*Tomáš Mráz*
- * Deprecate EVP_MD_CTX_set_update_fn() and EVP_MD_CTX_update_fn()
+ * The default key generation method for the regular 2-prime RSA keys was
+ changed to the FIPS 186-4 B.3.6 method (Generation of Probable Primes with
+ Conditions Based on Auxiliary Probable Primes). This method is slower
+ than the original method.
+
+ *Shane Lontis*
+
+ * Deprecated the BN_is_prime_ex() and BN_is_prime_fasttest_ex() functions.
+ They are replaced with the BN_check_prime() function that avoids possible
+ misuse and always uses at least 64 rounds of the Miller-Rabin
+ primality test. At least 64 rounds of the Miller-Rabin test are now also
+ used for all prime generation, including RSA key generation.
+ This increases key generation time, especially for larger keys.
+
+ *Kurt Roeckx*
+
+ * Deprecated EVP_MD_CTX_set_update_fn() and EVP_MD_CTX_update_fn()
as they are not useful with non-deprecated functions.
*Rich Salz*
=head1 HISTORY
+The BN_is_prime_ex() and BN_is_prime_fasttest_ex() functions were
+deprecated in OpenSSL 3.0.
+
The BN_GENCB_new(), BN_GENCB_free(),
and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.