crypto: change ECSignatureCreator defaults to match SPDY.

crypto/ec_signature_creator_nss.cc

Index: crypto/ec_signature_creator_nss.cc
diff --git a/crypto/ec_signature_creator_nss.cc b/crypto/ec_signature_creator_nss.cc
index a85b1e94fecf20299494fcffdc95c7894fb375da..c0a2490d2f847622517225db8b42353b3ac766ba 100644
--- a/crypto/ec_signature_creator_nss.cc
+++ b/crypto/ec_signature_creator_nss.cc
@@ -42,15 +42,11 @@ SECStatus SignData(SECItem* result,
 
   // Compute signature of hash.
   int signature_len = PK11_SignatureLen(key);
-  std::vector<uint8> signature_data(signature_len);
-  SECItem sig = {siBuffer, &signature_data[0],
-                 static_cast<unsigned int>(signature_len)};
-  rv = PK11_Sign(key, &sig, &hash);
+  result = SECITEM_AllocItem(NULL, result, signature_len);
+  rv = PK11_Sign(key, result, &hash);
   if (rv != SECSuccess)
-    return rv;
-
-  // DER encode the signature.
-  return DSAU_EncodeDerSigWithLen(result, &sig, sig.len);
+    SECITEM_FreeItem(result, false /* don't free *result itself */);

[wtc, 2012/09/12 19:47:45]

Change "false" to "PR_FALSE".

[agl, 2012/09/12 21:41:46]

(moot)

+  return rv;
 }
 
 }  // namespace
@@ -79,7 +75,7 @@ bool ECSignatureCreatorImpl::Sign(const uint8* data,
 
   // Sign the secret data and save it to |result|.
   SECStatus rv =
-      SignData(&result, &secret, key_->key(), HASH_AlgSHA1);
+      SignData(&result, &secret, key_->key(), HASH_AlgSHA256);
   if (rv != SECSuccess) {
     DLOG(ERROR) << "DerSignData: " << PORT_GetError();
     return false;