diff options
author | Daiki Ueno <dueno@redhat.com> | 2017-11-07 15:50:59 +0100 |
---|---|---|
committer | Daiki Ueno <dueno@redhat.com> | 2017-11-07 15:50:59 +0100 |
commit | bba7ab6d1e8e14202cfc7bd1e373b870b54ab26f (patch) | |
tree | 851e72a91a51a3ae95ef74d8928ffcc22fdd7f21 | |
parent | ee5cd9205248dc002160e8454a6273e100dc57df (diff) | |
download | nss-hg-bba7ab6d1e8e14202cfc7bd1e373b870b54ab26f.tar.gz |
Bug 1415187, certutil: Create non-restricted RSA-PSS certificate unless -Z is given, r=hkario, r=kaie
-rw-r--r-- | cmd/certutil/certutil.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/cmd/certutil/certutil.c b/cmd/certutil/certutil.c index 5f637e11c..f0ecf3284 100644 --- a/cmd/certutil/certutil.c +++ b/cmd/certutil/certutil.c @@ -228,7 +228,8 @@ CertReq(SECKEYPrivateKey *privk, SECKEYPublicKey *pubk, KeyType keyType, spki->algorithm.parameters.data = NULL; rv = SECOID_SetAlgorithmID(arena, &spki->algorithm, - SEC_OID_PKCS1_RSA_PSS_SIGNATURE, params); + SEC_OID_PKCS1_RSA_PSS_SIGNATURE, + hashAlgTag == SEC_OID_UNKNOWN ? NULL : params); if (rv != SECSuccess) { PORT_FreeArena(arena, PR_FALSE); SECKEY_DestroySubjectPublicKeyInfo(spki); |