Timestamp always uses SHA256 for hashing algorithm and ignores adobe sHashAlgo settings

Question

I have Adobe Acrobat Reader 22.003.20282 and trying to set SHA512 hash algorithm for timestamps in Adobe Reader. According to the documentation I've tried to set the sHashAlgo (hashing algorithm OID used to hash the data to be timestamped) registry settings in HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\Security\cASPKI\cAdobe_TSPProvider
For SHA512 I filled the sHashAlgo with string value 2.16.840.1.101.3.4.2.3

Problem is that if I set 2.16.840.1.101.3.4.2.3 in sHashAlgo the timestamp request from Adobe always contains SHA256 (OID 2.16.840.1.101.3.4.2.1) in messageImprint hashAlgorithm and not SHA512.
Appreciate any help,
Pavel

alexander_3102 · Answer

I know I'm necoing an old thread, but thought it may be useful for posterity. Basically, Adobe's documentation is wrong (misleading). To use SHA512 for timestamps under cAdobe_TSPProvider you'd need to create a new key sHashAlgo of REG_BINARY type (important!). Then you'd add the OID for SHA512, 2.16.840.1.101.3.4.2.3 on the left hand side. Then you go back to the binary pane and add an extra 00 as terminator. That should work.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded