On Thu, Oct 30, 2014, Carl Tietjen wrote: > Hey folks, > > I am trying to get (export) a raw EC private key in the PKCS#8 format. > > I am using the function i2d_PrivateKey (in i2d_pr.c). The problem is that > this code first checks to see if there is an old method (i.e. > a->ameth->old_priv_encode) and if there is, it uses that method and returns. > If there is not an old method, then it continues on and exports the key using > the a->ameth->priv_encode method, which is PKCS#8. > > 1) I can't seem to find anyway (option or API) to make it so that there will > not be an old method. (i.e. Is there some flag I can set or some API I can > call to specify which method I want to be the default?) > > 2) It seems that this function has the priority wrong (i.e. bug). It seems > it should use the newer method first and fall back to the old method, rather > than what it does now, which is use the old method first and only use the > newer method if there is not an old method. > >
There is always a new method so if it used the new method first the old method would never be called. The existing functionality is retained for compatibility. You can use i2d_PKCS8PrivateKey_bio() to export in encrypted or unencrypted PKCS#8 form form. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
