I am only a end user and not familiar with SSL internal. If I understand the
replies correctly, OpenSSL 1.0.x currently supports SHA-2 in certificates but
not in the cipher suites used in network communication protocol. Is that a
correct statement?
Alex
On Aug 9, 2010, at 6:44 AM, Jakob Bohm wrote:
> On 08-08-2010 01:13, Dr. Stephen Henson wrote:
>> On Fri, Aug 06, 2010, Alex Chen wrote:
>>
>>> Is SHA-2 supported in OpenSSL 1.0 or the latest version?
>>> From my search in Google, I found the following entry in openssl-dev
>>> mailing list:
>>>> List: openssl-dev
>>>> Subject: Re: SHA-2 support in openssl?
>>>> From: smitha daggubati<smithad123 () gmail ! com>
>>>> Date: 2009-11-18 9:56:55
>>>> Message-ID: 40a23ffd0911180144m27523ca3g9be5cf6be406bd0b () mail ! gmail !
>>>> com
>>>> [Download message RAW]
>>>>
>>>> Marc,
>>>> Thanks for the reply.
>>>>
>>>> On Wed, Nov 18, 2009 at 2:54 PM, Jean-Marc Desperrier<jmd...@free.fr>wrote:
>>>>
>>>>> smitha daggubati wrote:
>>>>>
>>>>>> Does openssl have support for SHA-2. ?
>>>>>> I know that SHA-2 is part of the crypto library but looking at the way
>>>>>> the
>>>>>> context is setup in ssl_ctx_new we are setiing up
>>>>>>
>>>>>> ret->sha1=EVP_get_digestbyname("ssl3-sha1"))
>>>>>>
>>>>>>
>>>>>> So is there a way to establish an openssl connection using SHA-2
>>>>>> currently?
>>>>>>
>>>>>
>>>>> Yes openssl has support for SHA-2, but what it doesn't have is support for
>>>>> a SSL cipher suite using SHA-2.
>>>>>
>>>>> It's a bit late in being updated to support the SHA-2 suites from RFC5289.
>>>>> I suppose this not the main priority of the development team, since sha1
>>>>> inside tls is not actually endangered at the moment.
>>>>> Any help in implementing it, and rearchitecturing the code where use of
>>>>> SHA-1 is hardcoded, would certainly be welcomed.
>>>>>
>>>>>
>>>>> ______________________________________________________________________
>>>>> OpenSSL Project http://www.openssl.org
>>>>> Development Mailing List openssl-...@openssl.org
>>>>>
>>>>> Automated List Manager majord...@openssl.org
>>>>>
>>> Does that means SHA-2 is still not in OpenSSL 1.0 yet?
>>>
>>
>> It depends on what you mean by "in". Support for SHA-2 algorithms is in
>> OpenSSL 0.9.8 and later. The algorithm can be used in certificates and CMS
>> for
>> example.
>>
>> Since OpenSSL doesn't currently support TLS 1.2 it will not be used for TLS
>> ciphersuites since none in TLS 1.1 or earlier use SHA-2 algorithms.
>>
>
> I believe this is an unfortunate reading of the RFCs. Fundamentally,
> the SSL3/TLS protocols do not tie the availability of a cipher suite to
> the version of the protocol document which was current when it was
> introduced. The fact that the most common cipher suites are defined in
> the same documents as the protocols themselves really should not be
> treated as more important than the fact that there is a single IANA
> registry for these values.
>
> So I believe the better implementation strategy would be to offer any
> implemented cipher suite value which is not fundamentally incompatible
> with the SSL/TLS version, rather than holding back improved algorithms
> until unrelated aspects of new TLS versions are implemented.
>
> Formally: RFC2246, RFC4346 and RFC5246 all refer to IANA for the cipher
> suite list. IANA's cipher suite list refers to different RFCs for
> different suite values, including RFC2712 and RFC5246. The cipher
> suites so defined are thus equally applicable to the TLS versions (1.0,
> 1.1 and 1.2) defined in RFC2246, RFC4346 and RFC5246 unless there is
> a cipher suite specific reason not to use them with specific TLS
> versions.
>
> Of cause using an SHA-2 based cipher suite with TLS 1.1 or older implies
> that the keys will still be created from a master secret produced using
> the old MD5/SHA-1 PRF. But at least the HMACs for the data will be done
> with SHA-2 , thus limiting the attack surface for exploiters of SHA-1
> weaknesses.
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
