Provides get/set for affine coordinates on OpenSSL::PKey::EC::Point

[rickmark]

This implements #433

Provides OpenSSL::PKey::EC::Point#affine_coords and OpenSSL::PKey::EC::Point#affine_coords= for uncompressed coords taking either an Integer or a OpenSSL::BN for set and always returns an array of OpenSSL::BN for get.

It also implements OpenSSL::PKey::EC::Point#set_compressed_coords taking an Integer or a OpenSSL::BN for the value of X and an Integer that is directly passed to EC_POINT_set_compressed_coordinates. I feel like it should be checked for [0..1] but was simpler to pass the value directly.

[rhenium]

We know this is unreachable.

[rickmark]

Just defensive coding 🙃

[rhenium]

BN implements #initialize_copy. The #dup method defined by Object should already work without this.

[rickmark]

Will resolve with a comment to that effect so others know as well

[rickmark]

Should we alias +@ to #dup then?

[rhenium]

I think the current state (having #+@ as a normal method defined by ossl_bn_uplus()) is fine.

[rhenium]

GetBNPtr() uses try_convert_to_bn() internally. So, simply x = RARRAY_AREF(coords, 0); followed by xBN = GetBNPtr(x) should be enough.

The value from the array still needs to be stored into a separate VALUE variable (x, y) once, though.

[rhenium]

point and group are never NULL. GetECPoint() and GetECPointGroup() must be checking it.

[rhenium]

No need to explicitly check here, NUM2INT() will also do a type check (and calls #to_int if necessary).

[rhenium]

Can we have an alternate implementation in ext/openssl/openssl_missing.c using the suffixed variants? EC_POINT_get_affine_coordinates() only exists in OpenSSL 1.1.1, and the latest LibreSSL still doesn't have it.

Checking only EC_POINT_get_affine_coordinates should be good enough since it's unlikely a future LibreSSL version implements just one or two of the three functions.

[rickmark]

"alternate implementation" as in using the GFp and GF2m functions, or my nonsense encoding kludge?

[rhenium]

I meant using the GFp and GF2m functions. They should both exist in OpenSSL <= 1.1.0 and LibreSSL.

[rhenium]

I think the current state (having #+@ as a normal method defined by ossl_bn_uplus()) is fine.

[rhenium]

These are not used.

[rickmark]

“Polyfill” patch is in progress to ensure that we can call get affine for either coordinate space Get Outlook for iOS<https://aka.ms/o0ukef>

________________________________ From: Kazuki Yamaguchi ***@***.***> Sent: Wednesday, April 14, 2021 11:04:34 PM To: ruby/openssl ***@***.***> Cc: Rick Mark ***@***.***>; Author ***@***.***> Subject: Re: [ruby/openssl] Provides get/set for affine coordinates on OpenSSL::PKey::EC::Point (#435) @rhenium commented on this pull request.

________________________________ In ext/openssl/extconf.rb<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fruby%2Fopenssl%2Fpull%2F435%23discussion_r613778945&data=04%7C01%7C%7C21d0cb1270304c8e032b08d8ffd457d8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637540634760103083%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2BbwZYVL9%2Bg0JezAXaYrkBMBW8l7wHxJPrWMTcc8lbJ4%3D&reserved=0>:

@@ -174,6 +174,11 @@ def find_openssl_library

have_func("EVP_PBE_scrypt") have_func("SSL_CTX_set_post_handshake_auth") +# added in 1.1.1 +have_func("EC_POINT_get_affine_coordinates") +have_func("EC_POINT_set_affine_coordinates") +have_func("EC_POINT_set_compressed_coordinates") I meant using the GFp and GF2m functions. They should both exist in OpenSSL <= 1.1.0 and LibreSSL. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fruby%2Fopenssl%2Fpull%2F435%23discussion_r613778945&data=04%7C01%7C%7C21d0cb1270304c8e032b08d8ffd457d8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637540634760113084%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=bRGYD94EAxoL6VjYe0fs31AZ7tionI%2BOJ0nrL2tDgH8%3D&reserved=0>, or unsubscribe<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAAA6TW7SPTOCSKT6OWLSBHLTIZ6XFANCNFSM42KZ7OXQ&data=04%7C01%7C%7C21d0cb1270304c8e032b08d8ffd457d8%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637540634760123078%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=FjXPqx%2FkB8PHEyNqJKWfKYxSkd%2BPclgZpDMewpwVqzY%3D&reserved=0>.