Re: [openssl-dev] Support for TLS SHA2-512?

[Erwann Abalea]

Bonjour,

> Le 24 sept. 2015 à 21:59, Justin Burke  a écrit 
> :
> 
> Hello,
> 
> Does OpenSSL support TLS with SHA2-512? I'm able to compile 1.0.1p with
> SHA2-256 and SHA2-384 support, but not with SHA2-512. `openssl ciphers`
> does not list any SHA512 cipher, while `openssl dgst` does support
> SHA512.

The list of registered cipher suites can be found at
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
 

and there’s no standardized *SHA512 cipher suite, as you can see.

Cordialement,
Erwann Abalea

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Support for TLS SHA2-512?

[stefan.n...@t-online.de]

   Hi,

> Does OpenSSL support TLS with SHA2-512?

No, since there is no such thing as a TLS cipher suite with SHA512.
Cipher suites need to be registered and assigned IDs, so servers/clients
can exchange those IDs to announce what cipher suites they support.
And if you look at the probably most up-to-date list of currently registered
cipher suites at 
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
you'll see that there simply is no cipher suite using SHA512.
The rational for this is that SHA-384 already offers the same level
of security as the 256 bit block ciphers do, so there's no point in using
longer hashes.

   Regards,
   Stefan


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] Support for TLS SHA2-512?

[Justin Burke]

Hello,

Does OpenSSL support TLS with SHA2-512? I'm able to compile 1.0.1p with
SHA2-256 and SHA2-384 support, but not with SHA2-512. `openssl ciphers`
does not list any SHA512 cipher, while `openssl dgst` does support
SHA512.

Thanks,
Justin
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev