refactor(device): sign certificates with SHA256

Emulate KDE Connect by specifying that certificates should be signed with SHA256 (`GNUTLS_DIG_SHA256`).
andyholmes · Sep 25, 2023 · b06aa03 · b06aa03
1 parent c4bb81c
commit b06aa03
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/libvalent/device/valent-certificate.c b/src/libvalent/device/valent-certificate.c
@@ -132,7 +132,7 @@ valent_certificate_generate (const char  *cert_path,
     }
 
   /* Sign and export the certificate */
-  if ((rc = gnutls_x509_crt_sign (crt, crt, privkey)) != GNUTLS_E_SUCCESS ||
+  if ((rc = gnutls_x509_crt_sign2 (crt, crt, privkey, GNUTLS_DIG_SHA256, 0)) != GNUTLS_E_SUCCESS ||
       (rc = gnutls_x509_crt_export2 (crt, GNUTLS_X509_FMT_PEM, &out)) != GNUTLS_E_SUCCESS)
     {
       g_set_error (error,