Thank you, after modification crypto/pkcs7/pk7_smime.c (calling EVP_sha256 instead EVP_sha1 on PKCS7_sign()) signature really containts digest by sha256 and verification of this signature is successful. Great.
It is the simplest way how to still use openssl by command line only. ------------------ But what about the future? Digest algorithm SHA-1 will be marked as "unusable" on EU from 1.1.2010 (because security experts expects breaking SHA-1 soon). Will non-modified openssl on command line still create only SHA-1 signatures (PKCS#7)? Or will non-modified openssl on command line offer choosing digest algorithm e.g. by implementation "-md" option what is mentioned on http://www.openssl.org/docs/apps/smime.html#? Thanks, V. Benes -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Paul Allen Sent: Tuesday, March 31, 2009 7:38 PM To: openssl-users@openssl.org Subject: Re: "openssl smime ... [-md digest] ..." seems to be unknown option ontle last version openssl On Tue, 2009-03-31 at 08:50 -0700, Beneš Vladimír wrote: > Hi, > > there is mentioned command option "-md" on official documentation - http://www.openssl.org/docs/apps/smime.html# > """ > SYNOPSIS > openssl smime ... [-md digest] ... > ... > COMMAND OPTIONS > ... > -md digest > digest algorithm to use when signing or resigning. If not present then the default digest algorithm for the signing key will be used (usually SHA1). > ... > """ > > But if I try to use it (in the latest version - OpenSSL 0.9.8k 25 Mar 2009), it seems that this is quite unknown option (it only puts into stderr available options - without "-md" option). > > So how option "-md" could by used in "openssl smime"? > Or - how could be created and verificated PKCS#7 signatures with the sha512 (or sha256) message digest algorithm? As you have noticed, apps/smime.c doesn't implement the -md command-line switch. The bit of code that actually specifies the message digest to use for signing is in PKCS7_sign() in crypto/pkcs7/pk7_smime.c. It is hard-coded to use SHA1. I changed EVP_sha1 to EVP_sha256 in the call to PKCS7_add_signature(), and it seems to work fine. (By that, I mean SHA256 is actually getting used and signatures verify OK.) There's almost certainly a better way to go about this, but I didn't need a general solution to the command-line problem. Paul ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
smime.p7s
Description: S/MIME cryptographic signature