Function crypto_ec_key_parse_priv already parse ASN.1 ECPrivateKey so
use it when possible.
Signed-off-by: Cedric Izoard <cedric.izoard@xxxxxxxxxxxx>
---
src/common/dpp_backup.c | 27 ++++---------------------
src/common/dpp_crypto.c | 44 ++++++++++++++---------------------------
2 files changed, 19 insertions(+), 52 deletions(-)
diff --git a/src/common/dpp_backup.c b/src/common/dpp_backup.c
index 65fe12afc..0d2dd8a78 100644
--- a/src/common/dpp_backup.c
+++ b/src/common/dpp_backup.c
@@ -7,8 +7,6 @@
*/
#include "utils/includes.h"
-#include <openssl/opensslv.h>
-#include <openssl/err.h>
#include "utils/common.h"
#include "crypto/aes.h"
@@ -866,7 +864,6 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len)
struct asn1_oid oid;
char txt[80];
struct dpp_asymmetric_key *key;
- EC_KEY *eckey;
wpa_hexdump_key(MSG_MSGDUMP, "DPP: OneAsymmetricKey", buf, len);
@@ -941,16 +938,8 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len)
wpa_hexdump_key(MSG_MSGDUMP, "DPP: PrivateKey",
hdr.payload, hdr.length);
pos = hdr.payload + hdr.length;
- eckey = d2i_ECPrivateKey(NULL, &hdr.payload, hdr.length);
- if (!eckey) {
- wpa_printf(MSG_INFO,
- "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
- goto fail;
- }
- key->csign = (struct crypto_ec_key *)EVP_PKEY_new();
- if (!key->csign || EVP_PKEY_assign_EC_KEY((EVP_PKEY *)key->csign, eckey) != 1) {
- EC_KEY_free(eckey);
+ key->csign = crypto_ec_key_parse_priv(hdr.payload, hdr.length);
+ if (!key->csign) {
goto fail;
}
if (wpa_debug_show_keys)
@@ -1062,16 +1051,8 @@ dpp_parse_one_asymmetric_key(const u8 *buf, size_t len)
wpa_hexdump_key(MSG_MSGDUMP, "DPP: privacyProtectionKey",
hdr.payload, hdr.length);
pos = hdr.payload + hdr.length;
- eckey = d2i_ECPrivateKey(NULL, &hdr.payload, hdr.length);
- if (!eckey) {
- wpa_printf(MSG_INFO,
- "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
- goto fail;
- }
- key->pp_key = (struct crypto_ec_key *)EVP_PKEY_new();
- if (!key->pp_key || EVP_PKEY_assign_EC_KEY((EVP_PKEY *)key->pp_key, eckey) != 1) {
- EC_KEY_free(eckey);
+ key->pp_key = crypto_ec_key_parse_priv(hdr.payload, hdr.length);
+ if (!key->pp_key) {
goto fail;
}
if (wpa_debug_show_keys)
diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c
index 61715afd4..2e4a9a27a 100644
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -393,45 +393,31 @@ struct crypto_ec_key * dpp_gen_keypair(const struct dpp_curve_params *curve)
struct crypto_ec_key * dpp_set_keypair(const struct dpp_curve_params **curve,
const u8 *privkey, size_t privkey_len)
{
- EVP_PKEY *pkey;
- EC_KEY *eckey;
- const EC_GROUP *group;
- int nid;
+ struct crypto_ec_key *key;
+ int group;
- pkey = EVP_PKEY_new();
- if (!pkey)
- return NULL;
- eckey = d2i_ECPrivateKey(NULL, &privkey, privkey_len);
- if (!eckey) {
- wpa_printf(MSG_INFO,
- "DPP: OpenSSL: d2i_ECPrivateKey() failed: %s",
- ERR_error_string(ERR_get_error(), NULL));
- EVP_PKEY_free(pkey);
+ key = crypto_ec_key_parse_priv(privkey, privkey_len);
+ if (!key) {
+ wpa_printf(MSG_INFO, "DPP: Failed to parse private key");
return NULL;
}
- group = EC_KEY_get0_group(eckey);
- if (!group) {
- EC_KEY_free(eckey);
- EVP_PKEY_free(pkey);
+
+ group = crypto_ec_key_group(key);
+ if (group < 0) {
+ crypto_ec_key_deinit(key);
return NULL;
}
- nid = EC_GROUP_get_curve_name(group);
- *curve = dpp_get_curve_nid(nid);
+
+ *curve = dpp_get_curve_ike_group(group);
if (!*curve) {
wpa_printf(MSG_INFO,
- "DPP: Unsupported curve (nid=%d) in pre-assigned key",
- nid);
- EC_KEY_free(eckey);
- EVP_PKEY_free(pkey);
+ "DPP: Unsupported curve (group=%d) in pre-assigned key",
+ group);
+ crypto_ec_key_deinit(key);
return NULL;
}
- if (EVP_PKEY_assign_EC_KEY(pkey, eckey) != 1) {
- EC_KEY_free(eckey);
- EVP_PKEY_free(pkey);
- return NULL;
- }
- return (struct crypto_ec_key *)pkey;
+ return key;
}
--
2.17.0
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
