From ccadde6e777d3e93cb57976bb8aadd1d9c8a5312 Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Fri, 1 Nov 2019 19:37:21 +0000 Subject: In rsa.h rev. 1.45, jsing@ provided the three macro constants RSA_PSS_SALTLEN_*; document them. The wording is a combination of our existing text and the wording in the OpenSSL 1.1.1 branch, which is still under a free license. --- src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 b/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 index dbfd9c16f6..c89ceec436 100644 --- a/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 +++ b/src/lib/libcrypto/man/RSA_pkey_ctx_ctrl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: RSA_pkey_ctx_ctrl.3,v 1.3 2019/11/01 13:53:25 schwarze Exp $ +.\" $OpenBSD: RSA_pkey_ctx_ctrl.3,v 1.4 2019/11/01 19:37:21 schwarze Exp $ .\" full merge up to: .\" OpenSSL man3/EVP_PKEY_CTX_ctrl.pod 99d63d46 Oct 26 13:56:48 2016 -0400 .\" OpenSSL man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod @@ -303,13 +303,21 @@ The .Fn EVP_PKEY_CTX_set_rsa_pss_saltlen macro sets the RSA PSS salt length to .Fa len . -Two special values are supported: -1 sets the salt length to the digest -length. -When signing -2 sets the salt length to the maximum permissible value. -When verifying -2 causes the salt length to be automatically determined -based on the PSS block structure. -If this macro is not called a salt length value of -2 is used by -default. +Three special values are supported: +.Dv RSA_PSS_SALTLEN_DIGEST +sets the salt length to the digest length. +.Dv RSA_PSS_SALTLEN_MAX +sets the salt length to the maximum permissible value. +When signing, +.Dv RSA_PSS_SALTLEN_AUTO +sets the salt length to the maximum permissible value. +When verifying, +.Dv RSA_PSS_SALTLEN_AUTO +causes the salt length to be automatically determined based on the +PSS block structure. +If this macro is not called, a salt length value of +.Dv RSA_PSS_SALTLEN_AUTO +is used by default. .Pp If the key has usage restrictions and an attempt is made to set the salt length below the minimum value, an error occurs. -- cgit v1.2.3-55-g6feb