From c88b7fcaef7ef76c7c464970b17a9b4c121db136 Mon Sep 17 00:00:00 2001 From: Cedric Izoard Date: Mon, 28 Jun 2021 18:25:34 +0200 Subject: [PATCH] DPP: Add crypto_ec_key_cmp() in crypto.h and use it This gets rid of one more direct OpenSSL call in the DPP implementation. Signed-off-by: Cedric Izoard --- src/common/dpp.c | 3 +-- src/crypto/crypto.h | 8 ++++++++ src/crypto/crypto_openssl.c | 8 ++++++++ 3 files changed, 17 insertions(+), 2 deletions(-) diff --git a/src/common/dpp.c b/src/common/dpp.c index e97f9f4ba..02ed0dd91 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -2370,8 +2370,7 @@ skip_groups: goto fail; dpp_debug_print_key("DPP: Received netAccessKey", key); - if (EVP_PKEY_cmp((EVP_PKEY *) key, - (EVP_PKEY *) auth->own_protocol_key) != 1) { + if (crypto_ec_key_cmp(key, auth->own_protocol_key)) { wpa_printf(MSG_DEBUG, "DPP: netAccessKey in connector does not match own protocol key"); #ifdef CONFIG_TESTING_OPTIONS diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h index e96d1941b..e19037b60 100644 --- a/src/crypto/crypto.h +++ b/src/crypto/crypto.h @@ -1150,4 +1150,12 @@ int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, */ int crypto_ec_key_group(struct crypto_ec_key *key); +/** + * crypto_ec_key_cmp - Compare two EC public keys + * @key1: Key 1 + * @key2: Key 2 + * Returns: 0 if public keys are identical, -1 otherwise + */ +int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2); + #endif /* CRYPTO_H */ diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c index b571ff0ef..f7c52ffbc 100644 --- a/src/crypto/crypto_openssl.c +++ b/src/crypto/crypto_openssl.c @@ -2770,4 +2770,12 @@ int crypto_ec_key_group(struct crypto_ec_key *key) return -1; } + +int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2) +{ + if (EVP_PKEY_cmp((EVP_PKEY *) key1, (EVP_PKEY *) key2) != 1) + return -1; + return 0; +} + #endif /* CONFIG_ECC */