mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
Documentation: SM2 keys can use only the SM2 curve
Fixes #14411 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15875)
This commit is contained in:
parent
79df244ba0
commit
77072e2749
@ -55,6 +55,9 @@ or EVP_DigestVerifyInit() in such a scenario.
|
||||
SM2 can be tested with the L<openssl-speed(1)> application since version 3.0.
|
||||
Currently, the only valid algorithm name is B<sm2>.
|
||||
|
||||
Since version 3.0, SM2 keys can be generated and loaded only when the domain
|
||||
parameters specify the SM2 elliptic curve.
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
||||
This example demonstrates the calling sequence for using an B<EVP_PKEY> to verify
|
||||
|
@ -360,7 +360,9 @@ call C<EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)> to get SM2 computations.
|
||||
|
||||
Parameter and key generation is also reworked to make it possible
|
||||
to generate EVP_PKEY_SM2 parameters and keys. Applications must now generate
|
||||
SM2 keys directly and must not create an EVP_PKEY_EC key first.
|
||||
SM2 keys directly and must not create an EVP_PKEY_EC key first. It is no longer
|
||||
possible to import an SM2 key with domain parameters other than the SM2 elliptic
|
||||
curve ones.
|
||||
|
||||
Validation of SM2 keys has been separated from the validation of regular EC
|
||||
keys, allowing to improve the SM2 validation process to reject loaded private
|
||||
|
Loading…
Reference in New Issue
Block a user