openssl dgst -ripemd160 -sign ec5_ca.key shr.o.txt WARNING: can't open config file: /usr/local/ssl/openssl.cnf Error setting context 5664:error:100C508A:elliptic curve routines:PKEY_EC_CTRL:invalid digest type:.c ryptoecec_pmeth.c:229: Also, in documentation on pkeyutl program is mentioned, that ECDSA supports only sha1 http://www.openssl.org/docs/apps/pkeyutl.html# (subsection "EC ALGORITHM") Documentation on dgst program did not mention any limitations for choice of hash, there only was said, that sha1 is preferred choice. That EC key used in failed example above is based on secp521r1 and was generated by openssl. Citējot *Dr. Stephen Henson <st...@openssl.org> [1]*: > On Fri, Jul 15, 2011, y...@inbox.lv wrote: > > > > > Version of ECDSA available in openssl 1.0.0d supports only > SHA1. > > (maybe there are patches, which adds other hash functions, > but > > default build on win32 supports only sha1). > > What makes you think that? OpenSSL 0.9.8 only supports SHA1 with > ECDSA in > things like certificates but 1.0.0 and later should support other > hashes > such as SHA256. > > Can you give an example where 1.0.0 is failing? > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > openssl-users@openssl.org > Automated List Manager > majord...@openssl.org -- Tavs bezmaksas pasts Inbox.lv
Links: ------ [1] mailto:st...@openssl.org