diff options
author | Pauli <pauli@openssl.org> | 2021-08-25 10:06:11 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-08-26 10:34:01 +1000 |
commit | a291cfdfdee0cb40a684e1c379eff88ba43f784b (patch) | |
tree | e5ca133086ebdc4d1f59af786be144a83972e1fe | |
parent | 9698a56e82da0262146c0f74b40d132f99099850 (diff) |
doc: document the rsa_oaep_md: pkeyopt
This was missing but essential for using non-SHA1 digests with OAEP.
Fixes #15998
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16410)
-rw-r--r-- | doc/man1/openssl-pkeyutl.pod.in | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/doc/man1/openssl-pkeyutl.pod.in b/doc/man1/openssl-pkeyutl.pod.in index 06365ef76d..b0054ead66 100644 --- a/doc/man1/openssl-pkeyutl.pod.in +++ b/doc/man1/openssl-pkeyutl.pod.in @@ -262,6 +262,11 @@ B<PSS> block structure. For PSS and OAEP padding sets the MGF1 digest. If the MGF1 digest is not explicitly set in PSS mode then the signing digest is used. +=item B<rsa_oaep_md:>I<digest> + +Sets the digest used for the OAEP hash function. If not explicitly set then +SHA1 is used. + =back =head1 RSA-PSS ALGORITHM @@ -391,6 +396,11 @@ Verify some data using an L<SM2(7)> certificate and a specific ID: openssl pkeyutl -verify -certin -in file -inkey sm2.cert -sigfile sig \ -rawin -digest sm3 -pkeyopt distid:someid +Decrypt some data using a private key with OAEP padding using SHA256: + + openssl pkeyutl -decrypt -in file -inkey key.pem -out secret \ + -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 + =head1 SEE ALSO L<openssl(1)>, |