[openssl] master update

Dr. Paul Dale pauli at openssl.org
Sat Sep 21 11:20:52 UTC 2019


The branch master has been updated
       via  a941054ad7f5af9445896a37754ae451fad7ed98 (commit)
      from  387bbce45bfe9c0bccbd2c84206ca7719d463740 (commit)


- Log -----------------------------------------------------------------
commit a941054ad7f5af9445896a37754ae451fad7ed98
Author: Pauli <paul.dale at oracle.com>
Date:   Sat Sep 21 10:29:17 2019 +1000

    Note that the mac command is preferrable to the MAC command line options.
    
    The dgst command allows MACs to be calculated, the mac command is the more
    recent interface for doing the same and provides better access to a wider
    range of MACs.
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
    (Merged from https://github.com/openssl/openssl/pull/9962)

-----------------------------------------------------------------------

Summary of changes:
 doc/man1/openssl-dgst.pod | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/doc/man1/openssl-dgst.pod b/doc/man1/openssl-dgst.pod
index ed1a088e6e..5fb5128a02 100644
--- a/doc/man1/openssl-dgst.pod
+++ b/doc/man1/openssl-dgst.pod
@@ -123,6 +123,9 @@ The actual signature to verify.
 
 Create a hashed MAC using "key".
 
+The L<openssl-mac(1)> command should be preferred to using this command line
+option.
+
 =item B<-mac alg>
 
 Create MAC (keyed Message Authentication Code). The most popular MAC
@@ -131,6 +134,9 @@ which are not based on hash, for instance B<gost-mac> algorithm,
 supported by B<ccgost> engine. MAC keys and other options should be set
 via B<-macopt> parameter.
 
+The L<openssl-mac(1)> command should be preferred to using this command line
+option.
+
 =item B<-macopt nm:v>
 
 Passes options to MAC algorithm, specified by B<-mac> key.
@@ -152,6 +158,9 @@ for example exactly 32 chars for gost-mac.
 
 =back
 
+The L<openssl-mac(1)> command should be preferred to using this command line
+option.
+
 =item B<-rand file...>
 
 A file or files containing random data used to seed the random number
@@ -229,6 +238,13 @@ Hex signatures cannot be verified using B<openssl>.  Instead, use "xxd -r"
 or similar program to transform the hex signature into a binary signature
 prior to verification.
 
+The L<openssl-mac(1)> command is preferred over the B<-hmac>, B<-mac> and
+B<-macopt> command line options.
+
+=head1 SEE ALSO
+
+L<openssl-mac(1)>
+
 =head1 HISTORY
 
 The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.


More information about the openssl-commits mailing list