Avoid creating keys and self-signed certs separately.

Security best-practices dictate that the same public key should not
be signed by multiple hash algorithms.  This CL prevents that
problem by replacing x509_util::CreateSelfSignedCertificate with
CreateKeyAndSelfSignedCertificate.

This should allow us to change hash functions in x509_utils without
worrying that users may re-sign old keys with the new hash function.

Review URL: https://codereview.chromium.org/27832002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@232292 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 4 insertions, 0 deletions

diff --git a/remoting/base/rsa_key_pair.cc b/remoting/base/rsa_key_pair.cc
index 004fe52..1cea077 100644
--- a/remoting/base/rsa_key_pair.cc
+++ b/remoting/base/rsa_key_pair.cc
@@ -93,8 +93,12 @@ std::string RsaKeyPair::SignMessage(const std::string& message) const {
 
 std::string RsaKeyPair::GenerateCertificate() const {
   std::string der_cert;
+  // Certificates are SHA1-signed because |key_| has likely been used to sign
+  // with SHA1 previously, and you should not re-use a key for signing data with
+  // multiple signature algorithms.
   net::x509_util::CreateSelfSignedCert(
       key_.get(),
+      net::x509_util::DIGEST_SHA1,
       "CN=chromoting",
       base::RandInt(1, std::numeric_limits<int>::max()),
       base::Time::Now(),