From e7dfc3ca6b86f6dc59d22113d3f356f71b2957a9 Mon Sep 17 00:00:00 2001
From: Michael Gebetsroither <mgebetsroither@mgit.at>
Date: Wed, 18 Nov 2015 15:54:49 +0100
Subject: [PATCH] use AES256 for key encryption

---
 pkix/key.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkix/key.go b/pkix/key.go
index 2684b12..ed7d399 100644
--- a/pkix/key.go
+++ b/pkix/key.go
@@ -123,7 +123,7 @@ func (k *Key) ExportEncryptedPrivate(password []byte) ([]byte, error) {
 		return nil, errors.New("only RSA private key is supported")
 	}
 
-	privPEMBlock, err := x509.EncryptPEMBlock(rand.Reader, rsaPrivateKeyPEMBlockType, privBytes, password, x509.PEMCipher3DES)
+	privPEMBlock, err := x509.EncryptPEMBlock(rand.Reader, rsaPrivateKeyPEMBlockType, privBytes, password, x509.PEMCipherAES256)
 	if err != nil {
 		return nil, err
 	}