Hi Matt, Thanks for the reply. According to my colleague the PHP function opens_verify uses EVP_get_digestbyname to retrieve the EVP_MD. This does not work for the digest name "ecdsa-with-SHA256".
Nevertheless, I will try to create a new branch. Thanks again. Martin -----Original Message----- From: openssl-dev [mailto:[email protected]] On Behalf Of Matt Caswell Sent: Dienstag, 26. April 2016 11:12 To: [email protected] Subject: Re: [openssl-dev] digest SN_ecdsa_with_SHA256 and NID_ecdsa_with_SHA256 On 26/04/16 09:43, Gäckler Martin (EXT) wrote: > We're currently developing a system that uses OAuth protocol to > identify the users. The service provider is developed in PHP and uses > OpenSSL to verify the access token. Unfortunately the identity > provider, which is managed by another company, uses ecdsa with sha256 > to sign the access tokens. Although the constants for this method > (SN_ecdsa_with_SHA256 and > NID_ecdsa_with_SHA256) are defined in OpenSSL, this method is > currently not supported by OpenSSL. I'm not really sure what that means, since its perfectly possible to use ECDSA in conjunction with SHA256 to sign data. E.g. just use EVP_sha256() as the EVP_MD, and create an EC EVP_PKEY in a call to EVP_DigestSignInit() https://www.openssl.org/docs/manmaster/crypto/EVP_DigestSignInit.html > > My question is, what can I do, to add my changes to the official > OpenSSL sources. I'm new to github and OpenSSL development and I did > not find a documentation suitable for me. We would appreciate if this > method would become part of the official OpenSSL distribution. Create a new branch based on the master branch in git (new features are not accepted into stable releases). Add your features to it and push your changes to your github repo, and then create a github pull request. Matt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
