diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-25 16:33:26 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-03 11:57:52 +0200 |
commit | e8b944e870a7247e0a8e541405b9e32b310ea8eb (patch) | |
tree | e5cfc5b9767b0d5f4644c48ca10b6ff9c407ec63 /lib/algorithms.h | |
parent | f24d8170bdfe14d1fdffb7e8239e2c6cd512ec6b (diff) | |
download | gnutls-e8b944e870a7247e0a8e541405b9e32b310ea8eb.tar.gz |
gnutls_x509_privkey_generate2: do not hardcode the RSA-PSS hash to SHA256
Instead use _gnutls_pk_bits_to_sha_hash() to set an appropriate hash
for the number of bits of the key. This matches better the "intention"
of RSA-PSS or tying the security parameter with the salt and hash.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/algorithms.h')
-rw-r--r-- | lib/algorithms.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/algorithms.h b/lib/algorithms.h index ca137a83ac..46f411e685 100644 --- a/lib/algorithms.h +++ b/lib/algorithms.h @@ -334,6 +334,7 @@ const sign_algorithm_st *_gnutls_sign_to_tls_aid(gnutls_sign_algorithm_t sign); unsigned int _gnutls_pk_bits_to_subgroup_bits(unsigned int pk_bits); +gnutls_digest_algorithm_t _gnutls_pk_bits_to_sha_hash(unsigned int pk_bits); bool _gnutls_pk_is_not_prehashed(gnutls_pk_algorithm_t algorithm); |