Enable explicit ECC curve parameters export

[sylvainpelissier]

Explicit ECC curve parameters as defined in RFC5480 like -param_enc explicit parameter in openssl.

[Legrandin]

Thanks a lot for this contribution, which also include tests!

However, I wonder if this change has any practical use case: explicitly specifying curve parameters was a thing in the past, when people used generic Short Weierstrass implementations for curve arithmetic. Today curves are all named, and the implementation very specialized, because of special moduli for instance. On top of that, RFC5480 itself states that explicit curve parameters (specifiedCurve) should not be used (MUST NOT), and that was 11 years ago already...

[sylvainpelissier]

Personnally I used this thing in my work on CVE-2020-0601 the ChainOfFools vulnerability. I agree this is a thing of the past but it is still used by OpenSSL on Windows 10. For a research point of view it would be convenient to have such feature.

[Legrandin]

OK, I was guessing right this was not a timely coincidence. The library is also intended to support offensive research to a certain extent, so I am not excluding this code could be included, but it does, it should not be mixed with "safe" parts of the library. I was thinking already of adding a separate module (e.g. Crypto.Experimental) that does not guarantee backward compatibility nor to always exist, and which could be a place for this features. For instance, in there, a class derived from EccKey could implement this deprecated method for exporting ECC key in all their components.

[sylvainpelissier]

Yes I think it is the correct way to handle it. It would avoid misuse of the library.

[sylvainpelissier]

Is it what you were thinking about ?

[sylvainpelissier]

Any news on this one ?

[sylvainpelissier]

Any plan to integrate it ?