede3_cbc(), nullptr, 0,
                                nullptr, const_cast<char*>(pw)))
     BOOST_THROW_EXCEPTION(Error("Cannot convert key to PKCS #8 format"));
 
@@ -329,7 +329,7 @@
   opensslInitAlgorithms();
 
   detail::Bio membio(BIO_s_mem());
-  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_des_cbc(), nullptr, 0,
+  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_des_ede3_cbc(), nullptr, 0,
                                &passwordCallbackWrapper, &pwCallback))
     BOOST_THROW_EXCEPTION(Error("Cannot convert key to PKCS #8 format"));
commit	cafa4026ec5e06d04137a040ba05ed36b4eda86e	[log] [tgz]
author	Davide Pesavento <davide.pesavento@lip6.fr>	Fri Sep 15 23:20:20 2017 -0400
committer	Davide Pesavento <davide.pesavento@lip6.fr>	Fri Sep 15 23:20:20 2017 -0400
tree	1fb903fdbcdd4d579d39fb2e4e0f04e75e2bef76
parent	c3dfc24ea64bfa108a67cc8b2600a0a4689ccac9 [diff]