[openssl-users] [openssl-dev] pkeyutl does not invoke hash?

Jakob Bohm jb-openssl at wisemo.com
Thu Jan 14 20:37:24 UTC 2016

On 14/01/2016 20:52, Salz, Rich wrote:
> Okay, how about this.  First, remove the NOTES subhead.  Add this to the end of the first paragraph:
> 	This program does not hash the input data and requires the input data
> 	to be of the proper size, and must not be greater than the size of
> 	the public key field or modulus.  See dgst(1) for a unified
> 	Interace.
A unified interface to what.  I don't think the dgst command
does any signing.

Also, I agree there should be words like "the digest parameter
specifies that the signature should be formatted as if the input
was a digest of this type, e.g. by putting the OID of the digest
in the signature (for RSA PKCS#1 v1.5) or by using that digest
algorithm to do further formatting (for RSA PKCS#1 v2.1).  Not
specifying a digest allows using this command to perform the
raw private key operation on arbitrary data."

Adapt as applicable (e.g. if this only applies to some modes of
the pkeyutl command etc.).


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160114/0469756e/attachment.html>

More information about the openssl-users mailing list