Bug 693858

Summary: man pages and help text do not list all digests
Product: Red Hat Enterprise Linux 6 Reporter: Tomas Mraz <tmraz>
Component: opensslAssignee: Tomas Mraz <tmraz>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: low Docs Contact:
Priority: low    
Version: 6.2CC: mpoole, mvadkert, pvrabec
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssl-1.0.0-15.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 608639 Environment:
Last Closed: 2011-12-06 18:08:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Tomas Mraz 2011-04-05 18:49:04 UTC 
+++ This bug was initially created as a clone of Bug #608639 +++

Description of problem:

The various sub-commands of openssl that use digests only list a few older types and do not indicate there are more available.

How reproducible:

$ openssl x509 -h
[snip]
 -md2/-md5/-sha1/-mdc2 - digest to use

$ openssl  req -h
[snip]
 -[digest]      Digest to sign with (md5, sha1, md2, mdc2, md4)

$ man x509
[snip]
   -md2|-md5|-sha1|-mdc2
           the digest to use.

etc.


And the dgst sub-command man page does not provide the full list of supported digests.

Only by calling the dgst sub-command with an invalid parameter can one see the full list of digests available.

-md5            to use the md5 message digest algorithm (default)
-md4            to use the md4 message digest algorithm
-md2            to use the md2 message digest algorithm
-sha1           to use the sha1 message digest algorithm
-sha            to use the sha message digest algorithm
-sha224         to use the sha224 message digest algorithm
-sha256         to use the sha256 message digest algorithm
-sha384         to use the sha384 message digest algorithm
-sha512         to use the sha512 message digest algorithm
-mdc2           to use the mdc2 message digest algorithm
-ripemd160      to use the ripemd160 message digest algorithm



Additional info:

Since the list can change probably the best solution would be to have the various sub-commands indicate there are more digests available, and give the dgst a clearer method of listing the full list of those available.
Comment 4 errata-xmlrpc 2011-12-06 18:08:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1730.html