openssl/openssl
在 GitHub 查看APPS/pkeyutl: loose ends from PR 22910 and 25831 and issue 25898
Open
#25,892 建立於 2024年11月6日
branch: masterhelp wantedtriaged: feature
倉庫指標
- Star
- (30,157 star)
- PR 合併指標
- (30 天內沒有已合併 PR)
描述
The following points are still open from our exchange on PRs #22910 and #25831 and issue #25898:
- whether it's worth/suitable to backport part of the commits of #22910,
in particular that
-digestand use of EdDSA implies-rawinfor convenience. - in case
-signor-verifyinput is not considered 'raw', how to make the check on the input length of the pure asymmetric signing operation more precise/correct - note that the existing comparison withEVP_MAX_MD_SIZE= 512 bits is too coarse for ECDSA (where input length typically is smaller) and too tight for RSA (where the possible input length typically is larger) - when using
-verifyrecover, how to add a to-the-point check on the size of-in, which is supposed to be a signature output - see #25898 - find and use a better alternative to:
EVP_PKEY_is_a(pkey, "ED25519") || EVP_PKEY_is_a(pkey, "ED448")for checking whether a signature algorithm expects raw (undigested) input or not as mentioned in https://github.com/openssl/openssl/pull/22910#issuecomment-2446512288 - Update: this item is meanwhile handled by #25958:
Further Improveopenssl-pkeyutl.pod.infor instance: