diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2022-12-14 01:55:49 +0200 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-01-31 11:08:31 +1100 |
commit | f66c1272f92bed6bc8aa17f6a8956d9e2e5b7798 (patch) | |
tree | ca2611da150581e7f6ba967d10a92cfb6f57095d | |
parent | ecd445464a73bb3f125327a604dd13ad16303ebc (diff) |
[doc] Sync documentation now that 3.0 honors OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT
https://github.com/openssl/openssl/pull/19901 backported the
"Honor OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT as set and default to
UNCOMPRESSED" changeset to 3.0.
This commit updates:
- the HISTORY notes of the relevant documentation to mark the change
happened since 3.0.8.
- the `CHANGES.md file` to sync up with the tip of the `openssl-3.0`
branch
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20003)
-rw-r--r-- | CHANGES.md | 30 | ||||
-rw-r--r-- | doc/man7/EVP_PKEY-EC.pod | 4 |
2 files changed, 18 insertions, 16 deletions
diff --git a/CHANGES.md b/CHANGES.md index d04a8c2bdd..223f2feaea 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -228,20 +228,6 @@ OpenSSL 3.1 *Shane Lontis* - * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and - `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor - `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and - default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting - `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using - `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases. - For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to` - for legacy EC and SM2 keys is also changed similarly to honor the - equivalent conversion format flag as specified in the underlying - `EC_KEY` object being exported to a provider, when this function is - called through `EVP_PKEY_export()`. - - *Nicola Tuveri* - * RNDR and RNDRRS support in provider functions to provide random number generation for Arm CPUs (aarch64). @@ -308,6 +294,22 @@ breaking changes, and mappings for the large list of deprecated functions. [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod +### Changes between 3.0.7 and 3.0.8 [xx XXX xxxx] + + * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and + `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor + `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and + default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting + `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using + `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases. + For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to` + for legacy EC and SM2 keys is also changed similarly to honor the + equivalent conversion format flag as specified in the underlying + `EC_KEY` object being exported to a provider, when this function is + called through `EVP_PKEY_export()`. + + *Nicola Tuveri* + ### Changes between 3.0.6 and 3.0.7 [1 Nov 2022] * Fixed two buffer overflows in punycode decoding functions. diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod index 143ec4e82f..492d97702d 100644 --- a/doc/man7/EVP_PKEY-EC.pod +++ b/doc/man7/EVP_PKEY-EC.pod @@ -118,9 +118,9 @@ EVP_PKEY_fromdata() and EVP_PKEY_todata() functions. Note, in particular, that the choice of point compression format used for encoding the exported value via EVP_PKEY_todata() depends on the underlying provider implementation. -Before OpenSSL 3.1, the implementation of providers included with OpenSSL always +Before OpenSSL 3.0.8, the implementation of providers included with OpenSSL always opted for an encoding in compressed format, unconditionally. -Since OpenSSL 3.1, the implementation has been changed to honor the +Since OpenSSL 3.0.8, the implementation has been changed to honor the B<OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT> parameter, if set, or to default to uncompressed format. |