diff options
| author | B Stack <bgstack15@gmail.com> | 2019-07-16 13:25:19 +0000 |
|---|---|---|
| committer | B Stack <bgstack15@gmail.com> | 2019-07-16 13:25:19 +0000 |
| commit | 240c7ecb12cd1ebb9780de70c4d15b0a84854020 (patch) | |
| tree | 6fb69bb5ec481b1ce68892d0b4c14e7bb75e66c2 /openssl-freefilesync/openssl-1.1.1-ts-sha256-default.patch | |
| parent | freefilesync dpkg add unzip (diff) | |
| parent | Merge branch 'freefilesync-rpm' into 'freefilesync-bump' (diff) | |
| download | stackrpms-240c7ecb12cd1ebb9780de70c4d15b0a84854020.tar.gz stackrpms-240c7ecb12cd1ebb9780de70c4d15b0a84854020.tar.bz2 stackrpms-240c7ecb12cd1ebb9780de70c4d15b0a84854020.zip | |
Merge branch 'freefilesync-bump' into 'master'
Freefilesync 10.14
See merge request bgstack15/stackrpms!73
Diffstat (limited to 'openssl-freefilesync/openssl-1.1.1-ts-sha256-default.patch')
| -rw-r--r-- | openssl-freefilesync/openssl-1.1.1-ts-sha256-default.patch | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/openssl-freefilesync/openssl-1.1.1-ts-sha256-default.patch b/openssl-freefilesync/openssl-1.1.1-ts-sha256-default.patch new file mode 100644 index 0000000..d99dc47 --- /dev/null +++ b/openssl-freefilesync/openssl-1.1.1-ts-sha256-default.patch @@ -0,0 +1,50 @@ +diff --git a/apps/ts.c b/apps/ts.c +index 63c5210183..4ef8a72eef 100644 +--- a/apps/ts.c ++++ b/apps/ts.c +@@ -425,7 +425,7 @@ static TS_REQ *create_query(BIO *data_bio, const char *digest, const EVP_MD *md, + ASN1_OBJECT *policy_obj = NULL; + ASN1_INTEGER *nonce_asn1 = NULL; + +- if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL) ++ if (md == NULL && (md = EVP_get_digestbyname("sha256")) == NULL) + goto err; + if ((ts_req = TS_REQ_new()) == NULL) + goto err; +diff --git a/doc/man1/ts.pod b/doc/man1/ts.pod +index 078905a845..83b8fe4350 100644 +--- a/doc/man1/ts.pod ++++ b/doc/man1/ts.pod +@@ -517,7 +517,7 @@ included. Default is no. (Optional) + =item B<ess_cert_id_alg> + + This option specifies the hash function to be used to calculate the TSA's +-public key certificate identifier. Default is sha1. (Optional) ++public key certificate identifier. Default is sha256. (Optional) + + =back + +@@ -529,7 +529,7 @@ openssl/apps/openssl.cnf will do. + + =head2 Time Stamp Request + +-To create a time stamp request for design1.txt with SHA-1 ++To create a time stamp request for design1.txt with SHA-256 + without nonce and policy and no certificate is required in the response: + + openssl ts -query -data design1.txt -no_nonce \ +@@ -545,12 +545,12 @@ To print the content of the previous request in human readable format: + + openssl ts -query -in design1.tsq -text + +-To create a time stamp request which includes the MD-5 digest ++To create a time stamp request which includes the SHA-512 digest + of design2.txt, requests the signer certificate and nonce, + specifies a policy id (assuming the tsa_policy1 name is defined in the + OID section of the config file): + +- openssl ts -query -data design2.txt -md5 \ ++ openssl ts -query -data design2.txt -sha512 \ + -tspolicy tsa_policy1 -cert -out design2.tsq + + =head2 Time Stamp Response |