wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Use SHA256 not MD5 as default digest.

Browse source 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Rich Salz 2015-06-13 17:03:39 -04:00 committed by Rich Salz
parent 6ebe8dac3e
commit f8547f62c2
3 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apps/ca.c
View file

@ -1420,7 +1420,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
} else
BIO_printf(bio_err, "Signature ok\n");
if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL)
goto end;
ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,

2
apps/dgst.c
View file

@ -375,7 +375,7 @@ int dgst_main(int argc, char **argv)
goto end;
}
if (md == NULL)
md = EVP_md5();
md = EVP_sha256();
if (!EVP_DigestInit_ex(mctx, md, impl)) {
BIO_printf(bio_err, "Error setting digest\n");
ERR_print_errors(bio_err);

2
apps/enc.c
View file

@ -306,7 +306,7 @@ int enc_main(int argc, char **argv)
}
if (dgst == NULL)
dgst = EVP_md5();
dgst = EVP_sha256();
/* It must be large enough for a base64 encoded line */
if (base64 && bsize < 80)