mirror of https://github.com/openssl/openssl
Document that private and pairwise checks are not bounded by key size
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24049)
This commit is contained in:
parent
9fc61ba0a7
commit
27005cecc7
|
@ -61,6 +61,11 @@ It is not necessary to call these functions after locally calling an approved ke
|
||||||
generation method, but may be required for assurance purposes when receiving
|
generation method, but may be required for assurance purposes when receiving
|
||||||
keys from a third party.
|
keys from a third party.
|
||||||
|
|
||||||
|
The EVP_PKEY_pairwise_check() and EVP_PKEY_private_check() might not be bounded
|
||||||
|
by any key size limits as private keys are not expected to be supplied by
|
||||||
|
attackers. For that reason they might take an unbounded time if run on
|
||||||
|
arbitrarily large keys.
|
||||||
|
|
||||||
=head1 RETURN VALUES
|
=head1 RETURN VALUES
|
||||||
|
|
||||||
All functions return 1 for success or others for failure.
|
All functions return 1 for success or others for failure.
|
||||||
|
|
Loading…
Reference in New Issue