On Fri, May 08, 2009 at 04:10:19PM -0700, Alex Chen wrote:
> Thanks again for the detail explanation, Viktor.
> We use OpenSSL only between our client and server, both use OpenSSL,
> therefore interoperability with other SSL entity is not a concern.
> Is there a 'sha2' flag for 'req' command so w
Thanks again for the detail explanation, Viktor.
We use OpenSSL only between our client and server, both use OpenSSL,
therefore interoperability with other SSL entity is not a concern.
Is there a 'sha2' flag for 'req' command so we can use SHA-2 as the
hash function?
In your previous respons
On Fri, May 08, 2009 at 10:11:22AM -0700, Alex Chen wrote:
> Thanks for the information, Viktor. I am not familiar with the algorithms
> used in SSL, but if I understand correctly, SHA-1/SHA-2 is only a hash
> function, right?
SHA-1 and the 3 members of the SHA-2 family are hash functions, the
Thanks for the information, Viktor. I am not familiar with the
algorithms used in SSL, but if I understand correctly, SHA-1/SHA-2 is
only a hash function, right?
In OpenSSL source code, I see references of SHA-256, SHA-512, etc.
that belong to SHA-2 suites. If OpenSSL only supports SHA-1 HM
On Thu, May 07, 2009 at 10:54:50AM -0700, Alex Chen wrote:
> How does openssl decide which SHA function to use if we simply uses ssl
> connection, i.e. what control the use of different SHA function?
There are no SHA-2 cipher-suites in TLS 1.0 and TLS 1.1. TLS 1.2
is very new, and not yet implem
At 10:54 AM 5/7/2009, you wrote:
How does openssl decide which SHA function to use if we simply uses
ssl connection, i.e. what control the use of different SHA function?
Is there a way users can select it?
Alex
The "crypto suite" used by SSL is negotiated between the parties, I
think. See
How does openssl decide which SHA function to use if we simply uses
ssl connection, i.e. what control the use of different SHA function?
Is there a way users can select it?
Alex
__
OpenSSL Project