upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-11 05:49:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

don't set named curves explicitly in pre-3.0 libcrypto

Browse source 
The function `EC_KEY_set_asn1_flag` is deprecated in AWS-LC. Fortunately
calling it to make sure we use named curve keys is entirely unnecessary.

More information for pre-3.0 libcrypto and significant forks are as
following:

OpenSSL: Named curves were the default between 1.1.0 and 3.6.1 [1],[2]
AWS-LC: Library only supports named curves in the first place [3]
BoringSSL: Likewise with AWS-LC [4]
LibreSSL: `EC_GROUP`s are named by default [5]

[1] 86f300d385
[2] 9db6af922c
[3] a605df416b/include/openssl/ec_key.h (L442-L445)
[4] 514abb73bb/include/openssl/ec_key.h (L279-L280)
[5] c933874518/src/lib/libcrypto/ec/ec_lib.c (L94)
This commit is contained in:
Aydın Mercan 2026-02-06 15:31:40 +03:00
parent d35a527ffb
commit 48a77a4bfc
1 changed files with 0 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
lib/isc/ossl_wrap/ossl1_1.c
View file

@ -122,7 +122,6 @@ generate_ec_key(EVP_PKEY **pkeyp, const int nid) {
CLEANUP(OSSL_WRAP_ERROR("EC_KEY_generate_key"));
}
EC_KEY_set_asn1_flag(eckey, OPENSSL_EC_NAMED_CURVE);
EC_KEY_set_conv_form(eckey, POINT_CONVERSION_UNCOMPRESSED);
pkey = EVP_PKEY_new();