On Wed, Apr 11, 2007, k b wrote:

> Hi,
> I'm trying to figure out if a particular cert that i receive has SHA1 or
> SHA256 as its signature algorithm.
>
> I know this could be done by using either i2t_ASN1_OBJECT(buffer,
> x509->sig_alg->algorithm) or i2a_ASN1_OBJECT(bio, x509->sig_alg->algorithm)
>
> The problem is, if the cert has sha1 sign algorithm i get a regular LN
> but if the cert has a sha256 sign algorithm get this 1.2.840.113549.1.1.11
> So my questions is :
> 1) Is there a better way to figure out if the cert is sha1 or sha256.
> 2) or is there a way I get an LN for a sha256 cert too.
>


Check out the docs for the OBJ functions. OBJ_obj2nid() returns an integer
identifier for all standard objects.

If you aren't getting a LN it is possible that the OID isn't included in
OpenSSL's table. Which version are you using? It isn't in 0.9.7 bit is in
in 0.9.8.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org