On Wed, Feb 27, 2013, Nayna Jain wrote: > Thanks Dr. Stephen and Victor for explanation > > Some questions further in this : > > Is there an API to configure programmatically , what hash algorithm it > can use. My understanding is that final ciphers which are selected are > for encryption and HMAC generation of application data packets. This > might be required to maintain the compatibility issues. > My understanding is that this error happens on client side, when it > tries to sign the CertificateVerify message, where digest output comes > too big for RSA to encrypt. Let me know if this is correct. >
Yes that's correct. If the RSA key size is too small the default SHA512 digest and the associated ASN1 and padding overhead exceeds the maximum for the RSA algorithm. This is only a problem with insecure keys: most standards now suggest 1024 bits is the bare minimum and 2048 bits recommended. There is an API to modify the supported digest list but only in the unreleased OpenSSL 1.0.2 and later. This can be accessed on the command line through the -client_sigalgs command line switch, via the SSL_CONF API or through some ctrl operations. There isn't anything in 1.0.1. These are the digests used to sign handshake messages for TLS version 1.2. The digests used for HMAC in application data records are determined by the cipher suite. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
