On Friday 15 January 2016 00:02:43 Dr. Stephen Henson wrote: > On Thu, Jan 14, 2016, Blumenthal, Uri - 0553 - MITLL wrote: > > On 1/14/16, 16:51 , "openssl-dev on behalf of Dr. Stephen Henson" > > > > <openssl-dev-boun...@openssl.org on behalf of st...@openssl.org> wrote: > > >On Thu, Jan 14, 2016, Salz, Rich wrote: > > >> Okay, how about this. First, remove the NOTES subhead. Add this > > >> to > > >> > > >>the end of the first paragraph: > > >> This program does not hash the input data and requires the input > > >> data > > >> to be of the proper size, and must not be greater than the size > > >> of > > >> the public key field or modulus. See dgst(1) for a unified > > >> Interace. > > > > > >The comment about the public key field or modulus is only true for > > >some public > > >key algorithms (e.g. RSA). > > > > Public key modulus would be true for RSA and DSA. Field would be > > true for ECDSA (and I daresay EdDSA). What other signatures do we > > have? > For RSA the maximum size depends on the padding mode and is typically > less than the modulus. > > For ECDSA it can be exceed the field size: it is truncated in that > case.
True, but what should we put in the man page? Explain the above exactly, or just not mention the limit at all? -- Regards, Hubert Kario Senior Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev