From ab1eac0c4761085b0ec9fe7629dc4a34e0019179 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 4 May 2025 05:10:14 +0000
Subject: Remove the X9.62 prime239v{1,2,3} curves

While RFC 3279 allows these curves for use in X.509 certificates (*), no
one actually does this. Certs using these curves cannot be used for TLS
and the curves aren't accepted by FIPS either. codesearch shows no actual
uses of these curves, only their OIDs are listed. At this point these
have become useless historical baggage.

ok jsing

(*) Of the 27 curves listed in RFC 3279 the only one that seems to have
seen actual use in certificates is P-256.
---
 src/lib/libcrypto/ec/ec_curve.c | 180 +---------------------------------------
 1 file changed, 1 insertion(+), 179 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index ec7a4f5390..6212247ff2 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_curve.c,v 1.56 2025/05/04 04:57:48 tb Exp $ */
+/* $OpenBSD: ec_curve.c,v 1.57 2025/05/04 05:10:14 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project.
  */
@@ -305,141 +305,6 @@ static const struct {
 	},
 };
 
-static const struct {
-	uint8_t seed[20];
-	uint8_t p[30];
-	uint8_t a[30];
-	uint8_t b[30];
-	uint8_t x[30];
-	uint8_t y[30];
-	uint8_t order[30];
-} _EC_X9_62_PRIME_239V1 = {
-	.seed = {
-		0xe4, 0x3b, 0xb4, 0x60, 0xf0, 0xb8, 0x0c, 0xc0, 0xc0, 0xb0,
-		0x75, 0x79, 0x8e, 0x94, 0x80, 0x60, 0xf8, 0x32, 0x1b, 0x7d,
-	},
-	.p = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff,
-	},
-	.a = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xfc,
-	},
-	.b = {
-		0x6b, 0x01, 0x6c, 0x3b, 0xdc, 0xf1, 0x89, 0x41, 0xd0, 0xd6,
-		0x54, 0x92, 0x14, 0x75, 0xca, 0x71, 0xa9, 0xdb, 0x2f, 0xb2,
-		0x7d, 0x1d, 0x37, 0x79, 0x61, 0x85, 0xc2, 0x94, 0x2c, 0x0a,
-	},
-	.x = {
-		0x0f, 0xfa, 0x96, 0x3c, 0xdc, 0xa8, 0x81, 0x6c, 0xcc, 0x33,
-		0xb8, 0x64, 0x2b, 0xed, 0xf9, 0x05, 0xc3, 0xd3, 0x58, 0x57,
-		0x3d, 0x3f, 0x27, 0xfb, 0xbd, 0x3b, 0x3c, 0xb9, 0xaa, 0xaf,
-	},
-	.y = {
-		0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40,
-		0x54, 0xca, 0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18,
-		0xce, 0x22, 0x6b, 0x39, 0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae,
-	},
-	.order = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0x9e, 0x5e, 0x9a, 0x9f, 0x5d,
-		0x90, 0x71, 0xfb, 0xd1, 0x52, 0x26, 0x88, 0x90, 0x9d, 0x0b,
-	},
-};
-
-static const struct {
-	uint8_t seed[20];
-	uint8_t p[30];
-	uint8_t a[30];
-	uint8_t b[30];
-	uint8_t x[30];
-	uint8_t y[30];
-	uint8_t order[30];
-} _EC_X9_62_PRIME_239V2 = {
-	.seed = {
-		0xe8, 0xb4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xca, 0x3b,
-		0x80, 0x99, 0x98, 0x2b, 0xe0, 0x9f, 0xcb, 0x9a, 0xe6, 0x16,
-	},
-	.p = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff,
-	},
-	.a = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xfc,
-	},
-	.b = {
-		0x61, 0x7f, 0xab, 0x68, 0x32, 0x57, 0x6c, 0xbb, 0xfe, 0xd5,
-		0x0d, 0x99, 0xf0, 0x24, 0x9c, 0x3f, 0xee, 0x58, 0xb9, 0x4b,
-		0xa0, 0x03, 0x8c, 0x7a, 0xe8, 0x4c, 0x8c, 0x83, 0x2f, 0x2c,
-	},
-	.x = {
-		0x38, 0xaf, 0x09, 0xd9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xc9,
-		0x21, 0xbb, 0x5e, 0x9e, 0x26, 0x29, 0x6a, 0x3c, 0xdc, 0xf2,
-		0xf3, 0x57, 0x57, 0xa0, 0xea, 0xfd, 0x87, 0xb8, 0x30, 0xe7,
-	},
-	.y = {
-		0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d,
-		0xa0, 0xfc, 0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55,
-		0xde, 0x6e, 0xf4, 0x60, 0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba,
-	},
-	.order = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x80, 0x00, 0x00, 0xcf, 0xa7, 0xe8, 0x59, 0x43,
-		0x77, 0xd4, 0x14, 0xc0, 0x38, 0x21, 0xbc, 0x58, 0x20, 0x63,
-	},
-};
-
-static const struct {
-	uint8_t seed[20];
-	uint8_t p[30];
-	uint8_t a[30];
-	uint8_t b[30];
-	uint8_t x[30];
-	uint8_t y[30];
-	uint8_t order[30];
-} _EC_X9_62_PRIME_239V3 = {
-	.seed = {
-		0x7d, 0x73, 0x74, 0x16, 0x8f, 0xfe, 0x34, 0x71, 0xb6, 0x0a,
-		0x85, 0x76, 0x86, 0xa1, 0x94, 0x75, 0xd3, 0xbf, 0xa2, 0xff,
-	},
-	.p = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff,
-	},
-	.a = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0x80, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x7f, 0xff, 0xff, 0xff, 0xff, 0xfc,
-	},
-	.b = {
-		0x25, 0x57, 0x05, 0xfa, 0x2a, 0x30, 0x66, 0x54, 0xb1, 0xf4,
-		0xcb, 0x03, 0xd6, 0xa7, 0x50, 0xa3, 0x0c, 0x25, 0x01, 0x02,
-		0xd4, 0x98, 0x87, 0x17, 0xd9, 0xba, 0x15, 0xab, 0x6d, 0x3e,
-	},
-	.x = {
-		0x67, 0x68, 0xae, 0x8e, 0x18, 0xbb, 0x92, 0xcf, 0xcf, 0x00,
-		0x5c, 0x94, 0x9a, 0xa2, 0xc6, 0xd9, 0x48, 0x53, 0xd0, 0xe6,
-		0x60, 0xbb, 0xf8, 0x54, 0xb1, 0xc9, 0x50, 0x5f, 0xe9, 0x5a,
-	},
-	.y = {
-		0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d,
-		0x55, 0x2b, 0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b,
-		0x6e, 0x81, 0x84, 0x99, 0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3,
-	},
-	.order = {
-		0x7f, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-		0xff, 0xff, 0x7f, 0xff, 0xff, 0x97, 0x5d, 0xeb, 0x41, 0xb3,
-		0xa6, 0x05, 0x7c, 0x3c, 0x43, 0x21, 0x46, 0x52, 0x65, 0x51,
-	},
-};
-
 static const struct {
 	uint8_t p[29];
 	uint8_t a[29];
@@ -1164,49 +1029,6 @@ static const struct ec_curve {
 		.order = _EC_NIST_PRIME_521.order,
 		.cofactor = 1,
 	},
-	/* X9.62 curves */
-	{
-		.comment = "X9.62 curve prime239v1",
-		.nid = NID_X9_62_prime239v1,
-		.seed_len = sizeof(_EC_X9_62_PRIME_239V1.seed),
-		.param_len = sizeof(_EC_X9_62_PRIME_239V1.p),
-		.seed = _EC_X9_62_PRIME_239V1.seed,
-		.p = _EC_X9_62_PRIME_239V1.p,
-		.a = _EC_X9_62_PRIME_239V1.a,
-		.b = _EC_X9_62_PRIME_239V1.b,
-		.x = _EC_X9_62_PRIME_239V1.x,
-		.y = _EC_X9_62_PRIME_239V1.y,
-		.order = _EC_X9_62_PRIME_239V1.order,
-		.cofactor = 1,
-	},
-	{
-		.comment = "X9.62 curve prime239v2",
-		.nid = NID_X9_62_prime239v2,
-		.seed_len = sizeof(_EC_X9_62_PRIME_239V2.seed),
-		.param_len = sizeof(_EC_X9_62_PRIME_239V2.p),
-		.seed = _EC_X9_62_PRIME_239V2.seed,
-		.p = _EC_X9_62_PRIME_239V2.p,
-		.a = _EC_X9_62_PRIME_239V2.a,
-		.b = _EC_X9_62_PRIME_239V2.b,
-		.x = _EC_X9_62_PRIME_239V2.x,
-		.y = _EC_X9_62_PRIME_239V2.y,
-		.order = _EC_X9_62_PRIME_239V2.order,
-		.cofactor = 1,
-	},
-	{
-		.comment = "X9.62 curve prime239v3",
-		.nid = NID_X9_62_prime239v3,
-		.seed_len = sizeof(_EC_X9_62_PRIME_239V3.seed),
-		.param_len = sizeof(_EC_X9_62_PRIME_239V3.p),
-		.seed = _EC_X9_62_PRIME_239V3.seed,
-		.p = _EC_X9_62_PRIME_239V3.p,
-		.a = _EC_X9_62_PRIME_239V3.a,
-		.b = _EC_X9_62_PRIME_239V3.b,
-		.x = _EC_X9_62_PRIME_239V3.x,
-		.y = _EC_X9_62_PRIME_239V3.y,
-		.order = _EC_X9_62_PRIME_239V3.order,
-		.cofactor = 1,
-	},
 	/* RFC 5639 curves */
 	{
 		.comment = "RFC 5639 curve brainpoolP224r1",
-- 
cgit v1.2.3-55-g6feb