crypto/rsa: clarify comment on maximum message length.

See https://groups.google.com/d/topic/golang-nuts/stbum5gZbAc/discussion Change-Id: I2e78e8d0dadd78c8b0389514cad3c45d061b663b Reviewed-on: https://go-review.googlesource.com/29496Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

crypto/rsa: clarify comment on maximum message length.
See https://groups.google.com/d/topic/golang-nuts/stbum5gZbAc/discussion Change-Id: I2e78e8d0dadd78c8b0389514cad3c45d061b663b Reviewed-on: https://go-review.googlesource.com/29496Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
a7dc821d · Nigel Tao · 9e028b70 · a7dc821d
Commit a7dc821d authored Sep 22, 2016 by Nigel Tao
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

rsa.go src/crypto/rsa/rsa.go +2 -2

No files found.
--- a/src/crypto/rsa/rsa.go
+++ b/src/crypto/rsa/rsa.go
@@ -362,8 +362,8 @@ func encrypt(c *big.Int, pub *PublicKey, m *big.Int) *big.Int {
 // values could be used to ensure that a ciphertext for one purpose cannot be
 // used for another by an attacker. If not required it can be empty.
 //
-// The message must be no longer than the length of the public modulus less
-// twice the hash length plus 2.
+// The message must be no longer than the length of the public modulus minus
+// twice the hash length, minus a further 2.
 func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, label []byte) ([]byte, error) {
 	if err := checkPub(pub); err != nil {
 		return nil, err