Switch to use SHA-256 for certificates / fingerprints.

This CL changes identity generation to use SHA-256 for the self-signed certificates and the fingerprints sent in the SDP. BUG=4602 R=juberti@google.com Review URL: https://webrtc-codereview.appspot.com/47149004 Cr-Commit-Position: refs/heads/master@{#9173}
2015-05-12 03:32:11 +02:00
parent cb3e8fe492
commit 1b794d56b7
4 changed files with 18 additions and 8 deletions
--- a/webrtc/base/opensslidentity.cc
+++ b/webrtc/base/opensslidentity.cc
@ -112,7 +112,7 @@ static X509* MakeCertificate(EVP_PKEY* pkey, const SSLIdentityParams& params) {
      !X509_gmtime_adj(X509_get_notAfter(x509), params.not_after))
    goto error;

-  if (!X509_sign(x509, pkey, EVP_sha1()))
+  if (!X509_sign(x509, pkey, EVP_sha256()))
    goto error;

  BN_free(serial_number);