From bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 3 Oct 2014 16:04:13 -0500 Subject: update comment with info re: 0.9.8 --- cryptography/hazmat/backends/openssl/dsa.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cryptography/hazmat/backends/openssl/dsa.py b/cryptography/hazmat/backends/openssl/dsa.py index 4b5ca59c..3fb67a5d 100644 --- a/cryptography/hazmat/backends/openssl/dsa.py +++ b/cryptography/hazmat/backends/openssl/dsa.py @@ -28,7 +28,8 @@ def _truncate_digest_for_dsa(dsa_cdata, digest, backend): This function truncates digests that are longer than a given DS key's length so they can be signed. OpenSSL does this for us in 1.0.0c+ and it isn't needed in 0.9.8, but that leaves us with three - releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem. + releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem. This + truncation is not required in 0.9.8 because DSA is limited to SHA-1. """ order_bits = backend._lib.BN_num_bits(dsa_cdata.q) -- cgit v1.2.3