From: Richard Levitte <levitte@openssl.org>
Date: Thu, 30 Jan 2020 15:02:49 +0000 (+0100)
Subject: CHANGES: Add note about the refactoring of SM2 EVP_PKEYs
X-Git-Tag: openssl-3.0.0-alpha1~569
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7f293d9f3b5cee4f4b15624fff15a45e0517334f;p=oweals%2Fopenssl.git

CHANGES: Add note about the refactoring of SM2 EVP_PKEYs

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/10942)
---

diff --git a/CHANGES b/CHANGES
index b002df633c..9eb778a004 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,19 @@
 
  Changes between 1.1.1 and 3.0.0 [xx XXX xxxx]
 
+  *) Reworked the treatment of EC EVP_PKEYs with the SM2 curve to
+     automatically become EVP_PKEY_SM2 rather than EVP_PKEY_EC.
+     This means that applications don't have to look at the curve NID and
+     'EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)' to get SM2 computations.
+     However, they still can, that EVP_PKEY_set_alias_type() call acts as
+     a no-op when the EVP_PKEY is already of the given type.
+
+     Parameter and key generation is also reworked to make it possible
+     to generate EVP_PKEY_SM2 parameters and keys without having to go
+     through EVP_PKEY_EC generation and then change the EVP_PKEY type.
+     However, code that does the latter will still work as before.
+     [Richard Levitte]
+
   *) Deprecated EVP_PKEY_decrypt_old(), please use EVP_PKEY_decrypt_init()
      and EVP_PKEY_decrypt() instead.
      Deprecated EVP_PKEY_encrypt_old(), please use EVP_PKEY_encrypt_init()