5 files changed, 54 insertions, 1 deletions
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index c14d1a1..2623b53 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -364,6 +364,11 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group)
     return group->curve_name;
 }
 
+const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group)
+{
+    return group->field;
+}
+
 void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag)
 {
     group->asn1_flag = flag;
diff --git a/doc/man3/EC_GROUP_copy.pod b/doc/man3/EC_GROUP_copy.pod
index 453825a..3f7108d 100644
--- a/doc/man3/EC_GROUP_copy.pod
+++ b/doc/man3/EC_GROUP_copy.pod
@@ -11,7 +11,7 @@ EC_GROUP_get_point_conversion_form, EC_GROUP_get0_seed,
 EC_GROUP_get_seed_len, EC_GROUP_set_seed, EC_GROUP_get_degree,
 EC_GROUP_check, EC_GROUP_check_discriminant, EC_GROUP_cmp,
 EC_GROUP_get_basis_type, EC_GROUP_get_trinomial_basis,
-EC_GROUP_get_pentanomial_basis
+EC_GROUP_get_pentanomial_basis, EC_GROUP_get0_field
 - Functions for manipulating EC_GROUP objects
 
 =head1 SYNOPSIS
@@ -32,6 +32,7 @@ EC_GROUP_get_pentanomial_basis
  int EC_GROUP_order_bits(const EC_GROUP *group);
  int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx);
  const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
+ const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group);
 
  void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
  int EC_GROUP_get_curve_name(const EC_GROUP *group);
@@ -177,6 +178,8 @@ specified curve respectively. If there is no curve name associated with a curve
 EC_GROUP_get0_order() returns an internal pointer to the group order.
 EC_GROUP_order_bits() returns the number of bits in the group order.
 EC_GROUP_get0_cofactor() returns an internal pointer to the group cofactor.
+EC_GROUP_get0_field() returns an internal pointer to the group field. For curves over GF(p), this is the modulus; for curves
+over GF(2^m), this is the irreducible polynomial defining the field.
 
 EC_GROUP_get0_seed returns a pointer to the seed that was used to generate the parameter b, or NULL if the seed is not
 specified. EC_GROUP_get_seed_len returns the length of the seed or 0 if the seed is not specified.
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 4afaad4..7c15368 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -212,6 +212,12 @@ void EC_GROUP_set_curve_name(EC_GROUP *group, int nid);
  */
 int EC_GROUP_get_curve_name(const EC_GROUP *group);
 
+/** Gets the field of an EC_GROUP
+ *  \param  group  EC_GROUP object
+ *  \return the group field
+ */
+const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group);
+
 void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
 int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
 
diff --git a/test/ectest.c b/test/ectest.c
index cdfaeb6..0f42597 100644
--- a/test/ectest.c
+++ b/test/ectest.c
@@ -1159,6 +1159,43 @@ static int internal_curve_test_method(int n)
     return r;
 }
 
+static int group_field_test(void)
+{
+    int r = 1;
+    BIGNUM *secp521r1_field = NULL;
+    BIGNUM *sect163r2_field = NULL;
+    EC_GROUP *secp521r1_group = NULL;
+    EC_GROUP *sect163r2_group = NULL;
+
+    BN_hex2bn(&secp521r1_field,
+                "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
+                "FFFF");
+
+
+    BN_hex2bn(&sect163r2_field,
+                "08000000000000000000000000000000"
+                "00000000C9");
+
+    secp521r1_group = EC_GROUP_new_by_curve_name(NID_secp521r1);
+    if (BN_cmp(secp521r1_field, EC_GROUP_get0_field(secp521r1_group)))
+      r = 0;
+
+    # ifndef OPENSSL_NO_EC2M
+    sect163r2_group = EC_GROUP_new_by_curve_name(NID_sect163r2);
+    if (BN_cmp(sect163r2_field, EC_GROUP_get0_field(sect163r2_group)))
+      r = 0;
+    # endif
+
+    EC_GROUP_free(secp521r1_group);
+    EC_GROUP_free(sect163r2_group);
+    BN_free(secp521r1_field);
+    BN_free(sect163r2_field);
+    return r;
+}
+
 # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
 /*
  * nistp_test_params contains magic numbers for testing our optimized
@@ -1513,6 +1550,7 @@ int setup_tests(void)
 # endif
     ADD_ALL_TESTS(internal_curve_test, crv_len);
     ADD_ALL_TESTS(internal_curve_test_method, crv_len);
+    ADD_TEST(group_field_test);
 #endif
     return 1;
 }
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 2b5365e..b262bc7 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -4639,3 +4639,4 @@ EVP_KDF_vctrl                           4594	3_0_0	EXIST::FUNCTION:
 EVP_KDF_ctrl_str                        4595	3_0_0	EXIST::FUNCTION:
 EVP_KDF_size                            4596	3_0_0	EXIST::FUNCTION:
 EVP_KDF_derive                          4597	3_0_0	EXIST::FUNCTION:
+EC_GROUP_get0_field                     4598	3_0_0	EXIST::FUNCTION:EC