Add docs noting requirements for SM2 signing

Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23887) (cherry picked from commit 4feb4a2b2cb7c45c0392e03453a658f29bd70bd2)
author: Neil Horman <nhorman@openssl.org> 2024-03-19 04:52:57 -0400
committer: Tomas Mraz <tomas@openssl.org> 2024-04-09 20:42:02 +0200
commit: 7d2c8fc3be331b4ce2b06d819e4934e473aa321d (patch)
tree: 38a57f8ebea77fd4ef9379d9b869a97b257399b9
parent: e008211ab9e5e50ae691320b65f1f99dd7211502 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/man7/EVP_PKEY-SM2.pod b/doc/man7/EVP_PKEY-SM2.pod
index 8bdc506cec..b073dc8b05 100644
--- a/doc/man7/EVP_PKEY-SM2.pod
+++ b/doc/man7/EVP_PKEY-SM2.pod
@@ -38,6 +38,9 @@ Getter that returns the default digest name.
 B<SM2> signatures can be generated by using the 'DigestSign' series of APIs, for
 instance, EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal().
 Ditto for the verification process by calling the 'DigestVerify' series of APIs.
+Note that the SM2 algorithm requires the presence of the public key for signatures,
+as such the B<OSSL_PKEY_PARAM_PUB_KEY> option must be set on any key used in signature
+generation.
 
 Before computing an B<SM2> signature, an B<EVP_PKEY_CTX> needs to be created,
 and an B<SM2> ID must be set for it, like this:
author	Neil Horman <nhorman@openssl.org>	2024-03-19 04:52:57 -0400
committer	Tomas Mraz <tomas@openssl.org>	2024-04-09 20:42:02 +0200
commit	7d2c8fc3be331b4ce2b06d819e4934e473aa321d (patch)
tree	38a57f8ebea77fd4ef9379d9b869a97b257399b9
parent	e008211ab9e5e50ae691320b65f1f99dd7211502 (diff)