commit b8a2bdbdc8c467762f1bb0c2d103c566fe9703a7 Author: Nick Mathewson <nickm@torproject.org> Date: Wed Sep 5 16:49:15 2018 -0400 Backport to older NSS, which does not have SEC_DerSignDataWithAlgorithmID --- src/lib/tls/x509_nss.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/lib/tls/x509_nss.c b/src/lib/tls/x509_nss.c index 5bb7940c9..a0a9c559c 100644 --- a/src/lib/tls/x509_nss.c +++ b/src/lib/tls/x509_nss.c @@ -114,11 +114,19 @@ tor_tls_create_certificate_internal(crypto_pk_t *rsa, if (!tmp) goto err; +#if 0 s = SEC_DerSignDataWithAlgorithmID(cert->arena, &signed_der, der.data, der.len, (SECKEYPrivateKey *)signing_key,//const &cert->signature); +#else + s = SEC_DerSignData(cert->arena, + &signed_der, + der.data, der.len, + (SECKEYPrivateKey *)signing_key,//const + SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION); +#endif if (s != SECSuccess) goto err;