Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Sertificate Signatures using ECDSA-with-sha256 ...?

128 views
Skip to first unread message

dhoward

unread,
Mar 15, 2011, 10:38:11 AM3/15/11
to

I am currently trying to compute an ECDSA signature with SHA256. I am using
ECC keys with a field size of 233 bits (specifically the sect233r1 curve).
Despite my efforts, Openssl insists on using SHA1 instead of SHA256. The
call I am using is:

X509_sign(cert, *issuer_privkey, EVP_get_digestbyname("ecdsa-with-SHA256"))

(*** I should note that this function call returns without complaint every
time)

>From what I understand, because my field size is smaller than 256 bits, the
ECDSA algorithm is going to truncate the last 23 bits of my hash. Will this
cause problems in validation? Will this cause Openssl to use SHA1 instead,
despite my passing a correct method digest? Have I overlooked something
obvious? I would appreciate some help in this matter.

Thanks,
DH
--
View this message in context: http://old.nabble.com/Sertificate-Signatures-using-ECDSA-with-sha256-...--tp31153077p31153077.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

Dr. Stephen Henson

unread,
Mar 15, 2011, 1:10:05 PM3/15/11
to
On Tue, Mar 15, 2011, dhoward wrote:

>
> I am currently trying to compute an ECDSA signature with SHA256. I am using
> ECC keys with a field size of 233 bits (specifically the sect233r1 curve).
> Despite my efforts, Openssl insists on using SHA1 instead of SHA256. The
> call I am using is:
>
> X509_sign(cert, *issuer_privkey, EVP_get_digestbyname("ecdsa-with-SHA256"))
>
> (*** I should note that this function call returns without complaint every
> time)
>
> >From what I understand, because my field size is smaller than 256 bits, the
> ECDSA algorithm is going to truncate the last 23 bits of my hash. Will this
> cause problems in validation? Will this cause Openssl to use SHA1 instead,
> despite my passing a correct method digest? Have I overlooked something
> obvious? I would appreciate some help in this matter.
>

First you need OpenSSL 1.0.0 or later for this. You don't check the return
value of EVP_get_digestbyname() so it could be returning NULL and the function
will then use a default digest. The digest name "SHA256" should be used.

It is more common to use EVP_sha256() as the last parameter instead of an
actual lookup.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

0 new messages