boringssl

History

David Benjamin a36255cd4d Fix RSA-PSS documentation. -2 is really weird. On sign, it's maximal length. On verify, it actually accepts all lengths. This sounds somewhat questionable to me, but just document the state of the world for now. Also add a recommendation to use -1 (match digest length) to align with TLS 1.3, tokbind, and QUIC Crypto. Hopefully the first two is sufficient that the IETF will forever use this option and stop the proliferation of RSA-PSS parameters. Change-Id: Ie0ad7ad451089df0e18d6413d1b21c5aaad9d0f2 Reviewed-on: https://boringssl-review.googlesource.com/12823 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>	2016-12-16 17:17:38 +00:00
..
openssl	Fix RSA-PSS documentation.	2016-12-16 17:17:38 +00:00

David Benjamin a36255cd4d Fix RSA-PSS documentation.

-2 is really weird. On sign, it's maximal length. On verify, it actually
accepts all lengths. This sounds somewhat questionable to me, but just
document the state of the world for now. Also add a recommendation to
use -1 (match digest length) to align with TLS 1.3, tokbind, and QUIC
Crypto. Hopefully the first two is sufficient that the IETF will forever
use this option and stop the proliferation of RSA-PSS parameters.

Change-Id: Ie0ad7ad451089df0e18d6413d1b21c5aaad9d0f2
Reviewed-on: https://boringssl-review.googlesource.com/12823
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

2016-12-16 17:17:38 +00:00

openssl

Fix RSA-PSS documentation.

2016-12-16 17:17:38 +00:00