diff options
author | Juan Castillo <juan.castillo@arm.com> | 2015-02-16 10:34:28 +0000 |
---|---|---|
committer | Juan Castillo <juan.castillo@arm.com> | 2015-03-05 16:40:07 +0000 |
commit | ea4ec3aad5e15225e8fbdd638872bdceeb96a8dc (patch) | |
tree | f99bbc98bea51ba67c32bd92363f655d5a099c26 /tools | |
parent | 5930eadbe5d8d4c3f15fd910476f72cd5bf86f44 (diff) |
TBB: use SHA256 to generate the certificate signatures
This patch replaces SHA1 by SHA256 in the 'cert_create' tool, so
certificate signatures are generated according to the NSA Suite B
cryptographic algorithm requirements.
Documentation updated accordingly.
Change-Id: I7be79e6b2b62dac8dc78a4f4f5006e37686bccf6
Diffstat (limited to 'tools')
-rw-r--r-- | tools/cert_create/src/cert.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/cert_create/src/cert.c b/tools/cert_create/src/cert.c index 9705643d..22fe3d58 100644 --- a/tools/cert_create/src/cert.c +++ b/tools/cert_create/src/cert.c @@ -170,7 +170,7 @@ int cert_new(cert_t *cert, int days, int ca, STACK_OF(X509_EXTENSION) * sk) } /* Sign the certificate with the issuer key */ - if (!X509_sign(x, ikey, EVP_sha1())) { + if (!X509_sign(x, ikey, EVP_sha256())) { ERR_print_errors_fp(stdout); return 0; } |