Re: [openssl-users] Regarding Signature Algorithm: ecdsa-with-SHA512
Hi Steve, This worked now. Thanks Thanks, Abhilash. On Mon, Jul 18, 2016 at 7:34 AM, Abhilash K.Vwrote: > Hi Steve, > > Thanks for the information I was not aware of that. > > Yes, did that modification and now I am getting it as following (I passed > EVP_sha512()). > > Signature Algorithm: ecdsa-with-SHA256 > > Thanks, > Abhilash. > > On Sun, Jul 17, 2016 at 8:05 PM, Dr. Stephen Henson > wrote: > >> On Sun, Jul 17, 2016, Abhilash K.V wrote: >> >> > I am trying to generate a CSR using EC and wanted to have signature >> > algorithm as ???ecdsa-with-SHA512???. >> > >> > But in the generated csr I am getting signature algorithms as >> ???Signature >> > Algorithm: ecdsa-with-SHA1??? always. >> > >> > >> > if (!X509_REQ_sign(req, privkey, EVP_ecdsa())) { >> > >> >> Don't use EVP_ecdsa() it is an old "linked digest" which uses SHA1 and is >> only >> retained for compatibility with old code. Use EVP_sha512() instead. >> >> Steve. >> -- >> Dr Stephen N. Henson. OpenSSL project core developer. >> Commercial tech support now available see: http://www.openssl.org >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Regarding Signature Algorithm: ecdsa-with-SHA512
Hi Steve, Thanks for the information I was not aware of that. Yes, did that modification and now I am getting it as following (I passed EVP_sha512()). Signature Algorithm: ecdsa-with-SHA256 Thanks, Abhilash. On Sun, Jul 17, 2016 at 8:05 PM, Dr. Stephen Hensonwrote: > On Sun, Jul 17, 2016, Abhilash K.V wrote: > > > I am trying to generate a CSR using EC and wanted to have signature > > algorithm as ???ecdsa-with-SHA512???. > > > > But in the generated csr I am getting signature algorithms as > ???Signature > > Algorithm: ecdsa-with-SHA1??? always. > > > > > > if (!X509_REQ_sign(req, privkey, EVP_ecdsa())) { > > > > Don't use EVP_ecdsa() it is an old "linked digest" which uses SHA1 and is > only > retained for compatibility with old code. Use EVP_sha512() instead. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Regarding Signature Algorithm: ecdsa-with-SHA512
On Sun, Jul 17, 2016, Abhilash K.V wrote: > I am trying to generate a CSR using EC and wanted to have signature > algorithm as ???ecdsa-with-SHA512???. > > But in the generated csr I am getting signature algorithms as ???Signature > Algorithm: ecdsa-with-SHA1??? always. > > > if (!X509_REQ_sign(req, privkey, EVP_ecdsa())) { > Don't use EVP_ecdsa() it is an old "linked digest" which uses SHA1 and is only retained for compatibility with old code. Use EVP_sha512() instead. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users