Hide Forgot
+++ This bug was initially created as a clone of Bug #608639 +++ Description of problem: The various sub-commands of openssl that use digests only list a few older types and do not indicate there are more available. How reproducible: $ openssl x509 -h [snip] -md2/-md5/-sha1/-mdc2 - digest to use $ openssl req -h [snip] -[digest] Digest to sign with (md5, sha1, md2, mdc2, md4) $ man x509 [snip] -md2|-md5|-sha1|-mdc2 the digest to use. etc. And the dgst sub-command man page does not provide the full list of supported digests. Only by calling the dgst sub-command with an invalid parameter can one see the full list of digests available. -md5 to use the md5 message digest algorithm (default) -md4 to use the md4 message digest algorithm -md2 to use the md2 message digest algorithm -sha1 to use the sha1 message digest algorithm -sha to use the sha message digest algorithm -sha224 to use the sha224 message digest algorithm -sha256 to use the sha256 message digest algorithm -sha384 to use the sha384 message digest algorithm -sha512 to use the sha512 message digest algorithm -mdc2 to use the mdc2 message digest algorithm -ripemd160 to use the ripemd160 message digest algorithm Additional info: Since the list can change probably the best solution would be to have the various sub-commands indicate there are more digests available, and give the dgst a clearer method of listing the full list of those available.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1730.html