1 files changed, 34 insertions, 15 deletions
diff --git a/secure/lib/libcrypto/man/EVP_PKEY_sign.3 b/secure/lib/libcrypto/man/EVP_PKEY_sign.3
index 5c96bf8a5d069..c65f3e1046965 100644
--- a/secure/lib/libcrypto/man/EVP_PKEY_sign.3
+++ b/secure/lib/libcrypto/man/EVP_PKEY_sign.3
@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.23)
+.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28)
 .\"
 .\" Standard preamble:
 .\" ========================================================================
@@ -38,6 +38,8 @@
 .    ds PI \(*p
 .    ds L" ``
 .    ds R" ''
+.    ds C`
+.    ds C'
 'br\}
 .\"
 .\" Escape single quotes in literal strings from groff's Unicode transform.
@@ -48,17 +50,24 @@
 .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
 .\" entries marked with X<> in POD.  Of course, you'll have to process the
 .\" output yourself in some meaningful fashion.
-.ie \nF \{\
-.    de IX
-.    tm Index:\\$1\t\\n%\t"\\$2"
+.\"
+.\" Avoid warning from groff about undefined register 'F'.
+.de IX
 ..
-.    nr % 0
-.    rr F
-.\}
-.el \{\
-.    de IX
+.nr rF 0
+.if \n(.g .if rF .nr rF 1
+.if (\n(rF:(\n(.g==0)) \{
+.    if \nF \{
+.        de IX
+.        tm Index:\\$1\t\\n%\t"\\$2"
 ..
+.        if !\nF==2 \{
+.            nr % 0
+.            nr F 2
+.        \}
+.    \}
 .\}
+.rr rF
 .\"
 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
 .\" Fear.  Run.  Save yourself.  No user-serviceable parts.
@@ -124,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "EVP_PKEY_sign 3"
-.TH EVP_PKEY_sign 3 "2013-02-11" "1.0.1e" "OpenSSL"
+.TH EVP_PKEY_sign 3 "2015-01-15" "1.0.1l" "OpenSSL"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -155,9 +164,14 @@ before the call the \fBsiglen\fR parameter should contain the length of the
 \&\fBsig\fR and the amount of data written to \fBsiglen\fR.
 .SH "NOTES"
 .IX Header "NOTES"
+\&\fIEVP_PKEY_sign()\fR does not hash the data to be signed, and therefore is
+normally used to sign digests. For signing arbitrary messages, see the
+\&\fIEVP_DigestSignInit\fR\|(3) and
+\&\fIEVP_SignInit\fR\|(3) signing interfaces instead.
+.PP
 After the call to \fIEVP_PKEY_sign_init()\fR algorithm specific control
 operations can be performed to set any appropriate parameters for the
-operation.
+operation (see \fIEVP_PKEY_CTX_ctrl\fR\|(3)).
 .PP
 The function \fIEVP_PKEY_sign()\fR can be called more than once on the same
 context if several operations are performed using the same parameters.
@@ -175,13 +189,17 @@ Sign data using \s-1RSA\s0 with PKCS#1 padding and \s-1SHA256\s0 digest:
 \& #include <openssl/rsa.h>
 \&
 \& EVP_PKEY_CTX *ctx;
+\& /* md is a SHA\-256 digest in this example. */
 \& unsigned char *md, *sig;
-\& size_t mdlen, siglen; 
+\& size_t mdlen = 32, siglen;
 \& EVP_PKEY *signing_key;
-\& /* NB: assumes signing_key, md and mdlen are already set up
-\&  * and that signing_key is an RSA private key
+\&
+\& /*
+\&  * NB: assumes signing_key and md are set up before the next
+\&  * step. signing_key must be an RSA private key and md must
+\&  * point to the SHA\-256 digest to be signed.
 \&  */
-\& ctx = EVP_PKEY_CTX_new(signing_key);
+\& ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */);
 \& if (!ctx)
 \&        /* Error occurred */
 \& if (EVP_PKEY_sign_init(ctx) <= 0)
@@ -208,6 +226,7 @@ Sign data using \s-1RSA\s0 with PKCS#1 padding and \s-1SHA256\s0 digest:
 .SH "SEE ALSO"
 .IX Header "SEE ALSO"
 \&\fIEVP_PKEY_CTX_new\fR\|(3),
+\&\fIEVP_PKEY_CTX_ctrl\fR\|(3),
 \&\fIEVP_PKEY_encrypt\fR\|(3),
 \&\fIEVP_PKEY_decrypt\fR\|(3),
 \&\fIEVP_PKEY_verify\fR\|(3),