On 14/01/2016 20:52, Salz, Rich wrote: > Okay, how about this. First, remove the NOTES subhead. Add this to the end of the first paragraph: > > This program does not hash the input data and requires the input data > to be of the proper size, and must not be greater than the size of > the public key field or modulus. See dgst(1) for a unified > Interace. A unified interface to what. I don't think the dgst command does any signing. Also, I agree there should be words like "the digest parameter specifies that the signature should be formatted as if the input was a digest of this type, e.g. by putting the OID of the digest in the signature (for RSA PKCS#1 v1.5) or by using that digest algorithm to do further formatting (for RSA PKCS#1 v2.1). Not specifying a digest allows using this command to perform the raw private key operation on arbitrary data." Adapt as applicable (e.g. if this only applies to some modes of the pkeyutl command etc.). Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160114/0469756e/attachment.html>
