On 2009-06-15 at 11:02 +0200, Bodo Moeller wrote: > On Mon, Jun 15, 2009 at 5:46 AM, Phil Pennock<openssl-...@spodhuis.org> wrote: > > > When RFC 5246 came out, specifying TLS 1.2 and having all mandated > > cipher suites use SHA-256, we assumed that to aid the transition OpenSSL > > would add EVL_sha256() to the list of digests initialised in > > SSL_library_init(), even before support of TLS 1.2 itself. I've checked > > OpenSSL 1.0.0 beta 2 and see that this is still not the case. > > > > I'm seeing usage of SHA-256 become more widespread by CAs today. > > > > Are there plans to add this digest to the list initialised by > > SSL_library_init() ? > > I think SSL_library_init() is meant to provide just the subset of > algorithms needed by the SSL/TLS protocol implementation itself, which > currently doesn't include SHA-256. > > Most applications, however, just call OpenSSL_add_all_algorithms() to > get more than that subset. If you'd rather not define more encryption > algorithms than needed to cut down some overhead, you should be able > to make do with calling SSL_library_init() and > OpenSSL_add_all_digests(). Then the hash algorithms available for > certificate verification will include SHA-256.
Doesn't this add various insecure digests, since OpenSSL is complete, so the application needs to be back in the crypto-engineering game and figuring out which digests to exclude? And my understanding is that since this is certificate path verification, the cipher suite spec passed to SSL_CTX_set_cipher_list() does not help filter this out, even if we set a default which has !LOW in it? I could well be wrong here, please correct me if so. For an application which just wants to, by default, support the normal ciphers and expect SSL_CTX_set_verify() to (a) work and (b) not support digests more trivially broken than MD5, what's the correct way to go please? Thanks, -Phil ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
