update comment with info re: 0.9.8

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-10-03 16:04:13 -0500
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-10-03 16:04:13 -0500
commit: bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b (patch)
tree: 94e77c10548aeb23abf409c8c7c04c0e427d43ea
parent: b181f2a57d57caaa6e53e193e88002a15e284fd0 (diff)
download: cryptography-bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b.tar.gz
cryptography-bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b.tar.bz2
cryptography-bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/cryptography/hazmat/backends/openssl/dsa.py b/cryptography/hazmat/backends/openssl/dsa.py
index 4b5ca59c..3fb67a5d 100644
--- a/cryptography/hazmat/backends/openssl/dsa.py
+++ b/cryptography/hazmat/backends/openssl/dsa.py
@@ -28,7 +28,8 @@ def _truncate_digest_for_dsa(dsa_cdata, digest, backend):
     This function truncates digests that are longer than a given DS
     key's length so they can be signed. OpenSSL does this for us in
     1.0.0c+ and it isn't needed in 0.9.8, but that leaves us with three
-    releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem.
+    releases (1.0.0, 1.0.0a, and 1.0.0b) where this is a problem. This
+    truncation is not required in 0.9.8 because DSA is limited to SHA-1.
     """
 
     order_bits = backend._lib.BN_num_bits(dsa_cdata.q)
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-10-03 16:04:13 -0500
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-10-03 16:04:13 -0500
commit	bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b (patch)
tree	94e77c10548aeb23abf409c8c7c04c0e427d43ea
parent	b181f2a57d57caaa6e53e193e88002a15e284fd0 (diff)
download	cryptography-bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b.tar.gz cryptography-bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b.tar.bz2 cryptography-bb20dd5fb7d55f4ccea3dd5a3a32536722d3456b.zip