diff options
Diffstat (limited to 'upstream/debian-unstable/man7/provider-signature.7ssl')
| -rw-r--r-- | upstream/debian-unstable/man7/provider-signature.7ssl | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/upstream/debian-unstable/man7/provider-signature.7ssl b/upstream/debian-unstable/man7/provider-signature.7ssl index b950db32..1b5c0cdd 100644 --- a/upstream/debian-unstable/man7/provider-signature.7ssl +++ b/upstream/debian-unstable/man7/provider-signature.7ssl @@ -55,7 +55,7 @@ .\" ======================================================================== .\" .IX Title "PROVIDER-SIGNATURE 7SSL" -.TH PROVIDER-SIGNATURE 7SSL 2024-02-03 3.1.5 OpenSSL +.TH PROVIDER-SIGNATURE 7SSL 2024-04-04 3.2.2-dev OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -408,6 +408,17 @@ The length of the "digest-size" parameter should not exceed that of a \fBsize_t\ .IX Item """algorithm-id"" (OSSL_SIGNATURE_PARAM_ALGORITHM_ID) <octet string>" Gets the DER encoded AlgorithmIdentifier that corresponds to the combination of signature algorithm and digest algorithm for the signature operation. +.IP """nonce-type"" (\fBOSSL_SIGNATURE_PARAM_NONCE_TYPE\fR) <unsigned integer>" 4 +.IX Item """nonce-type"" (OSSL_SIGNATURE_PARAM_NONCE_TYPE) <unsigned integer>" +Set this to 1 to use deterministic digital signature generation with +ECDSA or DSA, as defined in RFC 6979 (see Section 3.2 "Generation of +k"). In this case, the "digest" parameter must be explicitly set +(otherwise, deterministic nonce generation will fail). Before using +deterministic digital signature generation, please read RFC 6979 +Section 4 "Security Considerations". The default value for +"nonce-type" is 0 and results in a random value being used for the +nonce \fBk\fR as defined in FIPS 186\-4 Section 6.3 "Secret Number +Generation". .IP """kat"" (\fBOSSL_SIGNATURE_PARAM_KAT\fR) <unsigned integer>" 4 .IX Item """kat"" (OSSL_SIGNATURE_PARAM_KAT) <unsigned integer>" Sets a flag to modify the sign operation to return an error if the initial @@ -467,7 +478,7 @@ All other functions should return 1 for success or 0 on error. The provider SIGNATURE interface was introduced in OpenSSL 3.0. .SH COPYRIGHT .IX Header "COPYRIGHT" -Copyright 2019\-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019\-2024 The OpenSSL Project Authors. All Rights Reserved. .PP Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy |