Morning,
I'm currently trying to reject certificate chains which rely on MD5 and SHA-1 for signatures. I found SSL_get0_verified_chain which could be used to walk the chain and reject if there's any MD5 / SHA-1 certificate in there, except for the last one, which is trusted because of the public key instead of based on the signature, so a weak signature algorithm doesn't have any impact there.
Unfortunately, SSL_get0_verified_chain is only available in OpenSSL 1.1, but not in OpenSSL 1.0.1 or 1.0.2, which both have to be supported. With OpenSSL 1.1, we could also just use "auth_level" and be done.
What's the best way / a working way to reject weak signature schemes in OpenSSL 1.0.{1,2}?
Regards, Niklas
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
