- if (isder)
- ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
- else
- ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
+ X509_SIG *p8;
+ PKCS8_PRIV_KEY_INFO *p8inf;
+ char buf[PEM_BUFSIZE];
+
+ ret = 0;
+ if ((p8inf = EVP_PKEY2PKCS8(x)) == NULL) {
+ PEMerr(PEM_F_DO_PK8PKEY, PEM_R_ERROR_CONVERTING_PRIVATE_KEY);
+ goto legacy_end;
+ }
+ if (enc || (nid != -1)) {
+ if (kstr == NULL) {
+ klen = cb(buf, PEM_BUFSIZE, 1, u);
+ if (klen <= 0) {
+ PEMerr(PEM_F_DO_PK8PKEY, PEM_R_READ_KEY);
+ goto legacy_end;
+ }
+
+ kstr = buf;
+ }
+ p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
+ if (kstr == buf)
+ OPENSSL_cleanse(buf, klen);
+ if (p8 == NULL)
+ goto legacy_end;
+ if (isder)
+ ret = i2d_PKCS8_bio(bp, p8);
+ else
+ ret = PEM_write_bio_PKCS8(bp, p8);
+ X509_SIG_free(p8);
+ } else {
+ if (isder)
+ ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf);
+ else
+ ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf);
+ }
+ legacy_end: