DPP: Add crypto_ec_key_cmp() in crypto.h and use it

This gets rid of one more direct OpenSSL call in the DPP implementation. Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
2021-06-28 18:25:34 +02:00 · 2021-06-28 18:25:34 +02:00 · c88b7fcaef
commit c88b7fcaef
parent 984faf9634
3 changed files with 17 additions and 2 deletions
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@ -2370,8 +2370,7 @@ skip_groups:
 		goto fail;
 	dpp_debug_print_key("DPP: Received netAccessKey", key);

-	if (EVP_PKEY_cmp((EVP_PKEY *) key,
-			 (EVP_PKEY *) auth->own_protocol_key) != 1) {
+	if (crypto_ec_key_cmp(key, auth->own_protocol_key)) {
 		wpa_printf(MSG_DEBUG,
 			   "DPP: netAccessKey in connector does not match own protocol key");
 #ifdef CONFIG_TESTING_OPTIONS
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@ -1150,4 +1150,12 @@ int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key,
 */
 int crypto_ec_key_group(struct crypto_ec_key *key);

+/**
+ * crypto_ec_key_cmp - Compare two EC public keys
+ * @key1: Key 1
+ * @key2: Key 2
+ * Returns: 0 if public keys are identical, -1 otherwise
+ */
+int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2);
+
 #endif /* CRYPTO_H */
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@ -2770,4 +2770,12 @@ int crypto_ec_key_group(struct crypto_ec_key *key)
 	return -1;
 }

+
+int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2)
+{
+	if (EVP_PKEY_cmp((EVP_PKEY *) key1, (EVP_PKEY *) key2) != 1)
+		return -1;
+	return 0;
+}
+
 #endif /* CONFIG_ECC */