generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

mk-ca-bundle: added SHA-384 signature algorithm

Browse Source 
Certificates based on SHA-1 are being phased out[1].
So we should expect a rise in certificates based on SHA-2.
Adding SHA-384 as a valid signature algorithm.

[1] https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/

Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
This commit is contained in:
Bruno Thomsen
2014-10-15 12:48:27 +02:00
committed by Daniel Stenberg
parent e64bc7cde6
commit 3621045631
2 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/mk-ca-bundle.1
View File

@@ -87,7 +87,7 @@ each certificate and output when run in plain text mode.
Valid algorithms are: Valid algorithms are:
.RS .RS
ALL, NONE, MD5 (default), SHA1, SHA256, SHA512 ALL, NONE, MD5 (default), SHA1, SHA256, SHA384, SHA512
.RE .RE
.IP -u .IP -u
unlink (remove) certdata.txt after processing unlink (remove) certdata.txt after processing

3
lib/mk-ca-bundle.pl
View File

@@ -56,7 +56,7 @@ $opt_d = 'release';
# If the OpenSSL commandline is not in search path you can configure it here! # If the OpenSSL commandline is not in search path you can configure it here!
my $openssl = 'openssl'; my $openssl = 'openssl';
my $version = '1.23'; my $version = '1.24';
$opt_w = 76; # default base64 encoded lines length $opt_w = 76; # default base64 encoded lines length
@@ -97,6 +97,7 @@ my @valid_signature_algorithms = (
"MD5", "MD5",
"SHA1", "SHA1",
"SHA256", "SHA256",
"SHA384",
"SHA512" "SHA512"
); );