In creating X.509 certificates and PKCS #10 requests, let (actually: require)

the user to specify the hash function to use, instead of always using SHA-1. This was a sensible default a few years ago, when there wasn't a ~2^60 attack on SHA-1 and support for SHA-2 was pretty much nil, but using something else makes a lot more sense these days.
author: lloyd <[email protected]> 2009-11-09 13:22:52 +0000
committer: lloyd <[email protected]> 2009-11-09 13:22:52 +0000
commit: 4049ba134674d78c07c8b0453cb5e5f312469639 (patch)
tree: b9214ede8da1600a46560fe061017fa124b2b465 /doc/examples/pkcs10.cpp
parent: b5d4cf01a893718c8796652f3cf0f68b867bab94 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/examples/pkcs10.cpp b/doc/examples/pkcs10.cpp
index d719baf72..d9fa9accb 100644
--- a/doc/examples/pkcs10.cpp
+++ b/doc/examples/pkcs10.cpp
@@ -59,7 +59,7 @@ int main(int argc, char* argv[])
 
       opts.xmpp = "[email protected]";
 
-      PKCS10_Request req = X509::create_cert_req(opts, priv_key, rng);
+      PKCS10_Request req = X509::create_cert_req(opts, priv_key, "SHA-1", rng);
 
       std::ofstream req_file("req.pem");
       req_file << req.PEM_encode();
author	lloyd <[email protected]>	2009-11-09 13:22:52 +0000
committer	lloyd <[email protected]>	2009-11-09 13:22:52 +0000
commit	4049ba134674d78c07c8b0453cb5e5f312469639 (patch)
tree	b9214ede8da1600a46560fe061017fa124b2b465 /doc/examples/pkcs10.cpp
parent	b5d4cf01a893718c8796652f3cf0f68b867bab94 (diff)