doc: document pkcs15-padding-disabled param for RSA

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25070)

diff --git a/doc/man7/EVP_ASYM_CIPHER-RSA.pod b/doc/man7/EVP_ASYM_CIPHER-RSA.pod
index 005a20f82fe711ae249c9e4da63d98e547b3f13e..91de46d80dadef16aaf84643a13b250cf81d2b63 100644 (file)
--- a/doc/man7/EVP_ASYM_CIPHER-RSA.pod
+++ b/doc/man7/EVP_ASYM_CIPHER-RSA.pod
@@ -25,6 +25,10 @@ The default provider understands these RSA padding modes in string form:
 
 =item "pkcs1" (B<OSSL_PKEY_RSA_PAD_MODE_PKCSV15>)
 
+This padding mode is no longer supported by the FIPS provider for key
+agreement and key transport.
+(This is a FIPS 140-3 requirement)
+
 =item "x931" (B<OSSL_PKEY_RSA_PAD_MODE_X931>)
 
 =back
@@ -37,6 +41,10 @@ The default provider understands these RSA padding modes in integer form:
 
 =item 1 (B<RSA_PKCS1_PADDING>)
 
+This padding mode is no longer supported by the FIPS provider for key
+agreement and key transport.
+(This is a FIPS 140-3 requirement)
+
 =item 3 (B<RSA_NO_PADDING>)
 
 =item 4 (B<RSA_PKCS1_OAEP_PADDING>)
@@ -71,6 +79,11 @@ See B<RSA_PKCS1_WITH_TLS_PADDING> on the page L<EVP_PKEY_CTX_set_rsa_padding(3)>
 
 See L<provider-asym_cipher(7)/Asymmetric Cipher Parameters> for more information.
 
+=item "pkcs15-padding-disabled" (B<OSSL_ASYM_CIPHER_PARAM_PKCS15_PADDING_DISABLED>) <integer>
+
+If nonzero, PKCS#1 version 1.5 padding is disabled.
+This option is used by the OpenSSL FIPS provider.
+
 =back
 
 =head1 SEE ALSO