Hi
This patch is needed to support the modern TLSv1.2 cipher suites
with the Windows CryptoAPI. In ticket #3366, it has been submitted
earlier as part of someone else's patch but abandoned by its author.
I have tested it with 1.0.2d, but it should apply to all branches.
Thanks,
Beat Bolli
>From 4ca019cf4653267ac2384b43ca9a9c8805ae5544 Mon Sep 17 00:00:00 2001
From: Beat Bolli <[email protected]>
Date: Fri, 10 Jul 2015 10:52:33 +0200
Subject: [PATCH] engines/e_capi: enable the SHA-2 message digests
To make sure that the SHA-2 CALG_* constants are defined, update default
Windows version to 0x0502, i.e. Windows Server 2003. People who want to
build OpenSSL for even more obsolete Windows versions can do so by defining
_WIN32_WINNT to the previous value 0x0400.
---
engines/e_capi.c | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/engines/e_capi.c b/engines/e_capi.c
index f4cd2ff..e2d92f2 100644
--- a/engines/e_capi.c
+++ b/engines/e_capi.c
@@ -66,7 +66,7 @@
# include <openssl/rsa.h>
# ifndef _WIN32_WINNT
-# define _WIN32_WINNT 0x0400
+# define _WIN32_WINNT 0x0502
# endif
# include <windows.h>
@@ -811,6 +811,25 @@ int capi_rsa_sign(int dtype, const unsigned char *m, unsigned int m_len,
case NID_md5_sha1:
alg = CALG_SSL3_SHAMD5;
break;
+
+#ifdef CALG_SHA_256
+ case NID_sha256:
+ alg = CALG_SHA_256;
+ break;
+#endif
+
+#ifdef CALG_SHA_384
+ case NID_sha384:
+ alg = CALG_SHA_384;
+ break;
+#endif
+
+#ifdef CALG_SHA_512
+ case NID_sha512:
+ alg = CALG_SHA_512;
+ break;
+#endif
+
default:
{
char algstr[10];
--
1.9.5.msysgit.0
_______________________________________________
openssl-bugs-mod mailing list
[email protected]
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
