Fix PKCS7_sign and CMS_sign default hash documentation

Fixes #27291. See issue for details.

Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27292)

(cherry picked from commit 4f81470afadea3d1582d1df7f1b2b5e3ece63331)

diff --git a/doc/man3/CMS_sign.pod b/doc/man3/CMS_sign.pod
index 933f89a84bc44b4727afaaebb80d48bfa8e4066c..d8804c1d4edf5184f801c298280f7dce2d5f0b28 100644 (file)
--- a/doc/man3/CMS_sign.pod
+++ b/doc/man3/CMS_sign.pod
@@ -96,7 +96,7 @@ can be performed by obtaining the streaming ASN1 B<BIO> directly using
 BIO_new_CMS().
 
 If a signer is specified it will use the default digest for the signing
-algorithm. This is B<SHA1> for both RSA and DSA keys.
+algorithm. This is B<SHA256> for both RSA and DSA keys.
 
 If B<signcert> and B<pkey> are NULL then a certificates only CMS structure is
 output.

diff --git a/doc/man3/PKCS7_sign.pod b/doc/man3/PKCS7_sign.pod
index 1d997045fe142c5e965d34f7968f2c2147b1e9fa..f0f3941b33add39bddef039d4f1d392ac9d33ca4 100644 (file)
--- a/doc/man3/PKCS7_sign.pod
+++ b/doc/man3/PKCS7_sign.pod
@@ -80,7 +80,7 @@ can be performed by obtaining the streaming ASN1 B<BIO> directly using
 BIO_new_PKCS7().
 
 If a signer is specified it will use the default digest for the signing
-algorithm. This is B<SHA1> for both RSA and DSA keys.
+algorithm. This is B<SHA256> for both RSA and DSA keys.
 
 The I<certs>, I<signcert> and I<pkey> parameters can all be
 NULL if the B<PKCS7_PARTIAL> flag is set. One or more signers can be added