diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-01 16:32:04 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-01 16:43:42 +0100 |
| commit | 30cc17e13ea61f1866d76487057f380f14a23961 (patch) | |
| tree | 9c99a770610cb7d9ecea4c61481cc411dae1a943 | |
| parent | 5b951875c455454da849caf7115212865e6c6533 (diff) | |
| download | gnutls-30cc17e13ea61f1866d76487057f380f14a23961.tar.gz | |
doc: no longer list SHA1 as a safe choice in X.509 signing
| -rw-r--r-- | lib/x509/crl_write.c | 4 | ||||
| -rw-r--r-- | lib/x509/x509_write.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/lib/x509/crl_write.c b/lib/x509/crl_write.c index ce0beb5dbc..2cc1a75694 100644 --- a/lib/x509/crl_write.c +++ b/lib/x509/crl_write.c @@ -77,7 +77,7 @@ gnutls_x509_crl_set_version(gnutls_x509_crl_t crl, unsigned int version) * @crl: should contain a gnutls_x509_crl_t type * @issuer: is the certificate of the certificate issuer * @issuer_key: holds the issuer's private key - * @dig: The message digest to use. GNUTLS_DIG_SHA1 is the safe choice unless you know what you're doing. + * @dig: The message digest to use. GNUTLS_DIG_SHA256 is the safe choice unless you know what you're doing. * @flags: must be 0 * * This function will sign the CRL with the issuer's private key, and @@ -446,7 +446,7 @@ gnutls_x509_crl_set_number(gnutls_x509_crl_t crl, * @crl: should contain a gnutls_x509_crl_t type * @issuer: is the certificate of the certificate issuer * @issuer_key: holds the issuer's private key - * @dig: The message digest to use. GNUTLS_DIG_SHA1 is the safe choice unless you know what you're doing. + * @dig: The message digest to use. GNUTLS_DIG_SHA256 is the safe choice unless you know what you're doing. * @flags: must be 0 * * This function will sign the CRL with the issuer's private key, and diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index bc6eb2eb81..c2293dac93 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -1057,7 +1057,7 @@ gnutls_x509_crt_set_private_key_usage_period(gnutls_x509_crt_t crt, * @crt: a certificate of type #gnutls_x509_crt_t * @issuer: is the certificate of the certificate issuer * @issuer_key: holds the issuer's private key - * @dig: The message digest to use, %GNUTLS_DIG_SHA1 is a safe choice + * @dig: The message digest to use, %GNUTLS_DIG_SHA256 is a safe choice * @flags: must be 0 * * This function will sign the certificate with the issuer's private key, and @@ -1705,7 +1705,7 @@ gnutls_x509_crt_set_key_purpose_oid(gnutls_x509_crt_t cert, * @crt: a certificate of type #gnutls_x509_crt_t * @issuer: is the certificate of the certificate issuer * @issuer_key: holds the issuer's private key - * @dig: The message digest to use, %GNUTLS_DIG_SHA1 is a safe choice + * @dig: The message digest to use, %GNUTLS_DIG_SHA256 is a safe choice * @flags: must be 0 * * This function will sign the certificate with the issuer's private key, and |