rework ECIES to avoid ECDH_KDF_X9_62

[mcr]

openssl/openssl@9453b19 decprecates ECDH_KDF_X9_62 which is used in contributed code for ECIES, so this needs to be fixed.

[rhenium]

I cannot merge #246 because we should avoid implementing primitives in this library.

On a side note, once we gain OpenSSL::PKey#derive (which I hope to merge in #329), the KDF can be made accessible from Ruby through the EVP API as suggested in OpenSSL's CHANGES file.

[mcr]

I appreciate the situation. I believe that we need ruby-openssl internals in order to implement this elsewhere. Would it a patching making it possible to do that be acceptable? (Upstreaming to OpenSSL may take years)

[rhenium]

I doubt if there is a portable way to use the internals/symbols of Ruby/OpenSSL from another extension library. It might work on Linux (as Ruby uses RTLD_GLOBAL flag when loading extension libraries with dlopen(3)), but I'm not sure about other platforms.

Another concern is mixed versions of OpenSSL. It's possible that Ruby/OpenSSL and openssl-pkey-ec-ies link to incompatible versions of libcrypto, and in that case, sharing the EVP_PKEY object would result in silent misbehavior or crash.

I wonder if it is really necessary to use them to implement it. To me, it seems like the best option is to serialize a key into DER format and let other library re-construct EVP_PKEY from it.