On Fri, Nov 30, 2012, Michel wrote: > Before trying to use it, I was misleaded by the documentation (and > the example) of the EVP_PKEY_sign() call at : > http://www.openssl.org/docs/crypto/EVP_PKEY_sign.html >
I'll add a clarification to the manual page. > What is not yet clear to me is : > if the input is a previously calculated digest, what is the use of > the EVP_PKEY_CTX_set_signature_md() call in the example ? > The main reason is that some algorithms (currently only RSA) need to know the message digest algorithm to prepare the signature. The value can also be used as a sanity check to see the digest length is correct (though not all algorithms currently do this). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org