VD Security vulnerability

[ Problem]MD5 does not recommend use as a weak hash algorithm
[ Solution]We use a hash algorithm for more than SHA256
[ Verify] Can open the new tab/bookmark/history
Signed-off-by: cookie <cookie@samsung.com>
Change-Id: I256722e1fdafca765bd7acf49a832086048cfdff

diff --git a/provider/browser-provider-requests.c b/provider/browser-provider-requests.c
index 39d5c6e13cb166184ba666b9416b15a928fbbad9..e12108c95d162e48b1138a5fea4e8fae1ee31254 100755 (executable)
--- a/provider/browser-provider-requests.c
+++ b/provider/browser-provider-requests.c
@@ -28,7 +28,7 @@
 #include <pthread.h>
 
 #include <ITapiModem.h>
-#include <openssl/md5.h>
+#include <openssl/sha.h>
 
 #include "browser-provider.h"
 #include "browser-provider-log.h"
@@ -1588,12 +1588,12 @@ char *bp_get_my_deviceid()
 
                if (imei != NULL) {
                        // Make hash key with IMEI.
-                       MD5_CTX context;
-                       unsigned char digest[17] = { 0, };
+                       SHA256_CTX context;
+                       unsigned char digest[SHA256_DIGEST_LENGTH] = { 0, };
 
-                       MD5_Init(&context);
-                       MD5_Update(&context, imei, strlen(imei));
-                       MD5_Final(digest, &context);
+                       SHA256_Init(&context);
+                       SHA256_Update(&context, imei, strlen(imei));
+                       SHA256_Final(digest, &context);
 
                        int i;
                        for (i = 0; i < 16; i++)