Scott,
Just been reading about it. (Was away for a few days.)
The reason it's not there now is neither Windows CAPI nor OpenSSL supported -256 or -512 when the hashing functions were first implemented.
I notice the development branch of OpenSSL now includes SHA-256/512 so I might look at compiling up 0.9.8-dev and see how it goes.
Otherwise we'll have to actually implement the algorithm. Mind you - that's not that difficult to do, it's just not likely to be as quick as the OpenSSL implementation.
Cheers,
BerinScott Cantor wrote:
In light of the recent talk about SHA-1 being weakened, does the C++ xmlsec library support the stronger SHA hashing algorithms at this point?
I see the constants defined in the Java version, but I can't use them if they won't interop.
I suspect adding the support isn't too hard, but I don't have an ASF contrib form on file, so it's not a simple matter for me to donate the work if I do it, so I thought I'd ask first.
-- Scott
