summaryrefslogtreecommitdiffstats
path: root/security/nss/lib/cryptohi/secsign.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/cryptohi/secsign.c')
-rw-r--r--security/nss/lib/cryptohi/secsign.c15
1 files changed, 8 insertions, 7 deletions
diff --git a/security/nss/lib/cryptohi/secsign.c b/security/nss/lib/cryptohi/secsign.c
index 1bbdd5384..d06cb2e85 100644
--- a/security/nss/lib/cryptohi/secsign.c
+++ b/security/nss/lib/cryptohi/secsign.c
@@ -312,24 +312,25 @@ SEC_DerSignData(PLArenaPool *arena, SECItem *result,
if (algID == SEC_OID_UNKNOWN) {
switch (pk->keyType) {
case rsaKey:
- algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
+ algID = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
break;
case dsaKey:
/* get Signature length (= q_len*2) and work from there */
switch (PK11_SignatureLen(pk)) {
+ case 320:
+ algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
+ break;
case 448:
algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
break;
case 512:
- algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
- break;
default:
- algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
+ algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
break;
}
break;
case ecKey:
- algID = SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST;
+ algID = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE;
break;
default:
PORT_SetError(SEC_ERROR_INVALID_KEY);
@@ -468,13 +469,13 @@ SEC_GetSignatureAlgorithmOidTag(KeyType keyType, SECOidTag hashAlgTag)
break;
case dsaKey:
switch (hashAlgTag) {
- case SEC_OID_UNKNOWN: /* default for DSA if not specified */
case SEC_OID_SHA1:
sigTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
break;
case SEC_OID_SHA224:
sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
break;
+ case SEC_OID_UNKNOWN: /* default for DSA if not specified */
case SEC_OID_SHA256:
sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
break;
@@ -484,13 +485,13 @@ SEC_GetSignatureAlgorithmOidTag(KeyType keyType, SECOidTag hashAlgTag)
break;
case ecKey:
switch (hashAlgTag) {
- case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
case SEC_OID_SHA1:
sigTag = SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE;
break;
case SEC_OID_SHA224:
sigTag = SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE;
break;
+ case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
case SEC_OID_SHA256:
sigTag = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE;
break;