I tried to modify " tls12_sigalgs" list under t1_lib.c in OpenSSL 1.0.2x
version to restrict a bunch of signature algorithms from being proposed during
Client hello message.
That did work.
Thanks.
Srivalli
On 6/19/18, 5:36 AM, "openssl-users on behalf of murugesh pitchaiah"
wrote:
Hi,
On 19/06/18 07:16, Devang Kubavat wrote:
> Hi,
>
>
>
> I want to disable the SHA1 hash algorithm in Extension: signature
> algorithm client hello message.
>
>
>
> I have used
>
> /* the signature algorithms list */
>
> constcharsignAlgo[] = "RSA+SHA256";
>
> (void)SS
Hi,
SSL_CTX_set1_client_sigalgs_list - is the correct method for this purpose.
Just try for checking return value of this function. On failure it returns 0.
Also try SSL_CTX_set1_client_sigalgs_list (ctx, "RSA+SHA256");
Thanks,
Murugesh P.
On 6/19/18, Devang Kubavat wrote:
> Hi,
>
> I want to
Hi,
I want to disable the SHA1 hash algorithm in Extension: signature algorithm
client hello message.
[cid:image003.jpg@01D407C3.1A227530]
I have used
/* the signature algorithms list */
const char signAlgo[] = "RSA+SHA256";
(void)SSL_CTX_set1_client_sigalgs_list(ctx, signAlgo