*) Added HTTP GET support to the ocsp command.
[Rich Salz]
+ *) Changed default digest for the dgst and enc commands from MD5 to
+ sha256
+ [Rich Salz]
+
*) RAND_pseudo_bytes has been deprecated. Users should use RAND_bytes instead.
[Matt Caswell]
=head1 NAME
-dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests
+dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5 - message digests
=head1 SYNOPSIS
B<openssl> B<dgst>
-[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>]
+[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md4|-md5>]
[B<-c>]
[B<-d>]
[B<-hex>]
in hexadecimal. The digest functions also generate and verify digital
signatures using message digests.
+The generic name, B<dgst>, may be used with an option specifying the
+algorithm to be used.
+The default digest is I<sha256>.
+The digest name may also be used as the command name.
+To see the list of supported algorithms, use the <Ilist --digest-commands>
+command.
+
=head1 OPTIONS
=over 4
or similar program to transform the hex signature into a binary signature
prior to verification.
+=head1 HISTORY
+
+The default digest was chaned from MD5 to SHA256 in Openssl 1.1.
=cut
[B<-salt>]
[B<-nosalt>]
[B<-z>]
-[B<-md>]
+[B<-md digest>]
[B<-p>]
[B<-P>]
[B<-bufsize number>]
This is for compatibility with previous versions of OpenSSL. Superseded by
the B<-pass> argument.
+=item B<-md digest>
+
+Use the specified digest to create the key from the passphrase.
+The default algorithm is sha-256.
+
=item B<-nosalt>
do not use a salt
certain parameters. So if, for example, you want to use RC2 with a
76 bit key or RC4 with an 84 bit key you can't use this program.
+=head1 HISTORY
+
+The default digest was chaned from MD5 to SHA256 in Openssl 1.1.
+
=cut