Document that private and pairwise checks are not bounded by key size

Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24049) (cherry picked from commit 27005cecc75ec7a22a673d57fc35a11dea30ac0a)
author: Tomas Mraz <tomas@openssl.org> 2024-04-05 16:31:05 +0200
committer: Tomas Mraz <tomas@openssl.org> 2024-04-10 09:31:35 +0200
commit: 2be64a7dc14e11a8b546e739a7ef3ad16590b803 (patch)
tree: 5833e97a3b1e58b27280f15e3304d01dbb1623ce
parent: b32efb6f018e660281c8648f8a20cd1f53b0b7de (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/doc/man3/EVP_PKEY_check.pod b/doc/man3/EVP_PKEY_check.pod
index a16fdbbd50..198a0923c5 100644
--- a/doc/man3/EVP_PKEY_check.pod
+++ b/doc/man3/EVP_PKEY_check.pod
@@ -61,6 +61,11 @@ It is not necessary to call these functions after locally calling an approved ke
 generation method, but may be required for assurance purposes when receiving
 keys from a third party.
 
+The EVP_PKEY_pairwise_check() and EVP_PKEY_private_check() might not be bounded
+by any key size limits as private keys are not expected to be supplied by
+attackers. For that reason they might take an unbounded time if run on
+arbitrarily large keys.
+
 =head1 RETURN VALUES
 
 All functions return 1 for success or others for failure.
author	Tomas Mraz <tomas@openssl.org>	2024-04-05 16:31:05 +0200
committer	Tomas Mraz <tomas@openssl.org>	2024-04-10 09:31:35 +0200
commit	2be64a7dc14e11a8b546e739a7ef3ad16590b803 (patch)
tree	5833e97a3b1e58b27280f15e3304d01dbb1623ce
parent	b32efb6f018e660281c8648f8a20cd1f53b0b7de (diff)