From: James Muir Date: Wed, 10 Jan 2024 03:38:43 +0000 (-0500) Subject: doc: "digest" must be explicitly set with deterministic ECDSA/DSA X-Git-Tag: openssl-3.3.0-alpha1~334 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff7b32e1d7af590eab3163f0c6be7792876c36bc;p=thirdparty%2Fopenssl.git doc: "digest" must be explicitly set with deterministic ECDSA/DSA Fixes #23205 Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/23250) --- diff --git a/doc/man7/provider-signature.pod b/doc/man7/provider-signature.pod index 3e900677d31..38d3320d18c 100644 --- a/doc/man7/provider-signature.pod +++ b/doc/man7/provider-signature.pod @@ -365,12 +365,15 @@ signature algorithm and digest algorithm for the signature operation. =item "nonce-type" (B) -Set this to 1 to use a deterministic ECDSA or DSA digital signature as -defined in RFC #6979 (See Section 3.2 "Generation of k"). -The default value of 0 uses a random value for the nonce B as defined in -FIPS 186-4 Section 6.3 "Secret Number Generation". -Before using deterministic digital signature please read -RFC #6979 Section 4 "Security Considerations". +Set this to 1 to use deterministic digital signature generation with +ECDSA or DSA, as defined in RFC 6979 (see Section 3.2 "Generation of +k"). In this case, the "digest" parameter must be explicitly set +(otherwise, deterministic nonce generation will fail). Before using +deterministic digital signature generation, please read RFC 6979 +Section 4 "Security Considerations". The default value for +"nonce-type" is 0 and results in a random value being used for the +nonce B as defined in FIPS 186-4 Section 6.3 "Secret Number +Generation". =item "kat" (B)