DPP: Use crypto_ec_key_group() to compare EC key's group

Remove one more direct call to OpenSSL using crypto_ec_key_group() to
compare group of c-sign-key and ppKey when creating Configurator from
backup data.

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index bb3b35db85e102a2de915ea13b3413f2de16585a..e97f9f4ba36b899f5207b1efa417bb3efb30abeb 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -8,8 +8,6 @@
  */
 
 #include "utils/includes.h"
-#include <openssl/opensslv.h>
-#include <openssl/err.h>
 
 #include "utils/common.h"
 #include "utils/base64.h"
@@ -38,22 +36,6 @@ int dpp_version_override = 1;
 enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED;
 #endif /* CONFIG_TESTING_OPTIONS */
 
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-       (defined(LIBRESSL_VERSION_NUMBER) && \
-        LIBRESSL_VERSION_NUMBER < 0x20700000L)
-/* Compatibility wrappers for older versions. */
-
-#ifdef CONFIG_DPP2
-static EC_KEY * EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey)
-{
-       if (pkey->type != EVP_PKEY_EC)
-               return NULL;
-       return pkey->pkey.ec;
-}
-#endif /* CONFIG_DPP2 */
-
-#endif
-
 
 void dpp_auth_fail(struct dpp_authentication *auth, const char *txt)
 {
@@ -4262,33 +4244,24 @@ int dpp_configurator_from_backup(struct dpp_global *dpp,
                                 struct dpp_asymmetric_key *key)
 {
        struct dpp_configurator *conf;
-       const EC_KEY *eckey, *eckey_pp;
-       const EC_GROUP *group, *group_pp;
-       int nid;
-       const struct dpp_curve_params *curve;
+       const struct dpp_curve_params *curve, *curve_pp;
 
        if (!key->csign || !key->pp_key)
                return -1;
-       eckey = EVP_PKEY_get0_EC_KEY((EVP_PKEY *) key->csign);
-       if (!eckey)
-               return -1;
-       group = EC_KEY_get0_group(eckey);
-       if (!group)
-               return -1;
-       nid = EC_GROUP_get_curve_name(group);
-       curve = dpp_get_curve_nid(nid);
+
+       curve = dpp_get_curve_ike_group(crypto_ec_key_group(key->csign));
        if (!curve) {
                wpa_printf(MSG_INFO, "DPP: Unsupported group in c-sign-key");
                return -1;
        }
-       eckey_pp = EVP_PKEY_get0_EC_KEY((EVP_PKEY *) key->pp_key);
-       if (!eckey_pp)
-               return -1;
-       group_pp = EC_KEY_get0_group(eckey_pp);
-       if (!group_pp)
+
+       curve_pp = dpp_get_curve_ike_group(crypto_ec_key_group(key->pp_key));
+       if (!curve_pp) {
+               wpa_printf(MSG_INFO, "DPP: Unsupported group in ppKey");
                return -1;
-       if (EC_GROUP_get_curve_name(group) !=
-           EC_GROUP_get_curve_name(group_pp)) {
+       }
+
+       if (curve != curve_pp) {
                wpa_printf(MSG_INFO,
                           "DPP: Mismatch in c-sign-key and ppKey groups");
                return -1;

diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c
index 4ad68bdb7c34d5ee103bd0092335e2f2de71bac9..45e10518e8c53681d68afaa9b0ef1b756270c7b2 100644 (file)
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -68,21 +68,6 @@ const struct dpp_curve_params * dpp_get_curve_jwk_crv(const char *name)
 }
 
 
-const struct dpp_curve_params * dpp_get_curve_nid(int nid)
-{
-       int i, tmp;
-
-       if (!nid)
-               return NULL;
-       for (i = 0; dpp_curves[i].name; i++) {
-               tmp = OBJ_txt2nid(dpp_curves[i].name);
-               if (tmp == nid)
-                       return &dpp_curves[i];
-       }
-       return NULL;
-}
-
-
 const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group)
 {
        int i;

diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h
index a6d7a931ddd1e40cdbc57bba5a40904c4d7ea961..f63e5ae132a83858c0b78f7ced7630d4ae27aa5a 100644 (file)
--- a/src/common/dpp_i.h
+++ b/src/common/dpp_i.h
@@ -74,7 +74,6 @@ dpp_check_signed_connector(struct dpp_signed_connector_info *info,
                           const u8 *peer_connector, size_t peer_connector_len);
 const struct dpp_curve_params * dpp_get_curve_name(const char *name);
 const struct dpp_curve_params * dpp_get_curve_jwk_crv(const char *name);
-const struct dpp_curve_params * dpp_get_curve_nid(int nid);
 const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group);
 int dpp_bi_pubkey_hash(struct dpp_bootstrap_info *bi,
                       const u8 *data, size_t data_len);