Sorry, I should give more details.
First of all, I don't know if all I've done is correctly. Basically, I made
up my own OID, so I can use it in my application. If you want to do this
too, here is the easy steps:
1. In crypto/objects/objects.txt, I added:
ecdsa-with-Specified 5 : ecdsa-with-whirlpool
pkcs1 15 : RSA-whirlpool : whirlpoolWithRSAEncryption
2. In crypto/objects/obj_xref.txt, I added:
whirlpoolWithRSAEncryption whirlpool rsaEncryption
ecdsa_with_whirlpool whirlpool X9_62_id_ecPublicKey
3. In crypto/ec/ec_pmeth.c, in function "static int pkey_ec_ctrl()", I added
NID_whirlpool in the if clause after "case EVP_PKEY_CTRL_MD:"
I have modified other source codes, but I don't think they have worked. Any
problem or suggestion, tell me!
2010/6/28 Jakob Bohm <jb-open...@wisemo.com>
> So did you make up your own OID, or your own ASN structure or did you
> find the right OID somewhere so the rest of us can use it?
>
>
> On 28-06-2010 13:33, Davi Tozoni wrote:
>
>> Hi,
>> Thank you for the information. I modified some source codes in OpenSSL
>> and achieve what I was looking for.
>>
>> 2010/6/7 Dr. Stephen Henson <st...@openssl.org <mailto:st...@openssl.org
>> >>
>>
>>
>> On Mon, Jun 07, 2010, Davi Tozoni wrote:
>>
>> > Hello,
>> >
>> > I was experimenting OpenSSL 1.0.0 and I needed to create a
>> request that must
>> > be signed with Whirlpool hash algorithm. However, when I used the
>> command:
>> >
>> > openssl req -whirlpool -newkey rsa:1024 -keyout key.pem -out
>> req.pem
>> >
>> > It didn't work. The error message was:
>> > 3078702728:error:0606B06E:digital envelope
>> routines:EVP_SignFinal:wrong
>> > public key type:p_sign.c:125:
>> > 3078702728:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP
>> > lib:a_sign.c:279:
>> >
>> > I wish to know if the fact that whirlpool can't work for x509
>> requests is a
>> > decision of openssl developers or there is another reason.
>> Perhaps I am not
>> > using it correctly.
>> >
>> > PS: I am trying to hack openssl source code to find where I could
>> include
>> > changes that would allow to use whirlpool. Do you have any hint?
>> >
>>
>> In order to use a digest for signature purposes it has to have an
>> appropriate
>> object identifier (OID) defined. For example sha1WithRSAEncryption
>> for SHA1
>> and RSA. You can't just make one up it has to be standardised, there
>> is no OID
>> in OpenSSL corresponding to whirlpool with RSA and you get that
>> error as a
>> result.
>>
>> Steve.
>> --
>> Dr Stephen N. Henson. OpenSSL project core developer.
>> Commercial tech support now available see: http://www.openssl.org
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-users@openssl.org
>> <mailto:openssl-users@openssl.org>
>>
>> Automated List Manager majord...@openssl.org
>> <mailto:majord...@openssl.org>
>>
>>
>>
>>
>>
>> --
>> Davi Tozoni
>> Engenharia
>> KRYPTUS Engenharia Criptográfica
>> (19) 88140530
>> www.kryptus.com <http://www.kryptus.com>
>>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
--
Davi Tozoni
Engenharia
KRYPTUS Engenharia Criptográfica
(19) 88140530
www.kryptus.com
