diff options
| author | tb <> | 2024-03-17 07:10:00 +0000 | 
|---|---|---|
| committer | tb <> | 2024-03-17 07:10:00 +0000 | 
| commit | ebd1b7f996341292ba9cf422de4db3d9afc32aec (patch) | |
| tree | cb438d8d5a23a69148e0a6f042dba0d35afb6328 /src/lib/libc/stdlib/random.c | |
| parent | a5410710b3b31b3d868f845571a1ef4b32ce9950 (diff) | |
| download | openbsd-ebd1b7f996341292ba9cf422de4db3d9afc32aec.tar.gz openbsd-ebd1b7f996341292ba9cf422de4db3d9afc32aec.tar.bz2 openbsd-ebd1b7f996341292ba9cf422de4db3d9afc32aec.zip | |
Annotate RSA-PSS SHA parameter encoding as wrong
A historic blunderfest in the ASN.1 module for RSA-PSS led to very
confusing text in various RFCs. davidben and my current reading of
this is that parameters for SHA-* should be encoded as an ASN.1 NULL
rather than omitted. The use of X509_ALGOR_set_evp_md() leads to them
being omitted, and is therefore counter to the specification (but
allowed. We should fix this. For now, leave a reminder.
See https://boringssl-review.googlesource.com/c/boringssl/+/67088
for a lot more details.
ok davidben
Diffstat (limited to 'src/lib/libc/stdlib/random.c')
0 files changed, 0 insertions, 0 deletions
