Provide a local replacement for deprecated `EC_KEY_*` APIs

[VladGud]

Provide a local replacement for deprecated EC_KEY_* APIs

Issue Summary

Implement a minimal internal EC_KEY compatibility layer (COMPAT_EC_KEY) to replace deprecated EC_KEY_* APIs when OpenSSL is built with OPENSSL_NO_DEPRECATED_3_0. Use macro-based conditional compilation to delegate to OpenSSL when available or fallback to the internal implementation.

Problem Description

The GOST provider code extensively uses deprecated EC_KEY_* APIs (EC_KEY_new, EC_KEY_free, EC_KEY_get0_group, EC_KEY_get0_private_key, EC_KEY_get0_public_key, EC_KEY_set_group, EC_KEY_set_private_key, EC_KEY_set_public_key, EC_KEY_check_key), which are removed in OpenSSL builds with OPENSSL_NO_DEPRECATED_3_0. This prevents compilation and execution in modern OpenSSL environments. A transitional compatibility layer is needed until full migration to provider-native key management is complete.

Current Implementation

• Direct calls to EC_KEY_* functions in gost_ameth.c (e.g., lines 203, 447, 1058, 1132, 199) and gost_pmeth.c (e.g., line 1147)
• Key management relies on OpenSSL's EC_KEY structure for group, private key, public key access and validation
• No existing compatibility layer; code assumes deprecated APIs are available

Required Changes

1. Define COMPAT_EC_KEY structure and macros

• Create a COMPAT_EC_KEY structure in a new header (e.g., gost_compat_ec.h) that mirrors essential EC_KEY fields (group, private key, public key)
• Define macros for each deprecated function:
  • If GOST_ENABLE_LEGACY is defined, macros delegate to original EC_KEY_* functions
  • If not defined, macros use COMPAT_EC_KEY functions for allocation, access, and deallocation

2. Implement COMPAT_EC_KEY functions

• COMPAT_EC_KEY_new(): Allocate and initialize the structure
• COMPAT_EC_KEY_free(): Deallocate the structure and its components
• COMPAT_EC_KEY_get0_group(): Return stored group
• COMPAT_EC_KEY_get0_private_key(): Return stored private key
• COMPAT_EC_KEY_get0_public_key(): Return stored public key
• COMPAT_EC_KEY_set_group(): Store group in structure
• COMPAT_EC_KEY_set_private_key(): Store private key in structure
• COMPAT_EC_KEY_set_public_key(): Store public key in structure
• COMPAT_EC_KEY_check_key(): Perform basic validation (e.g., check if group and keys are set)

3. Define overriding macros for function names

• In the header gost_compat_ec.h, define macros that override the function names directly (e.g., #define EC_KEY_new COMPAT_EC_KEY_new)
• This allows existing code to call EC_KEY_new without changes, but the calls will be redirected to the compat functions when the header is included
• Ensure the header is included in all files that use EC_KEY_* APIs (e.g., gost_ameth.c, gost_pmeth.c, and others identified via grep)

4. Handle memory management

• Ensure proper reference counting or duplication for BIGNUMs and EC_GROUP in the compat layer
• Avoid memory leaks by implementing correct cleanup

Acceptance Criteria

• Code compiles and runs when GOST_ENABLE_LEGACY is not defined
• COMPAT_EC_KEY provides equivalent functionality to deprecated EC_KEY_* APIs
• Memory management is correct; no leaks or crashes during key lifecycle
• When GOST_ENABLE_LEGACY is defined, behavior remains unchanged (delegates to OpenSSL)

Testing

• Unit tests for key management (creation, setting/getting keys, validation) pass with both macro modes
• Integration tests for signing, verification, and key exchange succeed