diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2016-06-20 20:21:19 -0400 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-06-20 19:21:19 -0500 |
commit | 101c311c1c757a9654dbf078abd911cf5324d0a6 (patch) | |
tree | 526e8546171d7f608b1f32653182de3c8adc3eea /src | |
parent | 8feef6872638af1f320147b9df4da3056491cb59 (diff) | |
download | cryptography-101c311c1c757a9654dbf078abd911cf5324d0a6.tar.gz cryptography-101c311c1c757a9654dbf078abd911cf5324d0a6.tar.bz2 cryptography-101c311c1c757a9654dbf078abd911cf5324d0a6.zip |
Rewrite a comment. (#3004)
d2i_AutoPrivateKey is less useful than we thought
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 7343fdb0..9c0af350 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -1078,10 +1078,10 @@ class Backend(object): self._handle_key_loading_error() def load_der_private_key(self, data, password): - # OpenSSL has a function called d2i_AutoPrivateKey that can simplify - # this. Unfortunately it doesn't properly support PKCS8 on OpenSSL - # 0.9.8 so we can't use it. Instead we sequentially try to load it 2 - # different ways. First we'll try to load it as a traditional key + # OpenSSL has a function called d2i_AutoPrivateKey that in theory + # handles this automatically, however it doesn't handle encrypted + # private keys. Instead we try to load the key two different ways. + # First we'll try to load it as a traditional key. bio_data = self._bytes_to_bio(data) key = self._evp_pkey_from_der_traditional_key(bio_data, password) if key: |