diff options
author | lloyd <[email protected]> | 2009-11-09 13:22:52 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2009-11-09 13:22:52 +0000 |
commit | 4049ba134674d78c07c8b0453cb5e5f312469639 (patch) | |
tree | b9214ede8da1600a46560fe061017fa124b2b465 /src/cert/x509/x509self.h | |
parent | b5d4cf01a893718c8796652f3cf0f68b867bab94 (diff) |
In creating X.509 certificates and PKCS #10 requests, let (actually: require)
the user to specify the hash function to use, instead of always using SHA-1.
This was a sensible default a few years ago, when there wasn't a ~2^60 attack
on SHA-1 and support for SHA-2 was pretty much nil, but using something else
makes a lot more sense these days.
Diffstat (limited to 'src/cert/x509/x509self.h')
-rw-r--r-- | src/cert/x509/x509self.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/cert/x509/x509self.h b/src/cert/x509/x509self.h index bd3e29179..741350067 100644 --- a/src/cert/x509/x509self.h +++ b/src/cert/x509/x509self.h @@ -172,12 +172,14 @@ namespace X509 { * @param opts the options defining the certificate to create * @param key the private key used for signing, i.e. the key * associated with this self-signed certificate +* @param hash_fn the hash function to use * @param rng the rng to use * @return the newly created self-signed certificate */ BOTAN_DLL X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts, const Private_Key& key, + const std::string& hash_fn, RandomNumberGenerator& rng); /** @@ -185,10 +187,12 @@ create_self_signed_cert(const X509_Cert_Options& opts, * @param opts the options defining the request to create * @param key the key used to sign this request * @param rng the rng to use +* @param hash_fn the hash function to use * @return the newly created PKCS#10 request */ BOTAN_DLL PKCS10_Request create_cert_req(const X509_Cert_Options& opts, const Private_Key& key, + const std::string& hash_fn, RandomNumberGenerator& rng); } |