tags:

views:

62

answers:

2

Is there any way to use Open SSL without any SHA1 hash functions and using one of SHA2 functions instead of it? I think firstly, I should find all the functions that call SHA1 algorithm, and I should understand why SHA1 is still used. While changing the hash function, the bits are different in SHA1 and SHA2 so it may cause some problems. It confuses me...

A: 

According to Wikipedia, OpenSSL supports both SHA1 and SHA2 algorithms.

http://en.wikipedia.org/wiki/OpenSSL

Robert Harvey
I know it supports both. But is there any function that uses SHA1 when we choose one of SHA2 algorithms or something different? Or is it exact that when we choose one of SHA2 functions it never uses SHA1 algorithm in anywhere?
Hellnar
I would expect that the behavior would be sensible.
Robert Harvey
+1  A: 

There is no cipher suite for the SHA2 family. Look at the man page for a list of all of them.

Longpoke
so how can I add it to list?
Hellnar
@Hellnar: Ciphersuites are standardized by RFCs for SSL and TLS. TLS itself sends a constant binary number to represent the suite, which means the client and server would both have to be patched to use your suite you want.
Longpoke