=head1 NAME
-EC_GROUP_get_ecparameters, EC_GROUP_get_ecpkparameters,
-EC_GROUP_new, EC_GROUP_new_from_ecparameters,
+EC_GROUP_get_ecparameters,
+EC_GROUP_get_ecpkparameters,
+EC_GROUP_new_ex,
+EC_GROUP_new,
+EC_GROUP_new_from_ecparameters,
EC_GROUP_new_from_ecpkparameters,
-EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp,
-EC_GROUP_new_curve_GF2m, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve_GFp,
-EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROUP_get_curve_GF2m,
+EC_GROUP_free,
+EC_GROUP_clear_free,
+EC_GROUP_new_curve_GFp,
+EC_GROUP_new_curve_GF2m,
+EC_GROUP_new_by_curve_name_ex,
+EC_GROUP_new_by_curve_name,
+EC_GROUP_set_curve,
+EC_GROUP_get_curve,
+EC_GROUP_set_curve_GFp,
+EC_GROUP_get_curve_GFp,
+EC_GROUP_set_curve_GF2m,
+EC_GROUP_get_curve_GF2m,
EC_get_builtin_curves - Functions for creating and destroying EC_GROUP
objects
#include <openssl/ec.h>
+ EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth);
EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
+ EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, int nid);
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+ int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
+ const BIGNUM *b, BN_CTX *ctx);
+ int EC_GROUP_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b,
+ BN_CTX *ctx);
int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p,
const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx);
int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p,
Operations in a binary field are performed relative to an B<irreducible polynomial>. All such curves with OpenSSL
use a trinomial or a pentanomial for this parameter.
-A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by B<meth> (see
-L<EC_GFp_simple_method(3)>). It is then necessary to call either EC_GROUP_set_curve_GFp or
-EC_GROUP_set_curve_GF2m as appropriate to create a curve defined over Fp or over F2^m respectively.
+A new curve can be constructed by calling EC_GROUP_new_ex, using the implementation provided by B<meth> (see
+L<EC_GFp_simple_method(3)>) and associated with the library context B<ctx>
+(see L<OPENSSL_CTX(3)>).
+The B<ctx> parameter may be NULL in which case the default library context is used.
+It is then necessary to call EC_GROUP_set_curve() to set the curve parameters.
EC_GROUP_new_from_ecparameters() will create a group from the
specified B<params> and
EC_GROUP_new_from_ecpkparameters() will create a group from the specific PK B<params>.
-EC_GROUP_set_curve_GFp sets the curve parameters B<p>, B<a> and B<b> for a curve over Fp stored in B<group>.
-EC_group_get_curve_GFp obtains the previously set curve parameters.
+EC_GROUP_new is the same as EC_GROUP_new_ex() except that the library context
+used is always the default library context.
-EC_GROUP_set_curve_GF2m sets the equivalent curve parameters for a curve over F2^m. In this case B<p> represents
-the irreducible polynomial - each bit represents a term in the polynomial. Therefore there will either be three
-or five bits set dependent on whether the polynomial is a trinomial or a pentanomial.
-EC_group_get_curve_GF2m obtains the previously set curve parameters.
+EC_GROUP_set_curve() sets the curve parameters B<p>, B<a> and B<b>. For a curve over Fp B<b>
+is the prime for the field. For a curve over F2^m B<p> represents the irreducible polynomial - each bit
+represents a term in the polynomial. Therefore there will either be three or five bits set dependent on whether
+the polynomial is a trinomial or a pentanomial.
-The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and the
-appropriate EC_group_set_curve function. An appropriate default implementation method will be used.
+EC_group_get_curve() obtains the previously set curve parameters.
+
+EC_GROUP_set_curve_GFp() and EC_GROUP_set_curve_GF2m() are synonyms for EC_GROUP_set_curve(). They are defined for
+backwards compatibility only and should not be used.
+
+EC_GROUP_get_curve_GFp() and EC_GROUP_get_curve_GF2m() are synonyms for EC_GROUP_get_curve(). They are defined for
+backwards compatibility only and should not be used.
+
+The functions EC_GROUP_new_curve_GFp and EC_GROUP_new_curve_GF2m are shortcuts for calling EC_GROUP_new and then the
+EC_GROUP_set_curve function. An appropriate default implementation method will be used.
Whilst the library can be used to create any curve using the functions described above, there are also a number of
predefined curves that are available. In order to obtain a list of all of the predefined curves, call the function
Each EC_builtin_curve item has a unique integer id (B<nid>), and a human readable comment string describing the curve.
-In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name and provide the B<nid> of the curve to
-be constructed.
+In order to construct a builtin curve use the function EC_GROUP_new_by_curve_name_ex and provide the B<nid> of the curve to
+be constructed and the associated library context to be used in B<ctx> (see L<OPENSSL_CTX(3)>).
+The B<ctx> value may be NULL in which case the default library context is used.
+
+EC_GROUP_new_by_curve_name is the same as EC_GROUP_new_by_curve_name_ex except
+that the default library context is always used.
EC_GROUP_free frees the memory associated with the EC_GROUP.
If B<group> is NULL nothing is done.
L<crypto(7)>, L<EC_GROUP_copy(3)>,
L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
+L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>,
+L<OPENSSL_CTX(3)>
+
+=head1 HISTORY
+
+EC_GROUP_new_ex and EC_GROUP_new_by_curve_name_ex were added in OpenSSL 3.0.
=head1 COPYRIGHT
-Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.
-Licensed under the OpenSSL license (the "License"). You may not use
+Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.