Note that the mac command is preferrable to the MAC command line options.

The dgst command allows MACs to be calculated, the mac command is the more
recent interface for doing the same and provides better access to a wider
range of MACs.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9962)

diff --git a/doc/man1/openssl-dgst.pod b/doc/man1/openssl-dgst.pod
index ed1a088e6ec3c7ad21d9cc32af83bb777259c70d..5fb5128a02e1a84f809c75da411a27084e6dc536 100644 (file)
--- a/doc/man1/openssl-dgst.pod
+++ b/doc/man1/openssl-dgst.pod
@@ -123,6 +123,9 @@ The actual signature to verify.
 
 Create a hashed MAC using "key".
 
+The L<openssl-mac(1)> command should be preferred to using this command line
+option.
+
 =item B<-mac alg>
 
 Create MAC (keyed Message Authentication Code). The most popular MAC
@@ -131,6 +134,9 @@ which are not based on hash, for instance B<gost-mac> algorithm,
 supported by B<ccgost> engine. MAC keys and other options should be set
 via B<-macopt> parameter.
 
+The L<openssl-mac(1)> command should be preferred to using this command line
+option.
+
 =item B<-macopt nm:v>
 
 Passes options to MAC algorithm, specified by B<-mac> key.
@@ -152,6 +158,9 @@ for example exactly 32 chars for gost-mac.
 
 =back
 
+The L<openssl-mac(1)> command should be preferred to using this command line
+option.
+
 =item B<-rand file...>
 
 A file or files containing random data used to seed the random number
@@ -229,6 +238,13 @@ Hex signatures cannot be verified using B<openssl>.  Instead, use "xxd -r"
 or similar program to transform the hex signature into a binary signature
 prior to verification.
 
+The L<openssl-mac(1)> command is preferred over the B<-hmac>, B<-mac> and
+B<-macopt> command line options.
+
+=head1 SEE ALSO
+
+L<openssl-mac(1)>
+
 =head1 HISTORY
 
 The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.