Bug 1035470: Use signature algorithm OID instead of digest algorithm OID in the signature field of certificates in mozilla::pkix tests, r=cviecco
authorBrian Smith <brian@briansmith.org>
Mon, 07 Jul 2014 00:46:10 -0700
changeset 192759 2fd971f1a91bba2739ecde89be1d851f60903691
parent 192758 5d94612eb6fb26ddf22a39e65a4633d029ae5f4c
child 192760 b6c82c9d6b8c962ce6375be2e0a9f2f36f010047
push id27096
push usercbook@mozilla.com
push dateTue, 08 Jul 2014 12:41:54 +0000
treeherdermozilla-central@cfd7caadb22b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerscviecco
bugs1035470
milestone33.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1035470: Use signature algorithm OID instead of digest algorithm OID in the signature field of certificates in mozilla::pkix tests, r=cviecco
security/pkix/test/gtest/pkixbuild_tests.cpp
security/pkix/test/gtest/pkixcert_extension_tests.cpp
--- a/security/pkix/test/gtest/pkixbuild_tests.cpp
+++ b/security/pkix/test/gtest/pkixbuild_tests.cpp
@@ -58,23 +58,22 @@ CreateCert(PLArenaPool* arena, const cha
     extensions[0] =
       CreateEncodedBasicConstraints(arena, true, nullptr,
                                     ExtensionCriticality::Critical);
     if (!extensions[0]) {
       return false;
     }
   }
 
-  SECItem* certDER(CreateEncodedCertificate(arena, v3, SEC_OID_SHA256,
-                                            serialNumber, issuerDER,
-                                            PR_Now() - ONE_DAY,
-                                            PR_Now() + ONE_DAY,
-                                            subjectDER, extensions,
-                                            issuerKey, SEC_OID_SHA256,
-                                            subjectKey));
+  SECItem* certDER(CreateEncodedCertificate(
+                     arena, v3, SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION,
+                     serialNumber, issuerDER,
+                     PR_Now() - ONE_DAY, PR_Now() + ONE_DAY,
+                     subjectDER, extensions, issuerKey, SEC_OID_SHA256,
+                     subjectKey));
   if (!certDER) {
     return false;
   }
   subjectCert = CERT_NewTempCertificate(CERT_GetDefaultCertDB(), certDER,
                                         nullptr, false, true);
   return subjectCert.get() != nullptr;
 }
 
--- a/security/pkix/test/gtest/pkixcert_extension_tests.cpp
+++ b/security/pkix/test/gtest/pkixcert_extension_tests.cpp
@@ -46,17 +46,18 @@ CreateCert(PLArenaPool* arena, const cha
   if (!issuerDER) {
     return nullptr;
   }
   const SECItem* subjectDER(ASCIIToDERName(arena, subjectStr));
   if (!subjectDER) {
     return nullptr;
   }
 
-  return CreateEncodedCertificate(arena, v3, SEC_OID_SHA256,
+  return CreateEncodedCertificate(arena, v3,
+                                  SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION,
                                   serialNumber, issuerDER,
                                   PR_Now() - ONE_DAY,
                                   PR_Now() + ONE_DAY,
                                   subjectDER, extensions,
                                   nullptr, SEC_OID_SHA256, subjectKey);
 }
 
 // Creates a self-signed certificate with the given extension.