[Openswan dev] add SHA2 validation for X.509 certificates and CRLs

Tino Keitel tino.keitel at innominate.com
Wed Jul 11 04:12:18 EDT 2007


the attached patch adds validation for X.509 certificates and CRLs that
use SHA2 for the digest algorithm. I tested it with CA and client
certificates and CRLs that use SHA256 and SHA512. I didn't test SHA384,

It is required to build Openswan with USE_EXTRACRYPTO set to include
SHA2 support.


Tino Keitel
Software Engineer
Innominate Security Technologies AG
/protecting industrial networks/
Tel: +49.30.6392-3309
Fax: +49.30.6392-3307
Albert-Einstein-Str. 14
D-12489 Berlin

Register Court: AG Charlottenburg, HR B 81603
Management Board: Joachim Fietz, Dirk Seewald
Chairman of the Supervisory Board: Edward M. Stadum
-------------- next part --------------
A non-text attachment was scrubbed...
Name: add_sha2_validation.diff
Type: text/x-diff
Size: 1321 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/dev/attachments/20070711/5415080a/attachment.bin 

More information about the Dev mailing list