smitha daggubati <smithad123 <at> gmail.com> writes: > > > Marc,Thanks for the reply. > On Wed, Nov 18, 2009 at 2:54 PM, Jean-Marc Desperrier <jmdesp <at> free.fr> wrote: > smitha daggubati wrote: > Does openssl have support for SHA-2. ? > I know that SHA-2 is part of the crypto library but looking at the way the > context is setup in ssl_ctx_new we are setiing up > ret->sha1=EVP_get_digestbyname("ssl3-sha1")) > So is there a way to establish an openssl connection using SHA-2 currently? > > > > Yes openssl has support for SHA-2, but what it doesn't have is support for a SSL cipher suite using SHA-2. > It's a bit late in being updated to support the SHA-2 suites from RFC5289. I suppose this not the main priority of the development team, since sha1 inside tls is not actually endangered at the moment. > Any help in implementing it, and rearchitecturing the code where use of SHA-1 is hardcoded, would certainly be welcomed. >
Hello Marc, Smitha and everyone, Just wanted to know the current state and level of SHA-2 support in Openssl (as of Jan 6, 2012). Specifically, do we have a support for SHA-2 for SSL in openssl 1.0.0.f or 0.9.8s? Thanks! -shahid ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org