diff options
author | Rich Salz <rsalz@openssl.org> | 2015-12-12 19:25:25 -0500 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-12-12 19:25:25 -0500 |
commit | 9e8b6f042749ded556380227c9f2db7ffad9a3aa (patch) | |
tree | 394d88f261d0fd766f2af25696b62ae9e3fced9f /doc | |
parent | 40abdf8e395c0851adb87382388acf887d79ffc3 (diff) | |
download | openssl-9e8b6f042749ded556380227c9f2db7ffad9a3aa.tar.gz |
Use SHA256 not MD5 as default digest.
(Documentation update was in the MR but not the commit. Oops.)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/dgst.pod | 14 | ||||
-rw-r--r-- | doc/apps/enc.pod | 11 |
2 files changed, 22 insertions, 3 deletions
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod index 1b1a7e17fd..3c68ddd4af 100644 --- a/doc/apps/dgst.pod +++ b/doc/apps/dgst.pod @@ -2,12 +2,12 @@ =head1 NAME -dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md2, md4, md5, dss1 - message digests +dgst, sha, sha1, mdc2, ripemd160, sha224, sha256, sha384, sha512, md4, md5 - message digests =head1 SYNOPSIS B<openssl> B<dgst> -[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md2|-md4|-md5|-dss1>] +[B<-sha|-sha1|-mdc2|-ripemd160|-sha224|-sha256|-sha384|-sha512|-md4|-md5>] [B<-c>] [B<-d>] [B<-hex>] @@ -36,6 +36,13 @@ The digest functions output the message digest of a supplied file or files in hexadecimal. The digest functions also generate and verify digital signatures using message digests. +The generic name, B<dgst>, may be used with an option specifying the +algorithm to be used. +The default digest is I<sha256>. +The digest name may also be used as the command name. +To see the list of supported algorithms, use the <Ilist --digest-commands> +command. + =head1 OPTIONS =over 4 @@ -209,5 +216,8 @@ Hex signatures cannot be verified using B<openssl>. Instead, use "xxd -r" or similar program to transform the hex signature into a binary signature prior to verification. +=head1 HISTORY + +The default digest was chaned from MD5 to SHA256 in Openssl 1.1. =cut diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod index 8f7e1cb7f8..bcaa49f54a 100644 --- a/doc/apps/enc.pod +++ b/doc/apps/enc.pod @@ -22,7 +22,7 @@ B<openssl enc -ciphername> [B<-salt>] [B<-nosalt>] [B<-z>] -[B<-md>] +[B<-md digest>] [B<-p>] [B<-P>] [B<-bufsize number>] @@ -97,6 +97,11 @@ read the password to derive the key from the first line of B<filename>. This is for compatibility with previous versions of OpenSSL. Superseded by the B<-pass> argument. +=item B<-md digest> + +Use the specified digest to create the key from the passphrase. +The default algorithm is sha-256. + =item B<-nosalt> do not use a salt @@ -329,4 +334,8 @@ The B<enc> program only supports a fixed number of algorithms with certain parameters. So if, for example, you want to use RC2 with a 76 bit key or RC4 with an 84 bit key you can't use this program. +=head1 HISTORY + +The default digest was chaned from MD5 to SHA256 in Openssl 1.1. + =cut |