From c122d15039ac94e98bc6cd903c78f4696144d1e0 Mon Sep 17 00:00:00 2001 From: Nicola Tuveri Date: Wed, 14 Dec 2022 01:55:49 +0200 Subject: [doc] Sync documentation now that 3.0 honors OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT https://github.com/openssl/openssl/pull/19901 backported the "Honor OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT as set and default to UNCOMPRESSED" changeset to 3.0. This commit updates: - the HISTORY notes of the relevant documentation to mark the change happened since 3.0.8. - the `CHANGES.md file` to sync up with the tip of the `openssl-3.0` branch Reviewed-by: Tomas Mraz Reviewed-by: Tim Hudson Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/20003) (cherry picked from commit f66c1272f92bed6bc8aa17f6a8956d9e2e5b7798) --- CHANGES.md | 30 ++++++++++++++++-------------- doc/man7/EVP_PKEY-EC.pod | 4 ++-- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 387551d422..2f5d1b6337 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -36,20 +36,6 @@ OpenSSL 3.1 *Shane Lontis* - * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and - `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor - `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and - default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting - `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using - `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases. - For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to` - for legacy EC and SM2 keys is also changed similarly to honor the - equivalent conversion format flag as specified in the underlying - `EC_KEY` object being exported to a provider, when this function is - called through `EVP_PKEY_export()`. - - *Nicola Tuveri* - * RNDR and RNDRRS support in provider functions to provide random number generation for Arm CPUs (aarch64). @@ -116,6 +102,22 @@ breaking changes, and mappings for the large list of deprecated functions. [Migration guide]: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod +### Changes between 3.0.7 and 3.0.8 [xx XXX xxxx] + + * Our provider implementations of `OSSL_FUNC_KEYMGMT_EXPORT` and + `OSSL_FUNC_KEYMGMT_GET_PARAMS` for EC and SM2 keys now honor + `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` as set (and + default to `POINT_CONVERSION_UNCOMPRESSED`) when exporting + `OSSL_PKEY_PARAM_PUB_KEY`, instead of unconditionally using + `POINT_CONVERSION_COMPRESSED` as in previous 3.x releases. + For symmetry, our implementation of `EVP_PKEY_ASN1_METHOD->export_to` + for legacy EC and SM2 keys is also changed similarly to honor the + equivalent conversion format flag as specified in the underlying + `EC_KEY` object being exported to a provider, when this function is + called through `EVP_PKEY_export()`. + + *Nicola Tuveri* + ### Changes between 3.0.6 and 3.0.7 [1 Nov 2022] * Fixed two buffer overflows in punycode decoding functions. diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod index 26497a3b73..baabc1d274 100644 --- a/doc/man7/EVP_PKEY-EC.pod +++ b/doc/man7/EVP_PKEY-EC.pod @@ -118,9 +118,9 @@ EVP_PKEY_fromdata() and EVP_PKEY_todata() functions. Note, in particular, that the choice of point compression format used for encoding the exported value via EVP_PKEY_todata() depends on the underlying provider implementation. -Before OpenSSL 3.1, the implementation of providers included with OpenSSL always +Before OpenSSL 3.0.8, the implementation of providers included with OpenSSL always opted for an encoding in compressed format, unconditionally. -Since OpenSSL 3.1, the implementation has been changed to honor the +Since OpenSSL 3.0.8, the implementation has been changed to honor the B parameter, if set, or to default to uncompressed format. -- cgit v1.2.3