On Friday 15 January 2016 00:02:43 Dr. Stephen Henson wrote:
> On Thu, Jan 14, 2016, Blumenthal, Uri - 0553 - MITLL wrote:
> > On 1/14/16, 16:51 , "openssl-dev on behalf of Dr. Stephen Henson"
> > 
> > <openssl-dev-boun...@openssl.org on behalf of st...@openssl.org> 
wrote:
> > >On Thu, Jan 14, 2016, Salz, Rich wrote:
> > >> Okay, how about this.  First, remove the NOTES subhead.  Add this
> > >> to
> > >>
> > >>the end of the first paragraph:
> > >>  This program does not hash the input data and requires the input
> > >>  data
> > >>  to be of the proper size, and must not be greater than the size
> > >>  of
> > >>  the public key field or modulus.  See dgst(1) for a unified
> > >>  Interace.
> > >
> > >The comment about the public key field or modulus is only true for
> > >some public
> > >key algorithms (e.g. RSA).
> > 
> > Public key modulus would be true for RSA and DSA. Field would be
> > true for ECDSA (and I daresay EdDSA). What other signatures do we
> > have?
> For RSA the maximum size depends on the padding mode and is typically
> less than the modulus.
> 
> For ECDSA it can be exceed the field size: it is truncated in that
> case.

True, but what should we put in the man page? Explain the above exactly, 
or just not mention the limit at all?

-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to