Determining OpenSSL’s Default Public Key Message Digest Algorithm When default_md is Set to “default”


2 views

In OpenSSL's configuration system, when default_md is set to simply "default", the actual digest algorithm used depends on the OpenSSL version and build configuration. You can inspect this without certificate generation through several methods:

openssl list -digest-algorithms
# Typical output for modern OpenSSL:
# SHA256 => SHA2-256
# SHA384 => SHA2-384
# ...

For different OpenSSL versions, the default MD varies:

  • OpenSSL 1.1.1+: SHA-256
  • OpenSSL 1.0.2: SHA-1 (though many distributions patch this to SHA-256)
  • OpenSSL 3.0: SHA-256 with FIPS mode potentially changing this

To check programmatically in C:

#include <openssl/evp.h>
#include <stdio.h>

int main() {
    const EVP_MD *md = EVP_get_digestbyname("default");
    if (!md) {
        printf("No default digest available\n");
        return 1;
    }
    printf("Default digest: %s\n", OBJ_nid2sn(EVP_MD_type(md)));
    return 0;
}

The actual default is compiled into OpenSSL, but you can check your system's effective default by examining the active config:

openssl conf
# Look for lines containing:
# default_md = sha256
# or similar in the output

When generating certificates through the command line, you can see the default in action:

openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365 -subj '/CN=test'
openssl x509 -in cert.pem -noout -text | grep 'Signature Algorithm'
# Will typically show sha256WithRSAEncryption

When working with OpenSSL configurations, you may encounter the default_md parameter set to default in openssl.cnf. This setting controls the default message digest algorithm used for public key operations, but doesn't explicitly reveal which specific algorithm is being used.

You can discover the actual default message digest algorithm through these methods:

# Method 1: Query using openssl command
openssl list -digest-commands

# Method 2: Check the configuration file
grep -A 5 "$$default_md$$" /usr/lib/ssl/openssl.cnf

# Method 3: Alternatively, for modern OpenSSL versions
openssl dgst -list

The default MD algorithm typically follows these patterns:

  • OpenSSL 1.1.1+: SHA-256
  • OpenSSL 1.0.2: SHA-1 (with warnings)
  • OpenSSL 3.0: SHA-256 with FIPS mode considerations

To override the default in your operations:

openssl req -new -newkey rsa:2048 -nodes -keyout server.key \
-out server.csr -sha256 -config openssl.cnf

Look for these sections in your openssl.cnf:

[ req ]
default_md = sha256

[ ca ]
default_md = sha256

Programmatically check defaults using OpenSSL's EVP interface:

#include <openssl/evp.h>

const EVP_MD *default_md = EVP_get_digestbyname("default");
if (default_md) {
    printf("Default MD: %s\n", EVP_MD_name(default_md));
}

Remember that using weak hash algorithms (like MD5 or SHA-1) for public keys can create security vulnerabilities. Always verify your OpenSSL version's defaults before production deployment.