doc: add documentation for -eddsa_no_verify_digested fipsinstall option

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25032)

diff --git a/doc/man1/openssl-fipsinstall.pod.in b/doc/man1/openssl-fipsinstall.pod.in
index 88e4a8a20c70f3d2b150ac4da22ac011d36db9cc..ba9229c894f2c898be0276b44df5c7f7a9be0fb2 100644 (file)
--- a/doc/man1/openssl-fipsinstall.pod.in
+++ b/doc/man1/openssl-fipsinstall.pod.in
@@ -23,6 +23,7 @@ B<openssl fipsinstall>
 [B<-no_conditional_errors>]
 [B<-no_security_checks>]
 [B<-ems_check>]
+[B<-eddsa_no_verify_digested>]
 [B<-no_drbg_truncated_digests>]
 [B<-hkdf_digest_check>]
 [B<-tls13_kdf_digest_check>]
@@ -202,6 +203,12 @@ Configure the module to enable a run-time Extended Master Secret (EMS) check
 when using the TLS1_PRF KDF algorithm. This check is disabled by default.
 See RFC 7627 for information related to EMS.
 
+=item B<-eddsa_no_verify_digested>
+
+Configure the module to not allow EdDSA to verify from a message digest
+directly.  Instead, EdDSA will digest the message itself.
+This check is disabled by default.
+
 =item B<-no_short_mac>
 
 Configure the module to not allow short MAC outputs.