diff options
author | Matt Caswell <matt@openssl.org> | 2019-03-07 14:02:56 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2019-03-19 11:40:53 +0000 |
commit | 6a6d9ecd1dff669c162e8ab940dac5db2e82679d (patch) | |
tree | fb41c09c3f1dd76a01d1966b78b43d0b2e2e80ab | |
parent | 9537fe5757bb07761fa275d779bbd40bcf5530e4 (diff) |
Update pkeyutl documentation about the digest option
DSA can accept other digests other than SHA1. EC ignores the digest option
altogether.
Fixes #8425
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8432)
-rw-r--r-- | doc/man1/pkeyutl.pod | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/doc/man1/pkeyutl.pod b/doc/man1/pkeyutl.pod index 13af3277bf..033360f482 100644 --- a/doc/man1/pkeyutl.pod +++ b/doc/man1/pkeyutl.pod @@ -296,20 +296,19 @@ value less than the minimum restriction. =head1 DSA ALGORITHM The DSA algorithm supports signing and verification operations only. Currently -there are no additional options other than B<digest>. Only the SHA1 -digest can be used and this digest is assumed by default. +there are no additional B<-pkeyopt> options other than B<digest>. The SHA1 +digest is assumed by default. =head1 DH ALGORITHM The DH algorithm only supports the derivation operation and no additional -options. +B<-pkeyopt> options. =head1 EC ALGORITHM The EC algorithm supports sign, verify and derive operations. The sign and -verify operations use ECDSA and derive uses ECDH. Currently there are no -additional options other than B<digest>. Only the SHA1 digest can be used and -this digest is assumed by default. +verify operations use ECDSA and derive uses ECDH. SHA1 is assumed by default for +the B<-pkeyopt> B<digest> option. =head1 X25519 and X448 ALGORITHMS |