DPP: Add crypto_ec_key_cmp() in crypto.h and use it

This gets rid of one more direct OpenSSL call in the DPP implementation.

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index e97f9f4ba36b899f5207b1efa417bb3efb30abeb..02ed0dd91551f366b07b4fe7019c9ff2df0645c0 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -2370,8 +2370,7 @@ skip_groups:
                goto fail;
        dpp_debug_print_key("DPP: Received netAccessKey", key);
 
-       if (EVP_PKEY_cmp((EVP_PKEY *) key,
-                        (EVP_PKEY *) auth->own_protocol_key) != 1) {
+       if (crypto_ec_key_cmp(key, auth->own_protocol_key)) {
                wpa_printf(MSG_DEBUG,
                           "DPP: netAccessKey in connector does not match own protocol key");
 #ifdef CONFIG_TESTING_OPTIONS

diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index e96d1941beac8d48881d20e9a7f81bf07215bebe..e19037b6043b7245ff3d6b685b6cb7ea0a411cdf 100644 (file)
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -1150,4 +1150,12 @@ int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key,
  */
 int crypto_ec_key_group(struct crypto_ec_key *key);
 
+/**
+ * crypto_ec_key_cmp - Compare two EC public keys
+ * @key1: Key 1
+ * @key2: Key 2
+ * Returns: 0 if public keys are identical, -1 otherwise
+ */
+int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2);
+
 #endif /* CRYPTO_H */

diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index b571ff0ef4c89000536a142f7684df33e7ed9c03..f7c52ffbce76733ff80acb3428a31c9251b598be 100644 (file)
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -2770,4 +2770,12 @@ int crypto_ec_key_group(struct crypto_ec_key *key)
        return -1;
 }
 
+
+int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2)
+{
+       if (EVP_PKEY_cmp((EVP_PKEY *) key1, (EVP_PKEY *) key2) != 1)
+               return -1;
+       return 0;
+}
+
 #endif /* CONFIG_ECC */