sha-256 support in openssl 0.9.8g

Hasan Rezaul-CHR010 Wed, 10 Mar 2010 11:58:44 -0800

Thanks Rafiq and Jason,
 
I did run the  "openssl dgst -sha256 <filename>" command, and it didnt
complain !  So I know at least the simple sha-256 hashing operation is
supported  in openssl 0.9.8g.
 
Just wasn't sure if it was also fully supported in the context of
certificate verification, etc. Sounds like it is...
 
I also need to make sure SHA-256 will work with SSH and SFTP on my
machine. So was reading up some OPENSSH posts online. And came across
this. Any thoughts ?  Thanks a lot
 
    To implement the SHA256 support in OpenSSH, the platform must
support libcSHA256 or OpenSSLEVP_sha256 SHA256 KEX.


________________________________

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Rafiqul Ahsan
Sent: Tuesday, March 09, 2010 12:13 PM
To: openssl-users@openssl.org
Cc: openssl-...@openssl.org
Subject: Re: OpenSSL server problems


Yes, openssl 098g supports SHA256.
 
I built Freeradius 1.1.7 with openssl 098g, and we have been using
EAP-TLS with SHA256 signed certs for quite sometimes.
 
Thanks


On Tue, Mar 9, 2010 at 11:28 AM, Hasan Rezaul-CHR010
<chr...@motorola.com> wrote:


        Hi All,
        
        I am somewhat of a newbie to openssl, so apologize in advance
for my
        ignorance  :-)
        
        I have openssl version  0.9.8g on my custom Linux 2.6.27 distro.
        
        I need to make sure that SHA-2 (specifically SHA-256 algorithm)
is
        supported with this version of openssl.
        The sha-256 algorithm will be used during IPSec link
establishment,
        Certificates Verification, and for general TLS/SSL Cipher
suites.
        
        From the quick online reading, I am getting mixed messages of
whether
        sha-2 algorithms (specifically sha-256) is truly supported or
not ?!?
        Supposedly things might still be hard-coded to sha-1 even when
sha-2
        algorithms are 'supported' ?...
        
        1. Would you kindly clarify if openssl version  0.9.8g  does
infact meet
        my needs ? That is, does it in fact support sha-256 to be used
in IPSec,
        Certificate verification, and general TLS/SSL.
        
        2. If 0.9.8g is not adequate, what version of openssl does
infact
        support my needs described above ?
        
        Thanks soo much in advance.
        
        
______________________________________________________________________
        OpenSSL Project
http://www.openssl.org <http://www.openssl.org/> 
        User Support Mailing List
openssl-users@openssl.org
        Automated List Manager
majord...@openssl.org
        




-- 
Rafiqul Ahsan

sha-256 support in openssl 0.9.8g

Reply via email to