From 6a6d9ecd1dff669c162e8ab940dac5db2e82679d Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 7 Mar 2019 14:02:56 +0000 Subject: [PATCH] Update pkeyutl documentation about the digest option DSA can accept other digests other than SHA1. EC ignores the digest option altogether. Fixes #8425 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/8432) --- doc/man1/pkeyutl.pod | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/doc/man1/pkeyutl.pod b/doc/man1/pkeyutl.pod index 13af3277bf..033360f482 100644 --- a/doc/man1/pkeyutl.pod +++ b/doc/man1/pkeyutl.pod @@ -296,20 +296,19 @@ value less than the minimum restriction. =head1 DSA ALGORITHM The DSA algorithm supports signing and verification operations only. Currently -there are no additional options other than B. Only the SHA1 -digest can be used and this digest is assumed by default. +there are no additional B<-pkeyopt> options other than B. The SHA1 +digest is assumed by default. =head1 DH ALGORITHM The DH algorithm only supports the derivation operation and no additional -options. +B<-pkeyopt> options. =head1 EC ALGORITHM The EC algorithm supports sign, verify and derive operations. The sign and -verify operations use ECDSA and derive uses ECDH. Currently there are no -additional options other than B. Only the SHA1 digest can be used and -this digest is assumed by default. +verify operations use ECDSA and derive uses ECDH. SHA1 is assumed by default for +the B<-pkeyopt> B option. =head1 X25519 and X448 ALGORITHMS