security: use AES-256 for private key encryption in PKCS #8 export Change-Id: Ibe8bb7270017bf9b5241044c983b4df359d73185

commit: ee77ca017aa8819eb31e38e543aa1390bbfcb9a5 [log] [tgz]
author: Davide Pesavento <davide.pesavento@lip6.fr> Wed Oct 10 01:45:24 2018 -0400
committer: Davide Pesavento <davide.pesavento@lip6.fr> Sat Oct 13 22:49:29 2018 -0400
tree: 66fc1e73ab9c97d51b19e5154d5840a30c77d0a9
parent: 3e39a4d6a3c9c0717b4a22a5df82ce5f84ff9da8 [diff]
diff --git a/src/security/transform/private-key.cpp b/src/security/transform/private-key.cpp
index 4c6a763..1a6fc08 100644
--- a/src/security/transform/private-key.cpp
+++ b/src/security/transform/private-key.cpp

@@ -322,7 +322,7 @@
   opensslInitAlgorithms();
 
   detail::Bio membio(BIO_s_mem());
-  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_des_ede3_cbc(), nullptr, 0,
+  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_aes_256_cbc(), nullptr, 0,
                                nullptr, const_cast<char*>(pw)))
     BOOST_THROW_EXCEPTION(Error("Cannot convert key to PKCS #8 format"));
 
@@ -339,7 +339,7 @@
   opensslInitAlgorithms();
 
   detail::Bio membio(BIO_s_mem());
-  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_des_ede3_cbc(), nullptr, 0,
+  if (!i2d_PKCS8PrivateKey_bio(membio, m_impl->key, EVP_aes_256_cbc(), nullptr, 0,
                                &passwordCallbackWrapper, &pwCallback))
     BOOST_THROW_EXCEPTION(Error("Cannot convert key to PKCS #8 format"));
commit	ee77ca017aa8819eb31e38e543aa1390bbfcb9a5	[log] [tgz]
author	Davide Pesavento <davide.pesavento@lip6.fr>	Wed Oct 10 01:45:24 2018 -0400
committer	Davide Pesavento <davide.pesavento@lip6.fr>	Sat Oct 13 22:49:29 2018 -0400
tree	66fc1e73ab9c97d51b19e5154d5840a30c77d0a9
parent	3e39a4d6a3c9c0717b4a22a5df82ce5f84ff9da8 [diff]