doc: document the rsa_oaep_md: pkeyopt

This was missing but essential for using non-SHA1 digests with OAEP. Fixes #15998 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16410)
author: Pauli <pauli@openssl.org> 2021-08-25 10:06:11 +1000
committer: Pauli <pauli@openssl.org> 2021-08-26 10:34:01 +1000
commit: a291cfdfdee0cb40a684e1c379eff88ba43f784b (patch)
tree: e5ca133086ebdc4d1f59af786be144a83972e1fe
parent: 9698a56e82da0262146c0f74b40d132f99099850 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/man1/openssl-pkeyutl.pod.in b/doc/man1/openssl-pkeyutl.pod.in
index 06365ef76d..b0054ead66 100644
--- a/doc/man1/openssl-pkeyutl.pod.in
+++ b/doc/man1/openssl-pkeyutl.pod.in
@@ -262,6 +262,11 @@ B<PSS> block structure.
 For PSS and OAEP padding sets the MGF1 digest. If the MGF1 digest is not
 explicitly set in PSS mode then the signing digest is used.
 
+=item B<rsa_oaep_md:>I<digest>
+
+Sets the digest used for the OAEP hash function. If not explicitly set then
+SHA1 is used.
+
 =back
 
 =head1 RSA-PSS ALGORITHM
@@ -391,6 +396,11 @@ Verify some data using an L<SM2(7)> certificate and a specific ID:
  openssl pkeyutl -verify -certin -in file -inkey sm2.cert -sigfile sig \
     -rawin -digest sm3 -pkeyopt distid:someid
 
+Decrypt some data using a private key with OAEP padding using SHA256:
+
+ openssl pkeyutl -decrypt -in file -inkey key.pem -out secret \
+    -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256
+
 =head1 SEE ALSO
 
 L<openssl(1)>,
author	Pauli <pauli@openssl.org>	2021-08-25 10:06:11 +1000
committer	Pauli <pauli@openssl.org>	2021-08-26 10:34:01 +1000
commit	a291cfdfdee0cb40a684e1c379eff88ba43f784b (patch)
tree	e5ca133086ebdc4d1f59af786be144a83972e1fe
parent	9698a56e82da0262146c0f74b40d132f99099850 (diff)