Move from SHA-1 to SHA-256 as default in programs
diff --git a/programs/pkey/dh_client.c b/programs/pkey/dh_client.c
index 6fb569b..f9a40b5 100644
--- a/programs/pkey/dh_client.c
+++ b/programs/pkey/dh_client.c
@@ -48,7 +48,7 @@
#if !defined(POLARSSL_AES_C) || !defined(POLARSSL_DHM_C) || \
!defined(POLARSSL_ENTROPY_C) || !defined(POLARSSL_NET_C) || \
- !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA1_C) || \
+ !defined(POLARSSL_RSA_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_FS_IO) || !defined(POLARSSL_CTR_DRBG_C)
int main( int argc, char *argv[] )
{
@@ -57,7 +57,7 @@
polarssl_printf("POLARSSL_AES_C and/or POLARSSL_DHM_C and/or POLARSSL_ENTROPY_C "
"and/or POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_FS_IO and/or "
+ "POLARSSL_SHA256_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_CTR_DRBG_C not defined.\n");
return( 0 );
}
@@ -193,7 +193,7 @@
/*
* 5. Check that the server's RSA signature matches
- * the SHA-1 hash of (P,G,Ys)
+ * the SHA-256 hash of (P,G,Ys)
*/
polarssl_printf( "\n . Verifying the server's RSA signature" );
fflush( stdout );
@@ -210,7 +210,7 @@
sha1( buf, (int)( p - 2 - buf ), hash );
if( ( ret = rsa_pkcs1_verify( &rsa, NULL, NULL, RSA_PUBLIC,
- POLARSSL_MD_SHA1, 0, hash, p ) ) != 0 )
+ POLARSSL_MD_SHA256, 0, hash, p ) ) != 0 )
{
polarssl_printf( " failed\n ! rsa_pkcs1_verify returned %d\n\n", ret );
goto exit;
@@ -297,5 +297,5 @@
return( ret );
}
#endif /* POLARSSL_AES_C && POLARSSL_DHM_C && POLARSSL_ENTROPY_C &&
- POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA1_C &&
+ POLARSSL_NET_C && POLARSSL_RSA_C && POLARSSL_SHA256_C &&
POLARSSL_FS_IO && POLARSSL_CTR_DRBG_C */