Move from SHA-1 to SHA-256 as default in programs
diff --git a/programs/pkey/pk_verify.c b/programs/pkey/pk_verify.c
index 0ce45f6..55f977c 100644
--- a/programs/pkey/pk_verify.c
+++ b/programs/pkey/pk_verify.c
@@ -45,7 +45,7 @@
#endif
#if !defined(POLARSSL_BIGNUM_C) || \
- !defined(POLARSSL_SHA1_C) || !defined(POLARSSL_PK_PARSE_C) || \
+ !defined(POLARSSL_SHA256_C) || !defined(POLARSSL_PK_PARSE_C) || \
!defined(POLARSSL_FS_IO)
int main( int argc, char *argv[] )
{
@@ -53,7 +53,7 @@
((void) argv);
polarssl_printf("POLARSSL_BIGNUM_C and/or "
- "POLARSSL_SHA1_C and/or POLARSSL_PK_PARSE_C and/or "
+ "POLARSSL_SHA256_C and/or POLARSSL_PK_PARSE_C and/or "
"POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@@ -108,10 +108,10 @@
fclose( f );
/*
- * Compute the SHA-1 hash of the input file and compare
+ * Compute the SHA-256 hash of the input file and compare
* it with the hash decrypted from the signature.
*/
- polarssl_printf( "\n . Verifying the SHA-1 signature" );
+ polarssl_printf( "\n . Verifying the SHA-256 signature" );
fflush( stdout );
if( ( ret = sha1_file( argv[2], hash ) ) != 0 )
@@ -120,14 +120,14 @@
goto exit;
}
- if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA1, hash, 0,
+ if( ( ret = pk_verify( &pk, POLARSSL_MD_SHA256, hash, 0,
buf, i ) ) != 0 )
{
polarssl_printf( " failed\n ! pk_verify returned -0x%04x\n", -ret );
goto exit;
}
- polarssl_printf( "\n . OK (the decrypted SHA-1 hash matches)\n\n" );
+ polarssl_printf( "\n . OK (the decrypted SHA-256 hash matches)\n\n" );
ret = 0;
@@ -146,5 +146,5 @@
return( ret );
}
-#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA1_C &&
+#endif /* POLARSSL_BIGNUM_C && POLARSSL_SHA256_C &&
POLARSSL_PK_PARSE_C && POLARSSL_FS_IO */