Thanks folks, I had completely missed those.
By the way: a little grep shows -pss_saltlen is not as-is in the 0.9.9
HEAD but all it's features (including special saltlens -1 and -2) are
available through yet another -sigopt:
-sigopt rsa_pss_saltlen:N
where N is the saltlen value
snip from code:
/*
* Negative sLen has special meanings:
* -1 sLen == hLen
* -2 salt length is maximized
* -N reserved
*/
0.9.8 source code has these #define's for them, 0.9.9 does not (but
that doesn't matter for the functionality):
/*
saltlen == EVP_MD_CTX_FLAG_PSS_MDLEN ~ -1
saltlen == EVP_MD_CTX_FLAG_PSS_MREC ~ -2
*/
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--------------------------------------------------
web: http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
