[openssl-dev] [openssl-users] pkeyutl does not invoke hash?
Dr. Stephen Henson
steve at openssl.org
Wed Jan 20 16:37:43 UTC 2016
On Wed, Jan 20, 2016, Blumenthal, Uri - 0553 - MITLL wrote:
> On 1/20/16, 5:10 , "Hubert Kario" <hkario at redhat.com> wrote:
>
> It appears to me that pkeyutl is more an instrument to access those
> primitive operations, unlike dgst that provides access to the ???true???
> (complete) signature function that includes hashing. So no matter what
> draft-josefsson-eddsa-ed25519-02 says, the hashing would have to be done
> in software, and the result passed to the token for the actual signing.
>
> >So, unless the above is false, I'd rather not add such absolute
> >statements.
>
> I see your point. Would leave the decision to you, in light of the above.
> Because the exact purpose of pkeyutl is unclear to me, I can???t insist.
>
> Assuming pkeyutl does provide access to the ???complete EdDSA function??? as
> specified in the draft above, one possibility is to add even more words,
> and explicitly state where the digest for sure is NOT invoked (RSA, DSA,
> ECDSA), and maybe where it is (EdDSA, maybe other future schemes)...
>
> >But please correct me if I'm wrong.
>
> Likewise. :-)
>
Well pkeyutl along with pkey and genpkey are algorithm neutral versions of
rsautl, rsa, genrsa. Underneath they access the EVP_PKEY APIs so what pkeyutl
does is largely governed by how those behave. So while there is some common
behaviour (e.g. if a digest is specified the input will be a raw digest with
length sanity checks) what happens in detail is determined by the algortihms
themselves.
Support for EdDSA isn't in OpenSSL yet (there are some issues to resolve in
order to decide how the API will work) so how that will precisely behave is
not yet defined.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-dev
mailing list