diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-24 12:36:46 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-16 15:47:10 +0100 |
commit | 9a1fae278a723af8a817e402349af10e82a1e616 (patch) | |
tree | 8b6f6570201716d897828fd2f238831a6e3318c7 /src | |
parent | b26a40b616a90ab6af9408cabf228bdec2e15b69 (diff) | |
download | gnutls-9a1fae278a723af8a817e402349af10e82a1e616.tar.gz |
p11tool: test-sign operation using SHA256 instead of SHA1
This avoids the errors returned from the verification functions due to
SHA1 usage.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/pkcs11.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/pkcs11.c b/src/pkcs11.c index 2d4bfe3fc4..975a97bc57 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -298,7 +298,7 @@ pkcs11_test_sign(FILE * outfile, const char *url, unsigned int flags, exit(1); } - ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA1, 0, &data, &sig); + ret = gnutls_privkey_sign_data(privkey, GNUTLS_DIG_SHA256, 0, &data, &sig); if (ret < 0) { fprintf(stderr, "Cannot sign data: %s\n", gnutls_strerror(ret)); @@ -308,7 +308,7 @@ pkcs11_test_sign(FILE * outfile, const char *url, unsigned int flags, pk = gnutls_pubkey_get_pk_algorithm(pubkey, NULL); fprintf(stderr, "Verifying against private key parameters... "); - ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA1), + ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, &data, &sig); if (ret < 0) { fprintf(stderr, "Cannot verify signed data: %s\n", @@ -337,7 +337,7 @@ pkcs11_test_sign(FILE * outfile, const char *url, unsigned int flags, } fprintf(stderr, "Verifying against public key in the token... "); - ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA1), + ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(pk, GNUTLS_DIG_SHA256), 0, &data, &sig); if (ret < 0) { fprintf(stderr, "Cannot verify signed data: %s\n", |