Marc,
Thanks for the reply.
On Wed, Nov 18, 2009 at 2:54 PM, Jean-Marc Desperrier <[email protected]>wrote:
> smitha daggubati wrote:
>
>> Does openssl have support for SHA-2. ?
>> I know that SHA-2 is part of the crypto library but looking at the way
>> the
>> context is setup in ssl_ctx_new we are setiing up
>>
>> ret->sha1=EVP_get_digestbyname("ssl3-sha1"))
>>
>>
>> So is there a way to establish an openssl connection using SHA-2
>> currently?
>>
>
> Yes openssl has support for SHA-2, but what it doesn't have is support for
> a SSL cipher suite using SHA-2.
>
> It's a bit late in being updated to support the SHA-2 suites from RFC5289.
> I suppose this not the main priority of the development team, since sha1
> inside tls is not actually endangered at the moment.
> Any help in implementing it, and rearchitecturing the code where use of
> SHA-1 is hardcoded, would certainly be welcomed.
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [email protected]
>
> Automated List Manager [email protected]
>
