On Mon Jun 22 20:07:43 2015, david.von.ohe...@siemens.com wrote: > Hi OpenSSL maintainers, > > I tried checking the status of the EVP_get_digestbynid issue via > http://rt.openssl.org/Install/index.html > but the server appears currently misconfigured: > > Config file /etc/request-tracker4/RT_SiteConfig.pm is locked > > Yet I found an old conversation on this topic: > http://openssl.6102.n7.nabble.com/Question-about-EVP-get-digestbynid- > and-ECDSA-td28312.html > > With OpenSSL 1.0.2 one still gets NULL when giving ECDSA NIDs as > input. > Here is the workaround we currently use for EC support in > CMPforOpenSSL: >
That's expected behaviour. The EVP_get_digestbynid funtion expects a digest NID whereas you are passing a signature NID instead. It does accept some signature NIDs for historical compatibility reasons. The thread you mention shows you how to convert a signature NID into the digest and public key algorithm NID. However I suspect you shouldn't be trying to do things at that level for signatures. If you need to sign or verify ASN.1 data you can use ASN1_item_sign or ASN1_item_verify and key and digest handling and lookup is handled automatically. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
