From b8a2bdbdc8c467762f1bb0c2d103c566fe9703a7 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 5 Sep 2018 16:49:15 -0400
Subject: Backport to older NSS, which does not have
 SEC_DerSignDataWithAlgorithmID

---
 src/lib/tls/x509_nss.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src/lib/tls/x509_nss.c')

diff --git a/src/lib/tls/x509_nss.c b/src/lib/tls/x509_nss.c
index 5bb7940c90..a0a9c559cf 100644
--- a/src/lib/tls/x509_nss.c
+++ b/src/lib/tls/x509_nss.c
@@ -114,11 +114,19 @@ tor_tls_create_certificate_internal(crypto_pk_t *rsa,
   if (!tmp)
     goto err;
 
+#if 0
   s = SEC_DerSignDataWithAlgorithmID(cert->arena,
                                      &signed_der,
                                      der.data, der.len,
                                      (SECKEYPrivateKey *)signing_key,//const
                                      &cert->signature);
+#else
+  s = SEC_DerSignData(cert->arena,
+                      &signed_der,
+                      der.data, der.len,
+                      (SECKEYPrivateKey *)signing_key,//const
+                      SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION);
+#endif
 
   if (s != SECSuccess)
     goto err;
-- 
cgit v1.2.3-54-g00ecf