diff options
author | Hubert Kario <hkario@redhat.com> | 2016-02-01 11:14:34 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-02-01 11:14:34 -0500 |
commit | 53619f9f40740ae8b256998574758aa191635db8 (patch) | |
tree | d61f71e57c256165fbb0cc788b94376fdf690f86 /doc | |
parent | b69817449315f3818a8472468b3328ea755819db (diff) | |
download | openssl-53619f9f40740ae8b256998574758aa191635db8.tar.gz |
GH554: Improve pkeyutl doc
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/pkeyutl.pod | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod index a7b75e6c75..3c29b3a67c 100644 --- a/doc/apps/pkeyutl.pod +++ b/doc/apps/pkeyutl.pod @@ -137,6 +137,19 @@ Unless otherwise mentioned all algorithms support the B<digest:alg> option which specifies the digest in use for sign, verify and verifyrecover operations. The value B<alg> should represent a digest name as used in the EVP_get_digestbyname() function for example B<sha1>. +This value is used only for sanity-checking the lengths of data passed in to +the B<pkeyutl> and for creating the structures that make up the signature +(e.g. B<DigestInfo> in RSASSA PKCS#1 v1.5 signatures). +In case of RSA, ECDSA and DSA signatures, this utility +will not perform hashing on input data but rather use the data directly as +input of signature algorithm. Depending on key type, signature type and mode +of padding, the maximum acceptable lengths of input data differ. In general, +with RSA the signed data can't be longer than the key modulus, in case of ECDSA +and DSA the data shouldn't be longer than field size, otherwise it will be +silently truncated to field size. + +In other words, if the value of digest is B<sha1> the input should be 20 bytes +long binary encoding of SHA-1 hash function output. =head1 RSA ALGORITHM |