diff options
author | Billy Brumley <bbrumley@gmail.com> | 2020-05-27 13:30:04 +0300 |
---|---|---|
committer | Nicola Tuveri <nic.tuv@gmail.com> | 2020-06-02 11:17:24 +0300 |
commit | 23ccae80bd58adfe89e3e345414684eb82bdb531 (patch) | |
tree | e2220609ac08ecdf947a5ab7aef0a71e9f452300 | |
parent | e306f83c8cfc7ac970d04a36c90634ab8573a594 (diff) |
Move EC_METHOD to internal-only
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11928)
-rw-r--r-- | CHANGES.md | 20 | ||||
-rw-r--r-- | apps/ecparam.c | 3 | ||||
-rw-r--r-- | crypto/ec/ec_asn1.c | 11 | ||||
-rw-r--r-- | crypto/ec/ec_curve.c | 10 | ||||
-rw-r--r-- | crypto/ec/ec_cvt.c | 4 | ||||
-rw-r--r-- | crypto/ec/ec_key.c | 5 | ||||
-rw-r--r-- | crypto/ec/ec_lib.c | 22 | ||||
-rw-r--r-- | crypto/ec/ec_local.h | 13 | ||||
-rw-r--r-- | crypto/ec/eck_prn.c | 2 | ||||
-rw-r--r-- | crypto/ec/ecp_s390x_nistp.c | 6 | ||||
-rw-r--r-- | doc/man3/EC_GFp_simple_method.pod | 20 | ||||
-rw-r--r-- | doc/man3/EC_GROUP_copy.pod | 23 | ||||
-rw-r--r-- | doc/man3/EC_GROUP_new.pod | 16 | ||||
-rw-r--r-- | doc/man3/EC_POINT_new.pod | 5 | ||||
-rw-r--r-- | include/openssl/ec.h | 40 | ||||
-rw-r--r-- | ssl/t1_lib.c | 2 | ||||
-rw-r--r-- | test/ectest.c | 114 | ||||
-rw-r--r-- | util/libcrypto.num | 24 |
18 files changed, 177 insertions, 163 deletions
diff --git a/CHANGES.md b/CHANGES.md index 241d6ca23c..68fa1e0033 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -23,6 +23,26 @@ OpenSSL 3.0 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx] + * Deprecated EC_METHOD_get_field_type(). Applications should switch to + EC_GROUP_get_field_type(). + + *Billy Bob Brumley* + + * Deprecated EC_GFp_simple_method(), EC_GFp_mont_method(), + EC_GF2m_simple_method(), EC_GFp_nist_method(), EC_GFp_nistp224_method() + EC_GFp_nistp256_method(), and EC_GFp_nistp521_method(). + Applications should rely on the library automatically assigning a suitable + EC_METHOD internally upon EC_GROUP construction. + + *Billy Bob Brumley* + + * Deprecated EC_GROUP_new(), EC_GROUP_method_of(), and EC_POINT_method_of(). + EC_METHOD is now an internal-only concept and a suitable EC_METHOD is + assigned internally without application intervention. + Users of EC_GROUP_new() should switch to a different suitable constructor. + + *Billy Bob Brumley* + * Add CAdES-BES signature verification support, mostly derived from ESSCertIDv2 TS (RFC 5816) contribution by Marek Klein. diff --git a/apps/ecparam.c b/apps/ecparam.c index 635bde2db2..4abb0517d9 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -305,7 +305,6 @@ int ecparam_main(int argc, char **argv) size_t buf_len = 0, tmp_len = 0; const EC_POINT *point; int is_prime, len = 0; - const EC_METHOD *meth = EC_GROUP_method_of(group); if ((ec_p = BN_new()) == NULL || (ec_a = BN_new()) == NULL @@ -317,7 +316,7 @@ int ecparam_main(int argc, char **argv) goto end; } - is_prime = (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field); + is_prime = (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field); if (!is_prime) { BIO_printf(bio_err, "Can only handle X9.62 prime fields\n"); goto end; diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index b2c91efbfd..a53573cc92 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -27,8 +27,7 @@ int EC_GROUP_get_basis_type(const EC_GROUP *group) { int i; - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != - NID_X9_62_characteristic_two_field) + if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field) /* everything else is currently not supported */ return 0; @@ -53,8 +52,7 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k) if (group == NULL) return 0; - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != - NID_X9_62_characteristic_two_field + if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0))) { ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, @@ -74,8 +72,7 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, if (group == NULL) return 0; - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != - NID_X9_62_characteristic_two_field + if (EC_GROUP_get_field_type(group) != NID_X9_62_characteristic_two_field || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) { @@ -262,7 +259,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) ASN1_OBJECT_free(field->fieldType); ASN1_TYPE_free(field->p.other); - nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); + nid = EC_GROUP_get_field_type(group); /* set OID for the field */ if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) { ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB); diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index 9f929883ec..3be62b3655 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3195,7 +3195,7 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, /* If no curve data curve method must handle everything */ if (curve.data == NULL) - return EC_GROUP_new_ex(libctx, + return ec_group_new_ex(libctx, curve.meth != NULL ? curve.meth() : NULL); if ((ctx = BN_CTX_new_ex(libctx)) == NULL) { @@ -3218,7 +3218,7 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, if (curve.meth != 0) { meth = curve.meth(); - if (((group = EC_GROUP_new_ex(libctx, meth)) == NULL) || + if (((group = ec_group_new_ex(libctx, meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); goto err; @@ -3388,17 +3388,13 @@ int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx) unsigned char *param_bytes = NULL; const EC_CURVE_DATA *data; const EC_POINT *generator = NULL; - const EC_METHOD *meth; const BIGNUM *cofactor = NULL; /* An array of BIGNUMs for (p, a, b, x, y, order) */ BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL}; - meth = EC_GROUP_method_of(group); - if (meth == NULL) - return -1; /* Use the optional named curve nid as a search field */ nid = EC_GROUP_get_curve_name(group); - field_type = EC_METHOD_get_field_type(meth); + field_type = EC_GROUP_get_field_type(group); seed_len = EC_GROUP_get_seed_len(group); seed = EC_GROUP_get0_seed(group); cofactor = EC_GROUP_get0_cofactor(group); diff --git a/crypto/ec/ec_cvt.c b/crypto/ec/ec_cvt.c index 6d58fdbe10..a8ea6fe7fd 100644 --- a/crypto/ec/ec_cvt.c +++ b/crypto/ec/ec_cvt.c @@ -54,7 +54,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, meth = EC_GFp_mont_method(); #endif - ret = EC_GROUP_new_ex(bn_get_lib_ctx(ctx), meth); + ret = ec_group_new_ex(bn_get_lib_ctx(ctx), meth); if (ret == NULL) return NULL; @@ -75,7 +75,7 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, meth = EC_GF2m_simple_method(); - ret = EC_GROUP_new_ex(bn_get_lib_ctx(ctx), meth); + ret = ec_group_new_ex(bn_get_lib_ctx(ctx), meth); if (ret == NULL) return NULL; diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index aae3171907..47feede54b 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -117,10 +117,9 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) dest->libctx = src->libctx; /* copy the parameters */ if (src->group != NULL) { - const EC_METHOD *meth = EC_GROUP_method_of(src->group); /* clear the old group */ EC_GROUP_free(dest->group); - dest->group = EC_GROUP_new_ex(src->libctx, meth); + dest->group = ec_group_new_ex(src->libctx, src->group->meth); if (dest->group == NULL) return NULL; if (!EC_GROUP_copy(dest->group, src->group)) @@ -398,7 +397,7 @@ static int ec_key_public_range_check(BN_CTX *ctx, const EC_KEY *key) if (!EC_POINT_get_affine_coordinates(key->group, key->pub_key, x, y, ctx)) goto err; - if (EC_METHOD_get_field_type(key->group->meth) == NID_X9_62_prime_field) { + if (EC_GROUP_get_field_type(key->group) == NID_X9_62_prime_field) { if (BN_is_negative(x) || BN_cmp(x, key->group->field) >= 0 || BN_is_negative(y) diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 1b2ddc2b44..f62eff5034 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -23,7 +23,7 @@ /* functions for EC_GROUP objects */ -EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth) +EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth) { EC_GROUP *ret; @@ -65,11 +65,13 @@ EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth) return NULL; } -#ifndef FIPS_MODULE +#ifndef OPENSSL_NO_DEPRECATED_3_0 +# ifndef FIPS_MODULE EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) { - return EC_GROUP_new_ex(NULL, meth); + return ec_group_new_ex(NULL, meth); } +# endif #endif void EC_pre_comp_free(EC_GROUP *group) @@ -255,7 +257,7 @@ EC_GROUP *EC_GROUP_dup(const EC_GROUP *a) if (a == NULL) return NULL; - if ((t = EC_GROUP_new_ex(a->libctx, a->meth)) == NULL) + if ((t = ec_group_new_ex(a->libctx, a->meth)) == NULL) return NULL; if (!EC_GROUP_copy(t, a)) goto err; @@ -270,6 +272,7 @@ EC_GROUP *EC_GROUP_dup(const EC_GROUP *a) return t; } +#ifndef OPENSSL_NO_DEPRECATED_3_0 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group) { return group->meth; @@ -279,6 +282,7 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth) { return meth->field_type; } +#endif static int ec_precompute_mont_data(EC_GROUP *); @@ -475,6 +479,11 @@ const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group) return group->field; } +int EC_GROUP_get_field_type(const EC_GROUP *group) +{ + return group->meth->field_type; +} + void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag) { group->asn1_flag = flag; @@ -602,8 +611,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) #endif /* compare the field types */ - if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) != - EC_METHOD_get_field_type(EC_GROUP_method_of(b))) + if (EC_GROUP_get_field_type(a) != EC_GROUP_get_field_type(b)) return 1; /* compare the curve name (if present in both) */ if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) && @@ -777,10 +785,12 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) return t; } +#ifndef OPENSSL_NO_DEPRECATED_3_0 const EC_METHOD *EC_POINT_method_of(const EC_POINT *point) { return point->meth; } +#endif int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { diff --git a/crypto/ec/ec_local.h b/crypto/ec/ec_local.h index d9383f10a7..7f9b61bc49 100644 --- a/crypto/ec/ec_local.h +++ b/crypto/ec/ec_local.h @@ -31,6 +31,10 @@ /* Curve does not support signing operations */ #define EC_FLAGS_NO_SIGN 0x4 +#ifdef OPENSSL_NO_DEPRECATED_3_0 +typedef struct ec_method_st EC_METHOD; +#endif + /* * Structure details are not part of the exported interface, so all this may * change in future versions. @@ -585,6 +589,15 @@ void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign, #endif int ec_group_simple_order_bits(const EC_GROUP *group); +/** + * Creates a new EC_GROUP object + * \param libctx The associated library context or NULL for the default + * library context + * \param meth EC_METHOD to use + * \return newly created EC_GROUP object or NULL in case of an error. + */ +EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth); + #ifdef ECP_NISTZ256_ASM /** Returns GFp methods using montgomery multiplication, with x86-64 optimized * P256. See http://eprint.iacr.org/2013/816. diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c index 51ebedd731..6bcfe032d4 100644 --- a/crypto/ec/eck_prn.c +++ b/crypto/ec/eck_prn.c @@ -115,7 +115,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) /* explicit parameters */ int is_char_two = 0; point_conversion_form_t form; - int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x)); + int tmp_nid = EC_GROUP_get_field_type(x); if (tmp_nid == NID_X9_62_characteristic_two_field) is_char_two = 1; diff --git a/crypto/ec/ecp_s390x_nistp.c b/crypto/ec/ecp_s390x_nistp.c index 75c8475e69..edbad15cdd 100644 --- a/crypto/ec/ecp_s390x_nistp.c +++ b/crypto/ec/ecp_s390x_nistp.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * EC_METHOD low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdlib.h> #include <string.h> #include <openssl/err.h> diff --git a/doc/man3/EC_GFp_simple_method.pod b/doc/man3/EC_GFp_simple_method.pod index 4d8f1fbaf0..cbdb6ec1c3 100644 --- a/doc/man3/EC_GFp_simple_method.pod +++ b/doc/man3/EC_GFp_simple_method.pod @@ -8,6 +8,8 @@ EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_me #include <openssl/ec.h> +Deprecated since OpenSSL 3.0: + const EC_METHOD *EC_GFp_simple_method(void); const EC_METHOD *EC_GFp_mont_method(void); const EC_METHOD *EC_GFp_nist_method(void); @@ -21,6 +23,10 @@ EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_me =head1 DESCRIPTION + +All const EC_METHOD *EC_GF* functions were deprecated in OpenSSL 3.0, since +EC_METHOD is no longer a public concept. + The Elliptic Curve library provides a number of different implementations through a single common interface. When constructing a curve using EC_GROUP_new (see L<EC_GROUP_new(3)>) an implementation method must be provided. The functions described here all return a const pointer to an @@ -39,10 +45,8 @@ The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521 optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these implementations are not available on all platforms. -EC_METHOD_get_field_type identifies what type of field the EC_METHOD structure supports, which will be either -F2^m or Fp. If the field type is Fp then the value B<NID_X9_62_prime_field> is returned. If the field type is -F2^m then the value B<NID_X9_62_characteristic_two_field> is returned. These values are defined in the -obj_mac.h header file. +EC_METHOD_get_field_type() was deprecated in OpenSSL 3.0. +Applications should use EC_GROUP_get_field_type() as a replacement (see L<EC_GROUP_copy(3)>). =head1 RETURN VALUES @@ -57,6 +61,14 @@ L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>, L<d2i_ECPKParameters(3)>, L<BN_mod_mul_montgomery(3)> +=head1 HISTORY + +EC_GFp_simple_method(), EC_GFp_mont_method(void), +EC_GFp_nist_method(), EC_GFp_nistp224_method(), +EC_GFp_nistp256_method(), EC_GFp_nistp521_method(), +EC_GF2m_simple_method(), and EC_METHOD_get_field_type() +were deprecated in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved. diff --git a/doc/man3/EC_GROUP_copy.pod b/doc/man3/EC_GROUP_copy.pod index e9a1d183ca..6f33481856 100644 --- a/doc/man3/EC_GROUP_copy.pod +++ b/doc/man3/EC_GROUP_copy.pod @@ -22,8 +22,6 @@ EC_GROUP_get_pentanomial_basis, EC_GROUP_get0_field int EC_GROUP_copy(EC_GROUP *dst, const EC_GROUP *src); EC_GROUP *EC_GROUP_dup(const EC_GROUP *src); - const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); - int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group); @@ -63,6 +61,10 @@ EC_GROUP_get_pentanomial_basis, EC_GROUP_get0_field int EC_GROUP_get_pentanomial_basis(const EC_GROUP *, unsigned int *k1, unsigned int *k2, unsigned int *k3); +Deprecated since OpenSSL 3.0: + + const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); + =head1 DESCRIPTION EC_GROUP_copy() copies the curve B<src> into B<dst>. Both B<src> and B<dst> must use the same EC_METHOD. @@ -71,6 +73,7 @@ EC_GROUP_dup() creates a new EC_GROUP object and copies the content from B<src> EC_GROUP object. EC_GROUP_method_of() obtains the EC_METHOD of B<group>. +This function was deprecated in OpenSSL 3.0, since EC_METHOD is no longer a public concept. EC_GROUP_set_generator() sets curve parameters that must be agreed by all participants using the curve. These parameters include the B<generator>, the B<order> and the B<cofactor>. The B<generator> is a well defined point on the @@ -140,8 +143,12 @@ built-in curves within the library provide seed values that can be obtained. It EC_GROUP_set_seed() and passing a pointer to a memory block, along with the length of the seed. Again, the EC library will not use this seed value, although it will be preserved in any ASN1 based communications. -EC_GROUP_get_degree() gets the degree of the field. For Fp fields this will be the number of bits in p. For F2^m fields this will be -the value m. +EC_GROUP_get_degree() gets the degree of the field. +For Fp fields this will be the number of bits in p. +For F2^m fields this will be the value m. + +EC_GROUP_get_field_type() identifies what type of field the EC_GROUP structure supports, +which will be either F2^m or Fp. The function EC_GROUP_check_discriminant() calculates the discriminant for the curve and verifies that it is valid. For a curve defined over Fp the discriminant is given by the formula 4*a^3 + 27*b^2 whilst for F2^m curves the discriminant is @@ -202,6 +209,10 @@ EC_GROUP_get_point_conversion_form() returns the point_conversion_form for B<gro EC_GROUP_get_degree() returns the degree for B<group> or 0 if the operation is not supported by the underlying group implementation. +EC_GROUP_get_field_type() returns either B<NID_X9_62_prime_field> for prime curves +or B<NID_X9_62_characteristic_two_field> for binary curves; +these values are defined in the obj_mac.h header file. + EC_GROUP_check_named_curve() returns the nid of the matching named curve, otherwise it returns 0 for no match, or -1 on error. EC_GROUP_get0_order() returns an internal pointer to the group order. @@ -229,7 +240,9 @@ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)> =head1 HISTORY -The EC_GROUP_check_named_curve() function was added in OpenSSL 3.0. +EC_GROUP_method_of() was deprecated in OpenSSL 3.0. + +EC_GROUP_check_named_curve() and EC_GROUP_get_field_type() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/EC_GROUP_new.pod b/doc/man3/EC_GROUP_new.pod index 08bbd80b08..7bea1dd061 100644 --- a/doc/man3/EC_GROUP_new.pod +++ b/doc/man3/EC_GROUP_new.pod @@ -4,7 +4,6 @@ EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters, -EC_GROUP_new_ex, EC_GROUP_new, EC_GROUP_new_from_ecparameters, EC_GROUP_new_from_ecpkparameters, @@ -27,8 +26,6 @@ objects #include <openssl/ec.h> - EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth); - EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params) EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params) void EC_GROUP_free(EC_GROUP *group); @@ -62,6 +59,7 @@ Deprecated since OpenSSL 3.0, can be hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, see L<openssl_user_macros(7)>: + EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); void EC_GROUP_clear_free(EC_GROUP *group); =head1 DESCRIPTION @@ -83,20 +81,20 @@ Operations in a binary field are performed relative to an B<irreducible polynomial>. All such curves with OpenSSL use a trinomial or a pentanomial for this parameter. -A new curve can be constructed by calling EC_GROUP_new_ex(), using the +Although deprecated since OpenSSL 3.0 and should no longer be used, +a new curve can be constructed by calling EC_GROUP_new(), using the implementation provided by B<meth> (see L<EC_GFp_simple_method(3)>) and associated with the library context B<ctx> (see L<OPENSSL_CTX(3)>). The B<ctx> parameter may be NULL in which case the default library context is used. It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. +Applications should instead use one of the other EC_GROUP_new_* constructors. + EC_GROUP_new_from_ecparameters() will create a group from the specified B<params> and EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK B<params>. -EC_GROUP_new() is the same as EC_GROUP_new_ex() except that the library context -used is always the default library context. - EC_GROUP_set_curve() sets the curve parameters B<p>, B<a> and B<b>. For a curve over Fp B<p> is the prime for the field. For a curve over F2^m B<p> represents the irreducible polynomial - each bit represents a term in the polynomial. @@ -182,7 +180,9 @@ L<OPENSSL_CTX(3)> =item * -EC_GROUP_new_ex() and EC_GROUP_new_by_curve_name_ex() were added in OpenSSL 3.0. +EC_GROUP_new() was deprecated in OpenSSL 3.0. + +EC_GROUP_new_by_curve_name_ex() was added in OpenSSL 3.0. =item * diff --git a/doc/man3/EC_POINT_new.pod b/doc/man3/EC_POINT_new.pod index ab02d607cd..84b11ee0c0 100644 --- a/doc/man3/EC_POINT_new.pod +++ b/doc/man3/EC_POINT_new.pod @@ -38,7 +38,6 @@ EC_POINT_hex2point void EC_POINT_clear_free(EC_POINT *point); int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); - const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point); int EC_POINT_set_affine_coordinates(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, @@ -68,6 +67,7 @@ EC_POINT_hex2point Deprecated since OpenSSL 3.0: + const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); int EC_POINT_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *p, const BIGNUM *x, const BIGNUM *y, @@ -116,6 +116,8 @@ EC_POINT_dup() creates a new B<EC_POINT> object and copies the content from B<src> to the newly created B<EC_POINT> object. EC_POINT_method_of() obtains the B<EC_METHOD> associated with B<point>. +This function was deprecated in OpenSSL 3.0, since EC_METHOD is no longer a +public concept. A valid point on a curve is the special point at infinity. A point is set to be at infinity by calling EC_POINT_set_to_infinity(). @@ -249,6 +251,7 @@ L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)> =head1 HISTORY +EC_POINT_method_of(), EC_POINT_set_Jprojective_coordinates_GFp(), EC_POINT_get_Jprojective_coordinates_GFp(), EC_POINT_set_affine_coordinates_GFp(), EC_POINT_get_affine_coordinates_GFp(), diff --git a/include/openssl/ec.h b/include/openssl/ec.h index d684e7ca09..90e109b61e 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -47,7 +47,9 @@ typedef enum { POINT_CONVERSION_HYBRID = 6 } point_conversion_form_t; +# ifndef OPENSSL_NO_DEPRECATED_3_0 typedef struct ec_method_st EC_METHOD; +# endif typedef struct ec_group_st EC_GROUP; typedef struct ec_point_st EC_POINT; typedef struct ecpk_parameters_st ECPKPARAMETERS; @@ -61,33 +63,33 @@ typedef struct ec_parameters_st ECPARAMETERS; * optimized methods. * \return EC_METHOD object */ -const EC_METHOD *EC_GFp_simple_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_simple_method(void)) /** Returns GFp methods using montgomery multiplication. * \return EC_METHOD object */ -const EC_METHOD *EC_GFp_mont_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_mont_method(void)) /** Returns GFp methods using optimized methods for NIST recommended curves * \return EC_METHOD object */ -const EC_METHOD *EC_GFp_nist_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nist_method(void)) # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 /** Returns 64-bit optimized methods for nistp224 * \return EC_METHOD object */ -const EC_METHOD *EC_GFp_nistp224_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp224_method(void)) /** Returns 64-bit optimized methods for nistp256 * \return EC_METHOD object */ -const EC_METHOD *EC_GFp_nistp256_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp256_method(void)) /** Returns 64-bit optimized methods for nistp521 * \return EC_METHOD object */ -const EC_METHOD *EC_GFp_nistp521_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GFp_nistp521_method(void)) # endif # ifndef OPENSSL_NO_EC2M @@ -98,7 +100,7 @@ const EC_METHOD *EC_GFp_nistp521_method(void); /** Returns the basic GF2m ec method * \return EC_METHOD object */ -const EC_METHOD *EC_GF2m_simple_method(void); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GF2m_simple_method(void)) # endif @@ -108,20 +110,10 @@ const EC_METHOD *EC_GF2m_simple_method(void); /** * Creates a new EC_GROUP object - * \param libctx The associated library context or NULL for the default - * library context * \param meth EC_METHOD to use * \return newly created EC_GROUP object or NULL in case of an error. */ -EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth); - -/** - * Creates a new EC_GROUP object. Same as EC_GROUP_new_ex with NULL for the - * library context. - * \param meth EC_METHOD to use - * \return newly created EC_GROUP object or NULL in case of an error. - */ -EC_GROUP *EC_GROUP_new(const EC_METHOD *meth); +DEPRECATEDIN_3_0(EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)) /** Frees a EC_GROUP object * \param group EC_GROUP object to be freed. @@ -151,13 +143,13 @@ EC_GROUP *EC_GROUP_dup(const EC_GROUP *src); * \param group EC_GROUP object * \return EC_METHOD used in this EC_GROUP object. */ -const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group); +DEPRECATEDIN_3_0(const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group)) /** Returns the field type of the EC_METHOD. * \param meth EC_METHOD object * \return NID of the underlying field type OID. */ -int EC_METHOD_get_field_type(const EC_METHOD *meth); +DEPRECATEDIN_3_0(int EC_METHOD_get_field_type(const EC_METHOD *meth)) /** Sets the generator and its order/cofactor of a EC_GROUP object. * \param group EC_GROUP object @@ -235,6 +227,12 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group); */ const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group); +/** Returns the field type of the EC_GROUP. + * \param group EC_GROUP object + * \return NID of the underlying field type OID. + */ +int EC_GROUP_get_field_type(const EC_GROUP *group); + void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); int EC_GROUP_get_asn1_flag(const EC_GROUP *group); @@ -493,7 +491,7 @@ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); * \param point EC_POINT object * \return the EC_METHOD used */ -const EC_METHOD *EC_POINT_method_of(const EC_POINT *point); +DEPRECATEDIN_3_0(const EC_METHOD *EC_POINT_method_of(const EC_POINT *point)) /** Sets a point to infinity (neutral element) * \param group underlying EC_GROUP object diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index f3373dc6d5..5afe53acfc 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -621,7 +621,7 @@ static int tls1_check_pkey_comp(SSL *s, EVP_PKEY *pkey) */ return 1; } else { - int field_type = EC_METHOD_get_field_type(EC_GROUP_method_of(grp)); + int field_type = EC_GROUP_get_field_type(grp); if (field_type == NID_X9_62_prime_field) comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; diff --git a/test/ectest.c b/test/ectest.c index f4ccdfb4c1..2fdf339271 100644 --- a/test/ectest.c +++ b/test/ectest.c @@ -161,9 +161,7 @@ static int prime_field_tests(void) { BN_CTX *ctx = NULL; BIGNUM *p = NULL, *a = NULL, *b = NULL, *scalar3 = NULL; - EC_GROUP *group = NULL, *tmp = NULL; - EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, - *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_GROUP *group = NULL; EC_POINT *P = NULL, *Q = NULL, *R = NULL; BIGNUM *x = NULL, *y = NULL, *z = NULL, *yplusone = NULL; # ifndef OPENSSL_NO_DEPRECATED_3_0 @@ -181,20 +179,8 @@ static int prime_field_tests(void) || !TEST_true(BN_hex2bn(&p, "17")) || !TEST_true(BN_hex2bn(&a, "1")) || !TEST_true(BN_hex2bn(&b, "1")) - /* - * applications should use EC_GROUP_new_curve_GFp so - * that the library gets to choose the EC_METHOD - */ - || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method())) - || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) - || !TEST_ptr(tmp = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(tmp, group))) - goto err; - EC_GROUP_free(group); - group = tmp; - tmp = NULL; - - if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx))) + || !TEST_ptr(group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) + || !TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx))) goto err; TEST_info("Curve defined by Weierstrass equation"); @@ -327,8 +313,6 @@ static int prime_field_tests(void) || !TEST_BN_eq(y, z) || !TEST_int_eq(EC_GROUP_get_degree(group), 160) || !group_order_tests(group) - || !TEST_ptr(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_160, group)) /* Curve P-192 (FIPS PUB 186-2, App. 6) */ @@ -366,8 +350,6 @@ static int prime_field_tests(void) ctx)) || !TEST_int_eq(EC_GROUP_get_degree(group), 192) || !group_order_tests(group) - || !TEST_ptr(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_192, group)) /* Curve P-224 (FIPS PUB 186-2, App. 6) */ @@ -405,8 +387,6 @@ static int prime_field_tests(void) ctx)) || !TEST_int_eq(EC_GROUP_get_degree(group), 224) || !group_order_tests(group) - || !TEST_ptr(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) - || !TEST_true(EC_GROUP_copy(P_224, group)) /* Curve P-256 (FIPS PUB 186-2, App. 6) */ @@ -445,8 +425,6 @@ s |