Timestamp always uses SHA256 for hashing algorithm and ignores adobe sHashAlgo settings

Report · Dec 29, 2022

I have Adobe Acrobat Reader 22.003.20282 and trying to set SHA512 hash algorithm for timestamps in Adobe Reader. According to the documentation I've tried to set the sHashAlgo (hashing algorithm OID used to hash the data to be timestamped) registry settings in HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\Security\cASPKI\cAdobe_TSPProvider
For SHA512 I filled the sHashAlgo with string value 2.16.840.1.101.3.4.2.3

Problem is that if I set 2.16.840.1.101.3.4.2.3 in sHashAlgo the timestamp request from Adobe always contains SHA256 (OID 2.16.840.1.101.3.4.2.1) in messageImprint hashAlgorithm and not SHA512.
Appreciate any help,
Pavel

Report · Jan 02, 2023

Try the forum for Acrobat Reader.

Report · Oct 06, 2024

I know I'm necoing an old thread, but thought it may be useful for posterity. Basically, Adobe's documentation is wrong (misleading). To use SHA512 for timestamps under cAdobe_TSPProvider you'd need to create a new key sHashAlgo of REG_BINARY type (important!). Then you'd add the OID for SHA512, 2.16.840.1.101.3.4.2.3 on the left hand side. Then you go back to the binary pane and add an extra 00 as terminator. That should work.

Report · Oct 06, 2024

Sorry: on the left hand side -> on the right hand side

Timestamp always uses SHA256 for hashing algorithm and ignores adobe sHashAlgo settings

Photos