Add missing SM2err and fix doc nits

[openssl.git] / doc / man7 / SM2.pod

diff --git a/doc/man7/SM2.pod b/doc/man7/SM2.pod
index 40dc317dcf44650b61217820030181b154d3386b..029dc736cbd5dcf793c138201473a8561bd0384f 100644 (file)
--- a/doc/man7/SM2.pod
+++ b/doc/man7/SM2.pod
@@ -6,23 +6,25 @@ SM2 - Chinese SM2 signature and encryption algorithm support
 
 =head1 DESCRIPTION
 
-B<SM2> algorithm is first defined by the Chinese national standard GM/T 0003-2012
-and is standardized by ISO as ISO/IEC 14888. B<SM2> is actually an elliptic curve
-based algorithm. Currnet implementation in OpenSSL supports both signature and
-encryption schemes via EVP interface.
+The B<SM2> algorithm was first defined by the Chinese national standard GM/T
+0003-2012 and was later standardized by ISO as ISO/IEC 14888. B<SM2> is actually
+an elliptic curve based algorithm. The current implementation in OpenSSL supports
+both signature and encryption schemes via the EVP interface.
 
 When doing the B<SM2> signature algorithm, it requires a distinguishing identifier
 to form the message prefix which is hashed before the real message is hashed.
 
 =head1 NOTES
 
-B<SM2> signature can be generated by using the 'DigestSign' series APIs, for instance,
-EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal(). Ditto
-for the verification process by calling the 'DigestVerify' series APIs.
+B<SM2> signatures can be generated by using the 'DigestSign' series of APIs, for
+instance, EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal().
+Ditto for the verification process by calling the 'DigestVerify' series of APIs.
 
-There are several special steps need to be done before computing an B<SM2> signature.
+There are several special steps that need to be done before computing an B<SM2>
+signature.
 
-The B<EVP_PKEY> structure should be set to B<EVP_PKEY_SM2> by calling:
+The B<EVP_PKEY> structure will default to using ECDSA for signatures when it is
+created. It should be set to B<EVP_PKEY_SM2> by calling:
 
  EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);
 
@@ -30,23 +32,23 @@ Then an ID should be set by calling:
 
  EVP_PKEY_CTX_set1_id(pctx, id, id_len);
 
-When calling the EVP_DeigestSignInit() or EVP_DigestVerifyInit() function, a
+When calling the EVP_DigestSignInit() or EVP_DigestVerifyInit() functions, a
 pre-allocated B<EVP_PKEY_CTX> should be assigned to the B<EVP_MD_CTX>. This is
 done by calling:
 
  EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
 
-And normally there is no need to pass a B<pctx> parameter to EVP_DeigestSignInit()
-or EVP_DigestVerifyInit() in such scenario.
+And normally there is no need to pass a B<pctx> parameter to EVP_DigestSignInit()
+or EVP_DigestVerifyInit() in such a scenario.
 
 =head1 EXAMPLE
 
-This example demonstrates the calling sequence on how to use an B<EVP_PKEY> to
-sign a message with SM2 signature algorithm and SM3 hash algorithm:
+This example demonstrates the calling sequence for using an B<EVP_PKEY> to verify
+a message with the SM2 signature algorithm and the SM3 hash algorithm:
 
  #include <openssl/evp.h>
 
- /* obtain an EVP_PKEY from whatever methods... */
+ /* obtain an EVP_PKEY using whatever methods... */
  EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);
  mctx = EVP_MD_CTX_new();
  pctx = EVP_PKEY_CTX_new(pkey, NULL);