smitha daggubati wrote:
Does openssl have support for SHA-2. ? I know that SHA-2 is part of the crypto library but looking at the way the context is setup in ssl_ctx_new we are setiing upret->sha1=EVP_get_digestbyname("ssl3-sha1")) So is there a way to establish an openssl connection using SHA-2 currently?
Yes openssl has support for SHA-2, but what it doesn't have is support for a SSL cipher suite using SHA-2.
It's a bit late in being updated to support the SHA-2 suites from RFC5289. I suppose this not the main priority of the development team, since sha1 inside tls is not actually endangered at the moment. Any help in implementing it, and rearchitecturing the code where use of SHA-1 is hardcoded, would certainly be welcomed.
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
