From: Matt Caswell Date: Thu, 7 Mar 2019 14:02:56 +0000 (+0000) Subject: Update pkeyutl documentation about the digest option X-Git-Tag: OpenSSL_1_1_1c~91 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1913df42336ab90e2f6d6c21de186f64c409e8e5;p=oweals%2Fopenssl.git Update pkeyutl documentation about the digest option DSA can accept other digests other than SHA1. EC ignores the digest option altogether. Fixes #8425 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8432) (cherry picked from commit 6a6d9ecd1dff669c162e8ab940dac5db2e82679d) --- diff --git a/doc/man1/pkeyutl.pod b/doc/man1/pkeyutl.pod index 664dbef359..64d7912abc 100644 --- a/doc/man1/pkeyutl.pod +++ b/doc/man1/pkeyutl.pod @@ -272,20 +272,19 @@ value less than the minimum restriction. =head1 DSA ALGORITHM The DSA algorithm supports signing and verification operations only. Currently -there are no additional options other than B. Only the SHA1 -digest can be used and this digest is assumed by default. +there are no additional B<-pkeyopt> options other than B. The SHA1 +digest is assumed by default. =head1 DH ALGORITHM The DH algorithm only supports the derivation operation and no additional -options. +B<-pkeyopt> options. =head1 EC ALGORITHM The EC algorithm supports sign, verify and derive operations. The sign and -verify operations use ECDSA and derive uses ECDH. Currently there are no -additional options other than B. Only the SHA1 digest can be used and -this digest is assumed by default. +verify operations use ECDSA and derive uses ECDH. SHA1 is assumed by default for +the B<-pkeyopt> B option. =head1 X25519 and X448 ALGORITHMS