From 77072e274925d26da3a17378e4794dc11f43ace4 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Wed, 23 Jun 2021 09:40:56 +0200 Subject: [PATCH] Documentation: SM2 keys can use only the SM2 curve Fixes #14411 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/15875) --- doc/man7/EVP_PKEY-SM2.pod | 3 +++ doc/man7/migration_guide.pod | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/man7/EVP_PKEY-SM2.pod b/doc/man7/EVP_PKEY-SM2.pod index 4f0e240f3f..8bdc506cec 100644 --- a/doc/man7/EVP_PKEY-SM2.pod +++ b/doc/man7/EVP_PKEY-SM2.pod @@ -55,6 +55,9 @@ or EVP_DigestVerifyInit() in such a scenario. SM2 can be tested with the L application since version 3.0. Currently, the only valid algorithm name is B. +Since version 3.0, SM2 keys can be generated and loaded only when the domain +parameters specify the SM2 elliptic curve. + =head1 EXAMPLES This example demonstrates the calling sequence for using an B to verify diff --git a/doc/man7/migration_guide.pod b/doc/man7/migration_guide.pod index 6d281472c9..9a9d940af4 100644 --- a/doc/man7/migration_guide.pod +++ b/doc/man7/migration_guide.pod @@ -360,7 +360,9 @@ call C to get SM2 computations. Parameter and key generation is also reworked to make it possible to generate EVP_PKEY_SM2 parameters and keys. Applications must now generate -SM2 keys directly and must not create an EVP_PKEY_EC key first. +SM2 keys directly and must not create an EVP_PKEY_EC key first. It is no longer +possible to import an SM2 key with domain parameters other than the SM2 elliptic +curve ones. Validation of SM2 keys has been separated from the validation of regular EC keys, allowing to improve the SM2 validation process to reject loaded private