From 7641d485db4bb3838919f8a7aa1d7799fc0c0285 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sun, 10 Dec 2017 23:41:29 +0200
Subject: [PATCH] BoringSSL: Use EC_KEY_new_by_curve_name() to simplify
 implementation

There is no need to go through EC_GROUP_new_by_curve_name(),
EC_KEY_new(), and EC_KEY_set_group() when a single call to
EC_KEY_new_by_curve_name() takes care of all that.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/common/dpp.c            | 6 ++----
 src/crypto/crypto_openssl.c | 6 ++----
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 17ef2168b..b7475af58 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -1068,7 +1068,6 @@ static EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve)
 {
 #ifdef OPENSSL_IS_BORINGSSL
 	EVP_PKEY_CTX *kctx = NULL;
-	const EC_GROUP *group;
 	EC_KEY *ec_params;
 #else
 	EVP_PKEY_CTX *pctx, *kctx = NULL;
@@ -1084,9 +1083,8 @@ static EVP_PKEY * dpp_gen_keypair(const struct dpp_curve_params *curve)
 		return NULL;
 	}
 #ifdef OPENSSL_IS_BORINGSSL
-	group = EC_GROUP_new_by_curve_name(nid);
-	ec_params = EC_KEY_new();
-	if (!ec_params || EC_KEY_set_group(ec_params, group) != 1) {
+	ec_params = EC_KEY_new_by_curve_name(nid);
+	if (!ec_params) {
 		wpa_printf(MSG_ERROR,
 			   "DPP: Failed to generate EC_KEY parameters");
 		goto fail;
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index 193b5f084..616968f4c 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -1706,7 +1706,6 @@ struct crypto_ecdh * crypto_ecdh_init(int group)
 	struct crypto_ecdh *ecdh;
 	EVP_PKEY *params = NULL;
 #ifdef OPENSSL_IS_BORINGSSL
-	const EC_GROUP *ec_group;
 	EC_KEY *ec_params;
 #else /* OPENSSL_IS_BORINGSSL */
 	EVP_PKEY_CTX *pctx = NULL;
@@ -1722,9 +1721,8 @@ struct crypto_ecdh * crypto_ecdh_init(int group)
 		goto fail;
 
 #ifdef OPENSSL_IS_BORINGSSL
-	ec_group = EC_GROUP_new_by_curve_name(ecdh->ec->nid);
-	ec_params = EC_KEY_new();
-	if (!ec_params || EC_KEY_set_group(ec_params, ec_group) != 1) {
+	ec_params = EC_KEY_new_by_curve_name(ecdh->ec->nid);
+	if (!ec_params) {
 		wpa_printf(MSG_ERROR,
 			   "BoringSSL: Failed to generate EC_KEY parameters");
 		goto fail;