On Sun, Jul 17, 2016, Abhilash K.V wrote:
> I am trying to generate a CSR using EC and wanted to have signature
> algorithm as ???ecdsa-with-SHA512???.
>
> But in the generated csr I am getting signature algorithms as ???Signature
> Algorithm: ecdsa-with-SHA1??? always.
>
>
> if (!X509_REQ_sign(req, privkey, EVP_ecdsa())) {
>
Don't use EVP_ecdsa() it is an old "linked digest" which uses SHA1 and is only
retained for compatibility with old code. Use EVP_sha512() instead.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
