Hi, Thank you for the information. I modified some source codes in OpenSSL and achieve what I was looking for.
2010/6/7 Dr. Stephen Henson <st...@openssl.org> > On Mon, Jun 07, 2010, Davi Tozoni wrote: > > > Hello, > > > > I was experimenting OpenSSL 1.0.0 and I needed to create a request that > must > > be signed with Whirlpool hash algorithm. However, when I used the > command: > > > > openssl req -whirlpool -newkey rsa:1024 -keyout key.pem -out req.pem > > > > It didn't work. The error message was: > > 3078702728:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong > > public key type:p_sign.c:125: > > 3078702728:error:0D0C3006:asn1 encoding routines:ASN1_item_sign:EVP > > lib:a_sign.c:279: > > > > I wish to know if the fact that whirlpool can't work for x509 requests is > a > > decision of openssl developers or there is another reason. Perhaps I am > not > > using it correctly. > > > > PS: I am trying to hack openssl source code to find where I could include > > changes that would allow to use whirlpool. Do you have any hint? > > > > In order to use a digest for signature purposes it has to have an > appropriate > object identifier (OID) defined. For example sha1WithRSAEncryption for SHA1 > and RSA. You can't just make one up it has to be standardised, there is no > OID > in OpenSSL corresponding to whirlpool with RSA and you get that error as a > result. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Davi Tozoni Engenharia KRYPTUS Engenharia Criptográfica (19) 88140530 www.kryptus.com
