提交 f8547f62 编写于 作者: R Rich Salz 提交者: Rich Salz

Use SHA256 not MD5 as default digest.

Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
上级 6ebe8dac
......@@ -1420,7 +1420,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
} else
BIO_printf(bio_err, "Signature ok\n");
if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL)
goto end;
ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
......
......@@ -375,7 +375,7 @@ int dgst_main(int argc, char **argv)
goto end;
}
if (md == NULL)
md = EVP_md5();
md = EVP_sha256();
if (!EVP_DigestInit_ex(mctx, md, impl)) {
BIO_printf(bio_err, "Error setting digest\n");
ERR_print_errors(bio_err);
......
......@@ -306,7 +306,7 @@ int enc_main(int argc, char **argv)
}
if (dgst == NULL)
dgst = EVP_md5();
dgst = EVP_sha256();
/* It must be large enough for a base64 encoded line */
if (base64 && bsize < 80)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册