Update pkcs8 defaults.

 Changes between 1.0.2g and 1.1.0  [xx XXX xxxx]

  *) Change default algorithms in pkcs8 utility to use PKCS#5 v2.0,

     256 bit AES and HMAC with SHA256.

     [Steve Henson]

  *) Remove support for MIPS o32 ABI on IRIX (and IRIX only).

     [Andy Polyakov]

                           "%s: Unknown PRF algorithm %s\n", prog, opt_arg());

                goto opthelp;

            }

            if (cipher == NULL)

                cipher = EVP_aes_256_cbc();

            break;

        case OPT_ITER:

            if (!opt_int(opt_arg(), &iter))

        goto end;

    }

    if ((pbe_nid == -1) && !cipher)

        pbe_nid = NID_pbeWithMD5AndDES_CBC;

    if ((pbe_nid == -1) && cipher == NULL)

        cipher = EVP_aes_256_cbc();

    in = bio_open_default(infile, 'r', informat);

    if (in == NULL)

    if ((prf_nid == -1) &&

        EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {

        ERR_clear_error();

        prf_nid = NID_hmacWithSHA1;

        prf_nid = NID_hmacWithSHA256;

    }

    EVP_CIPHER_CTX_free(ctx);

    ctx = NULL;

=item B<-v2 alg>

This option enables the use of PKCS#5 v2.0 algorithms. Normally PKCS#8

private keys are encrypted with the password based encryption algorithm

called B<pbeWithMD5AndDES-CBC> this uses 56 bit DES encryption but it

was the strongest encryption algorithm supported in PKCS#5 v1.5. Using 

the B<-v2> option PKCS#5 v2.0 algorithms are used which can use any

encryption algorithm such as 168 bit triple DES or 128 bit RC2 however

not many implementations support PKCS#5 v2.0 yet. If you are just using

private keys with OpenSSL then this doesn't matter.

This option sets the PKCS#5 v2.0 algorithm.

The B<alg> argument is the encryption algorithm to use, valid values include

B<des>, B<des3> and B<rc2>. It is recommended that B<des3> is used.

B<aes128>, B<aes256> and B<des3>. If this option isn't specified then B<aes256>

is used.

=item B<-v2prf alg>

This option sets the PRF algorithm to use with PKCS#5 v2.0. A typical value

values would be B<hmacWithSHA256>. If this option isn't set then the default

for the cipher is used or B<hmacWithSHA1> if there is no default.

value would be B<hmacWithSHA256>. If this option isn't set then the default

for the cipher is used or B<hmacWithSHA256> if there is no default.

Some implementations may not support custom PRF algorithms and may require

the B<hmacWithSHA1> option to work.

=item B<-v1 alg>

This option specifies a PKCS#5 v1.5 or PKCS#12 algorithm to use. A complete

list of possible algorithms is included below.

This option indicates a PKCS#5 v1.5 or PKCS#12 algorithm should be used.  Some

older implementations may not support PKCS#5 v2.0 and may require this option.

If not specified PKCS#5 v2.0 for is used.

=item B<-engine id>

=head1 NOTES

By default, when converting a key to PKCS#8 format, PKCS#5 v2.0 using 256 bit

AES with HMAC and SHA256 is used.

Some older implementations do not support PKCS#5 v2.0 format and require

the older PKCS#5 v1.5 form instead, possibly also requiring insecure weak

encryption algorithms such as 56 bit DES.

The encrypted form of a PEM encode PKCS#8 files uses the following

headers and footers:

SSLeay compatible formats. So if additional security is considered

important the keys should be converted.

The default encryption is only 56 bits because this is the encryption

that most current implementations of PKCS#8 will support.

Some software may use PKCS#12 password based encryption algorithms

with PKCS#8 format private keys: these are handled automatically

but there is no option to produce them.

It is possible to write out DER encoded encrypted private keys in

PKCS#8 format because the encryption details are included at an ASN1

level whereas the traditional format includes them at a PEM level.