projects / oweals / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6ebe8da)
Use SHA256 not MD5 as default digest.
authorRich Salz <rsalz@akamai.com>
Sat, 13 Jun 2015 21:03:39 +0000 (17:03 -0400)
committerRich Salz <rsalz@openssl.org>
Fri, 11 Dec 2015 16:59:59 +0000 (11:59 -0500)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
apps/ca.c patch | blob | history
apps/dgst.c patch | blob | history
apps/enc.c patch | blob | history

diff --git a/apps/ca.c b/apps/ca.c
index f6ba23926bb73b16a9b95ba13b2ebd5ef3be0b5e..535526ce308ad171e71bb61c4df6c89c12dc583f 100644 (file)
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1420,7 +1420,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
     } else
         BIO_printf(bio_err, "Signature ok\n");
 
-    if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
+    if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL)
         goto end;
 
     ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
diff --git a/apps/dgst.c b/apps/dgst.c
index e62a8de4133ce98930c5114cddac857c94123d23..fb09a45cd0464b1dfac6463d1cc3a3c6b3c4b6f6 100644 (file)
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -375,7 +375,7 @@ int dgst_main(int argc, char **argv)
             goto end;
         }
         if (md == NULL)
-            md = EVP_md5();
+            md = EVP_sha256();
         if (!EVP_DigestInit_ex(mctx, md, impl)) {
             BIO_printf(bio_err, "Error setting digest\n");
             ERR_print_errors(bio_err);
diff --git a/apps/enc.c b/apps/enc.c
index b0c82d6a34eba452c85ce736d9de1c1b70697862..cf021856e13e36388f1e047aa533fd43d99f587b 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -306,7 +306,7 @@ int enc_main(int argc, char **argv)
     }
 
     if (dgst == NULL)
-        dgst = EVP_md5();
+        dgst = EVP_sha256();
 
     /* It must be large enough for a base64 encoded line */
     if (base64 && bsize < 80)
Unnamed repository; edit this file 'description' to name the repository.