The wrong header file was given for EVP_PKEY_CTX_set_signature_md(3).

Also clarify to which algorithms it applies.
From Matt Caswell <matt at openssl dot org>
via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000.

Document
EVP_PKEY_CTX_get_rsa_padding(3), EVP_PKEY_CTX_get_rsa_pss_saltlen(3),
EVP_PKEY_CTX_set_rsa_mgf1_md(3), and EVP_PKEY_CTX_get_rsa_mgf1_md(3).
From Antoine Salon <asalon at vmware dot com>
via OpenSSL commit 87103969 Oct 1 14:11:57 2018 -0700
from the OpenSSL_1_1_1-stable branch, which is still under a free license.

1 files changed, 69 insertions, 13 deletions

diff --git a/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 b/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
index 8462da6d46..a49c31cd67 100644
--- a/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
+++ b/src/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
@@ -1,9 +1,9 @@
-.\"     $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.11 2018/03/23 23:18:17 schwarze Exp $
-.\"     OpenSSL EVP_PKEY_CTX_ctrl.pod 1722496f Jun 8 15:18:38 2017 -0400
-.\"     OpenSSL EVP_PKEY_CTX_ctrl.pod e03af178 Dec 11 17:05:57 2014 -0500
+.\" $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.12 2018/12/21 23:51:42 schwarze Exp $
+.\" full merge up to: OpenSSL e03af178 Dec 11 17:05:57 2014 -0500
+.\" selective merge up to: OpenSSL df75c2bf Dec 9 01:02:36 2018 +0100
 .\"
 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
-.\" Copyright (c) 2006, 2009, 2013, 2014, 2015 The OpenSSL Project.
+.\" Copyright (c) 2006, 2009, 2013, 2014, 2015, 2018 The OpenSSL Project.
 .\" All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 23 2018 $
+.Dd $Mdocdate: December 21 2018 $
 .Dt EVP_PKEY_CTX_CTRL 3
 .Os
 .Sh NAME
@@ -58,9 +58,13 @@
 .Nm EVP_PKEY_CTX_ctrl_str ,
 .Nm EVP_PKEY_CTX_set_signature_md ,
 .Nm EVP_PKEY_CTX_set_rsa_padding ,
+.Nm EVP_PKEY_CTX_get_rsa_padding ,
 .Nm EVP_PKEY_CTX_set_rsa_pss_saltlen ,
+.Nm EVP_PKEY_CTX_get_rsa_pss_saltlen ,
 .Nm EVP_PKEY_CTX_set_rsa_keygen_bits ,
 .Nm EVP_PKEY_CTX_set_rsa_keygen_pubexp ,
+.Nm EVP_PKEY_CTX_set_rsa_mgf1_md ,
+.Nm EVP_PKEY_CTX_get_rsa_mgf1_md ,
 .Nm EVP_PKEY_CTX_set_dsa_paramgen_bits ,
 .Nm EVP_PKEY_CTX_set_dh_paramgen_prime_len ,
 .Nm EVP_PKEY_CTX_set_dh_paramgen_generator ,
@@ -83,23 +87,33 @@
 .Fa "const char *type"
 .Fa "const char *value"
 .Fc
-.In openssl/rsa.h
 .Ft int
 .Fo EVP_PKEY_CTX_set_signature_md
 .Fa "EVP_PKEY_CTX *ctx"
 .Fa "const EVP_MD *md"
 .Fc
+.In openssl/rsa.h
 .Ft int
 .Fo EVP_PKEY_CTX_set_rsa_padding
 .Fa "EVP_PKEY_CTX *ctx"
 .Fa "int pad"
 .Fc
 .Ft int
+.Fo EVP_PKEY_CTX_get_rsa_padding
+.Fa "EVP_PKEY_CTX *ctx"
+.Fa "int *ppad"
+.Fc
+.Ft int
 .Fo EVP_PKEY_CTX_set_rsa_pss_saltlen
 .Fa "EVP_PKEY_CTX *ctx"
 .Fa "int len"
 .Fc
 .Ft int
+.Fo EVP_PKEY_CTX_get_rsa_pss_saltlen
+.Fa "EVP_PKEY_CTX *ctx"
+.Fa "int *plen"
+.Fc
+.Ft int
 .Fo EVP_PKEY_CTX_set_rsa_keygen_bits
 .Fa "EVP_PKEY_CTX *ctx"
 .Fa "int mbits"
@@ -109,6 +123,16 @@
 .Fa "EVP_PKEY_CTX *ctx"
 .Fa "BIGNUM *pubexp"
 .Fc
+.Ft int
+.Fo EVP_PKEY_CTX_set_rsa_mgf1_md
+.Fa "EVP_PKEY_CTX *ctx"
+.Fa "const EVP_MD *md"
+.Fc
+.Ft int
+.Fo EVP_PKEY_CTX_get_rsa_mgf1_md
+.Fa "EVP_PKEY_CTX *ctx"
+.Fa "const EVP_MD **pmd"
+.Fc
 .In openssl/dsa.h
 .Ft int
 .Fo EVP_PKEY_CTX_set_dsa_paramgen_bits
@@ -179,12 +203,11 @@ All the remaining "functions" are implemented as macros.
 The
 .Fn EVP_PKEY_CTX_set_signature_md
 macro sets the message digest type used in a signature.
-It can be used with any public key algorithm supporting signature
-operations.
-.Pp
-The macro
+It can be used with the RSA, DSA, and ECDSA algorithms.
+.Ss RSA parameters
+The
 .Fn EVP_PKEY_CTX_set_rsa_padding
-sets the RSA padding mode for
+macro sets the RSA padding mode for
 .Fa ctx .
 The
 .Fa pad
@@ -216,6 +239,11 @@ If it is not called then the first byte of the plaintext buffer is
 expected to be the algorithm identifier byte.
 .Pp
 The
+.Fn EVP_PKEY_CTX_get_rsa_padding
+macro retrieves the RSA padding mode for
+.Fa ctx .
+.Pp
+The
 .Fn EVP_PKEY_CTX_set_rsa_pss_saltlen
 macro sets the RSA PSS salt length to
 .Fa len .
@@ -229,6 +257,13 @@ If this macro is not called a salt length value of -2 is used by
 default.
 .Pp
 The
+.Fn EVP_PKEY_CTX_get_rsa_pss_saltlen
+macro retrieves the RSA PSS salt length for
+.Fa ctx .
+The padding mode must have been set to
+.Dv RSA_PKCS1_PSS_PADDING .
+.Pp
+The
 .Fn EVP_PKEY_CTX_set_rsa_keygen_bits
 macro sets the RSA key length for RSA key generation to
 .Fa mbits .
@@ -245,17 +280,38 @@ pointer is used internally by this function, so it should not be modified
 or freed after the call.
 If this macro is not called, then 65537 is used.
 .Pp
+The
+.Fn EVP_PKEY_CTX_set_rsa_mgf1_md
+macro sets the MGF1 digest for RSA padding schemes to
+.Fa md .
+Unless explicitly specified, the signing digest is used.
+The padding mode must have been set to
+.Dv RSA_PKCS1_OAEP_PADDING
+or
+.Dv RSA_PKCS1_PSS_PADDING .
+.Pp
+The
+.Fn EVP_PKEY_CTX_get_rsa_mgf1_md
+macro retrieves the MGF1 digest for
+.Fa ctx .
+Unless explicitly specified, the signing digest is used.
+The padding mode must have been set to
+.Dv RSA_PKCS1_OAEP_PADDING
+or
+.Dv RSA_PKCS1_PSS_PADDING .
+.Ss DSA parameters
 The macro
 .Fn EVP_PKEY_CTX_set_dsa_paramgen_bits
 sets the number of bits used for DSA parameter generation to
 .Fa nbits .
 If not specified, 1024 is used.
-.Pp
+.Ss DH parameters
 The macro
 .Fn EVP_PKEY_CTX_set_dh_paramgen_prime_len
 sets the length of the DH prime parameter
 .Fa len
 for DH parameter generation.
+It only accepts lengths greater than or equal to 256.
 If this macro is not called, then 1024 is used.
 .Pp
 The
@@ -264,7 +320,7 @@ macro sets DH generator to
 .Fa gen
 for DH parameter generation.
 If not specified, 2 is used.
-.Pp
+.Ss EC parameters
 The
 .Fn EVP_PKEY_CTX_set_ec_paramgen_curve_nid
 sets the EC curve for EC parameter generation to