aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey/pk_codecs
diff options
context:
space:
mode:
Diffstat (limited to 'src/pubkey/pk_codecs')
-rw-r--r--src/pubkey/pk_codecs/pkcs8.cpp2
-rw-r--r--src/pubkey/pk_codecs/pkcs8.h10
2 files changed, 5 insertions, 7 deletions
diff --git a/src/pubkey/pk_codecs/pkcs8.cpp b/src/pubkey/pk_codecs/pkcs8.cpp
index 6cbdabac0..830f3a10d 100644
--- a/src/pubkey/pk_codecs/pkcs8.cpp
+++ b/src/pubkey/pk_codecs/pkcs8.cpp
@@ -168,7 +168,7 @@ void encrypt_key(const Private_Key& key,
const std::string& pass, const std::string& pbe_algo,
X509_Encoding encoding)
{
- const std::string DEFAULT_PBE = "PBE-PKCS5v20(SHA-1,TripleDES/CBC)";
+ const std::string DEFAULT_PBE = "PBE-PKCS5v20(SHA-1,AES-128/CBC)";
Pipe raw_key;
raw_key.start_msg();
diff --git a/src/pubkey/pk_codecs/pkcs8.h b/src/pubkey/pk_codecs/pkcs8.h
index 28008bdba..adfad0e63 100644
--- a/src/pubkey/pk_codecs/pkcs8.h
+++ b/src/pubkey/pk_codecs/pkcs8.h
@@ -82,9 +82,8 @@ BOTAN_DLL void encode(const Private_Key& key, Pipe& pipe,
* @param pipe the pipe to feed the encoded key into
* @param pass the password to use for encryption
* @param rng the rng to use
-* @param pbe_algo the name of the desired password-based encryption algorithm.
-* Provide an empty string to use the default PBE defined in the configuration
-* under base/default_pbe.
+* @param pbe_algo the name of the desired password-based encryption algorithm;
+ if empty ("") a reasonable (portable/secure) default will be chosen.
* @param enc the encoding type to use
*/
BOTAN_DLL void encrypt_key(const Private_Key& key,
@@ -108,9 +107,8 @@ BOTAN_DLL std::string PEM_encode(const Private_Key& key);
* @param key the key to encode
* @param rng the rng to use
* @param pass the password to use for encryption
-* @param pbe_algo the name of the desired password-based encryption algorithm.
-* Provide an empty string to use the default PBE defined in the configuration
-* under base/default_pbe.
+* @param pbe_algo the name of the desired password-based encryption algorithm;
+ if empty ("") a reasonable (portable/secure) default will be chosen.
*/
BOTAN_DLL std::string PEM_encode(const Private_Key& key,
RandomNumberGenerator& rng,