On 01/14/2010 01:36 PM, Kai Chan wrote: > Hi, > > NSS has ECDSA with SHA1 enabled in SEC_DERSignData() in secsign.c ( > http://mxr.mozilla.org/security/source/security/nss/lib/cryptohi/secsign.c), > but will ECDSA with SHA256 and higher be supported in the future? Or is > this something as simple as adding to the switch statement, since the other > EC signature OIDs exist in SECOIDTag ( > It's up to the application. SECDERSignData takes an algorithm ID, which the application selects. The switch statement handles the case where the application did not select.
You can use SEC_GetSignatureAlgorithmOidTag( keytype, hashOid); to get the correct oid value to pass to SECDERSignData. bob > http://mxr.mozilla.org/security/source/security/nss/lib/util/secoidt.h): > SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE = 277, > SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE = 278, > SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE = 279, > SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE = 280, > > Thanks, > Kai > >
-- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
