Signed-off-by: Cedric Izoard <cedric.izoard@xxxxxxxxxxxx>
---
src/common/dpp.c | 2 +-
src/crypto/crypto.h | 8 ++++++++
src/crypto/crypto_openssl.c | 7 +++++++
3 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/src/common/dpp.c b/src/common/dpp.c
index 67ba20fb5..5e64fad34 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -2369,7 +2369,7 @@ skip_groups:
goto fail;
dpp_debug_print_key("DPP: Received netAccessKey", key);
- if (EVP_PKEY_cmp((EVP_PKEY *)key, (EVP_PKEY *)auth->own_protocol_key) != 1) {
+ if (crypto_ec_key_cmp(key, auth->own_protocol_key)) {
wpa_printf(MSG_DEBUG,
"DPP: netAccessKey in connector does not match own protocol key");
#ifdef CONFIG_TESTING_OPTIONS
diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index 8756e10f6..d76ca9cd4 100644
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -1152,4 +1152,12 @@ int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, const u8 *data
*/
int crypto_ec_key_group(struct crypto_ec_key *key);
+/**
+ * crypto_ec_key_cmp - Compare 2 EC Public keys
+ * @key1: Key 1
+ * @key2: Key 2
+ * Retruns: 0 if Public keys are identical, non-zero otherwise
+ */
+int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2);
+
#endif /* CRYPTO_H */
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index edd2fc95c..282df1089 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -2795,4 +2795,11 @@ int crypto_ec_key_group(struct crypto_ec_key *key)
return -1;
}
+
+int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2)
+{
+ if (EVP_PKEY_cmp((EVP_PKEY *)key1, (EVP_PKEY *)key2) != 1)
+ return -1;
+ return 0;
+}
#endif /* CONFIG_ECC */
--
2.17.0
_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap
