Jump to content

SHA384 support on Windows 7?


Tripredacus

Recommended Posts

I am having some difficulty working with a driver because the countersignature cannot be read, and that uses SHA384. I read one various sites, such as this:

https://social.technet.microsoft.com/Forums/en-US/44f02720-ec1d-4ddd-a985-b1d1f23488ea/needed-2-ciphers-in-windows-7

That Windows 7 does not support SHA384 officially, but I was wondering if there is any known way of being able to read these types of certificates.

Link to comment
Share on other sites


It does , it's included in the updates, at least someone got it to work. Sorry , don't use win 7 myself to confirm.

"After installing today's patches. I found that the cipher suites, signature algorithms and elliptic curves on Windows 7 were updated. Document is here:

Microsoft Security Bulletin MS14-066 - Critical

https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-066

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

signature algorithms: SHA512/RSA, SHA512/ECDSA, SHA256/RSA, SHA384/RSA, SHA1/RSA, SHA256/ECDSA, SHA384/ECDSA, SHA1/ECDSA, SHA1/DSA"

https://success.qualys.com/discussions/s/question/0D52L00004TnujbSAB/microsoft-updated-the-cipher-suites-on-windows-7

Edited by Dixel
sec. link
Link to comment
Share on other sites

A little from both, I have now resolved this issue. It is weird because I'm certain I had previously installed some SHA2 support on that system already. I can read the certs now on the driver but still having an issue using them, it must be unrelated.

Link to comment
Share on other sites

12 hours ago, Tripredacus said:

I have now resolved this issue. It is weird because I'm certain I had previously installed some SHA2...

Could it be because they have different SHA-2 updates versions ? And ,as far as I know, they were later included inside of the big all-in-one rollup packs. 

Link to comment
Share on other sites

The August 2018 Windows 7 x64 ISO I got from Microsoft included the SHA-2 update.  That saved me the trouble of having to install it prior to installing the Nvidia video driver.

Link to comment
Share on other sites

There were at least 3 Windows 7 updates that claimed to add/update SHA-2 support in Windows 7:

And some more info here: https://aka.ms/sha1deprecation

Interestingly this Microsoft article mentions the 2019 update as the first one :dubbio:

Link to comment
Share on other sites

I had used KB2868725, KB4474419 v3 and KB4490628

The system is completely isolated on the network so it can't do things like update the root certificate list. Which I did download but there is no instruction on how to use it. I had gotten the link from Event Viewer as a log was made every time I looked at the cert on the file in question. These updates made that event log go away also.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...