remoting/base/rsa_key_pair.cc - Issue 27832002: Sign self-signed certs with SHA256. - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(165)

My Issues | Starred Open | Closed | All

Unified Diff: remoting/base/rsa_key_pair.cc

Issue 27832002: Sign self-signed certs with SHA256. (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/

Patch Set: Created 7 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« net/cert/x509_util.cc ('K') | « net/ssl/server_bound_cert_service.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: remoting/base/rsa_key_pair.cc

===================================================================

--- remoting/base/rsa_key_pair.cc (revision 229411)

+++ remoting/base/rsa_key_pair.cc (working copy)

@@ -93,8 +93,12 @@

std::string RsaKeyPair::GenerateCertificate() const {

std::string der_cert;

+ // Certificates are SHA1-signed because |key_| has likely been used to sign

+ // with SHA1 previously, and you should not re-use a key for signing data with

+ // multiple signature algorithms.

net::x509_util::CreateSelfSignedCert(

key_.get(),

+ net::x509_util::DIGEST_SHA1,

"CN=chromoting",

base::RandInt(1, std::numeric_limits<int>::max()),

base::Time::Now(),

« net/cert/x509_util.cc ('K') | « net/ssl/server_bound_cert_service.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698