BoringSSL: Use EC_KEY_new_by_curve_name() to simplify implementation

There is no need to go through EC_GROUP_new_by_curve_name(), EC_KEY_new(), and EC_KEY_set_group() when a single call to EC_KEY_new_by_curve_name() takes care of all that. Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 23:41:29 +02:00 · 2017-12-10 23:41:29 +02:00 · 7641d485db
commit 7641d485db
parent a5da39607d
2 changed files with 4 additions and 8 deletions
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@ -1068,7 +1068,6 @@ static EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve)
 {
 #ifdef OPENSSL_IS_BORINGSSL
 	EVP_PKEY_CTX *kctx = NULL;
-	const EC_GROUP *group;
 	EC_KEY *ec_params;
 #else
 	EVP_PKEY_CTX *pctx, *kctx = NULL;
@ -1084,9 +1083,8 @@ static EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve)
 		return NULL;
 	}
 #ifdef OPENSSL_IS_BORINGSSL
-	group = EC_GROUP_new_by_curve_name(nid);
-	ec_params = EC_KEY_new();
-	if (!ec_params || EC_KEY_set_group(ec_params, group) != 1) {
+	ec_params = EC_KEY_new_by_curve_name(nid);
+	if (!ec_params) {
 		wpa_printf(MSG_ERROR,
 			   "DPP: Failed to generate EC_KEY parameters");
 		goto fail;
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@ -1706,7 +1706,6 @@ struct crypto_ecdh * crypto_ecdh_init(int group)
 	struct crypto_ecdh *ecdh;
 	EVP_PKEY *params = NULL;
 #ifdef OPENSSL_IS_BORINGSSL
-	const EC_GROUP *ec_group;
 	EC_KEY *ec_params;
 #else /* OPENSSL_IS_BORINGSSL */
 	EVP_PKEY_CTX *pctx = NULL;
@ -1722,9 +1721,8 @@ struct crypto_ecdh * crypto_ecdh_init(int group)
 		goto fail;

 #ifdef OPENSSL_IS_BORINGSSL
-	ec_group = EC_GROUP_new_by_curve_name(ecdh->ec->nid);
-	ec_params = EC_KEY_new();
-	if (!ec_params || EC_KEY_set_group(ec_params, ec_group) != 1) {
+	ec_params = EC_KEY_new_by_curve_name(ecdh->ec->nid);
+	if (!ec_params) {
 		wpa_printf(MSG_ERROR,
 			   "BoringSSL: Failed to generate EC_KEY parameters");
 		goto fail;