From a240ea8ab840e642eec35d416cd1cf06cbf74eee Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 27 Jun 2012 14:12:01 +0000 Subject: [PATCH] don't use pseudo digests for default values of keys --- ssl/ssl_cert.c | 4 ++-- ssl/t1_lib.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index fcf462d41a..3b05932172 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -164,14 +164,14 @@ static void ssl_cert_set_default_md(CERT *cert) { /* Set digest values to defaults */ #ifndef OPENSSL_NO_DSA - cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_dss1(); + cert->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1(); #endif #ifndef OPENSSL_NO_RSA cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1(); cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1(); #endif #ifndef OPENSSL_NO_ECDSA - cert->pkeys[SSL_PKEY_ECC].digest = EVP_ecdsa(); + cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1(); #endif } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 5b285995ab..4887703116 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2918,7 +2918,7 @@ int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize) */ #ifndef OPENSSL_NO_DSA if (!c->pkeys[SSL_PKEY_DSA_SIGN].digest) - c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_dss1(); + c->pkeys[SSL_PKEY_DSA_SIGN].digest = EVP_sha1(); #endif #ifndef OPENSSL_NO_RSA if (!c->pkeys[SSL_PKEY_RSA_SIGN].digest) @@ -2929,7 +2929,7 @@ int tls1_process_sigalgs(SSL *s, const unsigned char *data, int dsize) #endif #ifndef OPENSSL_NO_ECDSA if (!c->pkeys[SSL_PKEY_ECC].digest) - c->pkeys[SSL_PKEY_ECC].digest = EVP_ecdsa(); + c->pkeys[SSL_PKEY_ECC].digest = EVP_sha1(); #endif return 1; } -- 2.25.1