[openssl-dev] [openssl-users] pkeyutl does not invoke hash?
Hubert Kario
hkario at redhat.com
Wed Jan 20 10:10:27 UTC 2016
On Tuesday 19 January 2016 22:16:23 Blumenthal, Uri - 0553 - MITLL
wrote:
> Looks good. I might add an *explicit* statement “pkeyutl does not
> invoke the specified digest function”.
>
> Yes I realize it could be seen as repetitive. I’d much rather be
> repetitive than risk misunderstanding. And there are no praises for
> the shortest man page. :-)
I don't want to do that because AFAIK, for Ed25519 and Ed448 the hash
*is* integral part of the signature process and you pass *the whole*
message-to-be-signed to the signature function, not its hash.
So, unless the above is false, I'd rather not add such absolute
statements.
But please correct me if I'm wrong.
> >On Monday 18 January 2016 19:22:19 Blumenthal, Uri - 0553 - MITLL
wrote:
> >> My preference would be to explain exactly - to avoid confusion and
> >> problems arising from possible misunderstanding.
> >>
> >> As I said, however, I can live with either - as by now *I* at least
> >> understand what this code does. ;-)
> >>
> >> But it doesn't seem fair for those who did not benefit from
> >> studying
> >> the piles of openssl-users and openssl-dev archives.
> >
> >OK, I've updated the PR: https://github.com/openssl/openssl/pull/554
> >https://github.com/tomato42/openssl/commit/f37b5e639e57c2d4c3b404c24e
> >cb11b 8ec627e9b
> >
> >> Sent from my BlackBerry 10 smartphone on the
> >> Verizon Wireless 4G LTE network. Original Message
> >> From: Hubert Kario
> >> Sent: Monday, January 18, 2016 06:23
> >> To: openssl-dev at openssl.org
> >> Reply To: openssl-dev at openssl.org
> >> Subject: Re: [openssl-dev] [openssl-users] pkeyutl does not invoke
> >> hash?
> >>
> >> On Friday 15 January 2016 00:02:43 Dr. Stephen Henson wrote:
> >> > On Thu, Jan 14, 2016, Blumenthal, Uri - 0553 - MITLL wrote:
> >> > > On 1/14/16, 16:51 , "openssl-dev on behalf of Dr. Stephen
> >> > > Henson"
> >> > >
> >> > > <openssl-dev-bounces at openssl.org on behalf of
> >> > > steve at openssl.org>
> >>
> >> wrote:
> >> > > >On Thu, Jan 14, 2016, Salz, Rich wrote:
> >> > > >> Okay, how about this. First, remove the NOTES subhead. Add
> >> > > >> this
> >> > > >> to
> >> > > >>
> >> > > >>the end of the first paragraph:
> >> > > >> This program does not hash the input data and requires the
> >> > > >> input
> >> > > >> data
> >> > > >> to be of the proper size, and must not be greater than the
> >> > > >> size
> >> > > >> of
> >> > > >> the public key field or modulus. See dgst(1) for a unified
> >> > > >> Interace.
> >> > > >
> >> > > >The comment about the public key field or modulus is only true
> >> > > >for
> >> > > >some public
> >> > > >key algorithms (e.g. RSA).
> >> > >
> >> > > Public key modulus would be true for RSA and DSA. Field would
> >> > > be
> >> > > true for ECDSA (and I daresay EdDSA). What other signatures do
> >> > > we
> >> > > have?
> >> >
> >> > For RSA the maximum size depends on the padding mode and is
> >> > typically
> >> > less than the modulus.
> >> >
> >> > For ECDSA it can be exceed the field size: it is truncated in
> >> > that
> >> > case.
> >>
> >> True, but what should we put in the man page? Explain the above
> >> exactly, or just not mention the limit at all?
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160120/1d045375/attachment.sig>
More information about the openssl-dev
mailing list