From: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Date: Mon, 28 Jun 2021 16:25:36 +0000 (+0200)
Subject: DPP: Move debug print of EC key to crypto.h
X-Git-Tag: hostap_2_10~89
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b89176fa6f20a10f55887c186c8ebf336920ba5d;p=thirdparty%2Fhostap.git

DPP: Move debug print of EC key to crypto.h

Move the crypto lib specific print of an EC key in dpp_debug_print_key()
to crypto.h.

Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
---

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 02ed0dd91..9a87c2b73 100644
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -8,6 +8,8 @@
  */
 
 #include "utils/includes.h"
+#include <openssl/evp.h>
+#include <openssl/x509.h>
 
 #include "utils/common.h"
 #include "utils/base64.h"
diff --git a/src/common/dpp.h b/src/common/dpp.h
index bb351e387..e8863c636 100644
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -11,8 +11,6 @@
 #define DPP_H
 
 #ifdef CONFIG_DPP
-#include <openssl/x509.h>
-
 #include "utils/list.h"
 #include "common/wpa_common.h"
 #include "crypto/sha256.h"
diff --git a/src/common/dpp_crypto.c b/src/common/dpp_crypto.c
index d110446a1..d9a959447 100644
--- a/src/common/dpp_crypto.c
+++ b/src/common/dpp_crypto.c
@@ -80,75 +80,11 @@ const struct dpp_curve_params * dpp_get_curve_ike_group(u16 group)
 }
 
 
-void dpp_debug_print_point(const char *title, const EC_GROUP *group,
-			   const EC_POINT *point)
-{
-	BIGNUM *x, *y;
-	BN_CTX *ctx;
-	char *x_str = NULL, *y_str = NULL;
-
-	if (!wpa_debug_show_keys)
-		return;
-
-	ctx = BN_CTX_new();
-	x = BN_new();
-	y = BN_new();
-	if (!ctx || !x || !y ||
-	    EC_POINT_get_affine_coordinates_GFp(group, point, x, y, ctx) != 1)
-		goto fail;
-
-	x_str = BN_bn2hex(x);
-	y_str = BN_bn2hex(y);
-	if (!x_str || !y_str)
-		goto fail;
-
-	wpa_printf(MSG_DEBUG, "%s (%s,%s)", title, x_str, y_str);
-
-fail:
-	OPENSSL_free(x_str);
-	OPENSSL_free(y_str);
-	BN_free(x);
-	BN_free(y);
-	BN_CTX_free(ctx);
-}
-
-
 void dpp_debug_print_key(const char *title, struct crypto_ec_key *key)
 {
-	EC_KEY *eckey;
-	BIO *out;
-	size_t rlen;
-	char *txt;
-	int res;
 	struct wpabuf *der = NULL;
-	const EC_GROUP *group;
-	const EC_POINT *point;
-
-	out = BIO_new(BIO_s_mem());
-	if (!out)
-		return;
 
-	EVP_PKEY_print_private(out, (EVP_PKEY *) key, 0, NULL);
-	rlen = BIO_ctrl_pending(out);
-	txt = os_malloc(rlen + 1);
-	if (txt) {
-		res = BIO_read(out, txt, rlen);
-		if (res > 0) {
-			txt[res] = '\0';
-			wpa_printf(MSG_DEBUG, "%s: %s", title, txt);
-		}
-		os_free(txt);
-	}
-	BIO_free(out);
-
-	eckey = EVP_PKEY_get1_EC_KEY((EVP_PKEY *) key);
-	if (!eckey)
-		return;
-
-	group = EC_KEY_get0_group(eckey);
-	point = EC_KEY_get0_public_key(eckey);
-	if (group && point)
-		dpp_debug_print_point(title, group, point);
+	crypto_ec_key_debug_print(key, title);
 
 	der = crypto_ec_key_get_ecprivate_key(key, true);
 	if (der) {
@@ -159,7 +95,6 @@ void dpp_debug_print_key(const char *title, struct crypto_ec_key *key)
 			wpa_hexdump_buf_key(MSG_DEBUG, "DPP: EC_PUBKEY", der);
 	}
 
-	EC_KEY_free(eckey);
 	wpabuf_clear_free(der);
 }
 
@@ -397,7 +332,6 @@ static struct wpabuf * dpp_bootstrap_key_der(struct crypto_ec_key *key)
 	point = EC_KEY_get0_public_key(eckey);
 	if (!group || !point)
 		goto fail;
-	dpp_debug_print_point("DPP: bootstrap public key", group, point);
 	nid = EC_GROUP_get_curve_name(group);
 
 	bootstrap = DPP_BOOTSTRAPPING_KEY_new();
diff --git a/src/common/dpp_i.h b/src/common/dpp_i.h
index b5b4fca8f..087878a50 100644
--- a/src/common/dpp_i.h
+++ b/src/common/dpp_i.h
@@ -86,8 +86,6 @@ int dpp_hmac_vector(size_t hash_len, const u8 *key, size_t key_len,
 		    u8 *mac);
 int dpp_ecdh(struct crypto_ec_key *own, struct crypto_ec_key *peer,
 	     u8 *secret, size_t *secret_len);
-void dpp_debug_print_point(const char *title, const EC_GROUP *group,
-			   const EC_POINT *point);
 void dpp_debug_print_key(const char *title, struct crypto_ec_key *key);
 int dpp_pbkdf2(size_t hash_len, const u8 *password, size_t password_len,
 	       const u8 *salt, size_t salt_len, unsigned int iterations,
diff --git a/src/crypto/crypto.h b/src/crypto/crypto.h
index e19037b60..556e20648 100644
--- a/src/crypto/crypto.h
+++ b/src/crypto/crypto.h
@@ -1158,4 +1158,12 @@ int crypto_ec_key_group(struct crypto_ec_key *key);
  */
 int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2);
 
+/**
+ * crypto_ec_key_debug_print - Dump EC key to debug log
+ * @key:  EC key from crypto_ec_key_parse/set_pub/priv() or crypto_ec_key_gen()
+ * @title: Name of the EC point in the trace
+ */
+void crypto_ec_key_debug_print(const struct crypto_ec_key *key,
+			       const char *title);
+
 #endif /* CRYPTO_H */
diff --git a/src/crypto/crypto_openssl.c b/src/crypto/crypto_openssl.c
index f7c52ffbc..949cf1a5c 100644
--- a/src/crypto/crypto_openssl.c
+++ b/src/crypto/crypto_openssl.c
@@ -2778,4 +2778,31 @@ int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2)
 	return 0;
 }
 
+
+void crypto_ec_key_debug_print(const struct crypto_ec_key *key,
+			       const char *title)
+{
+	BIO *out;
+	size_t rlen;
+	char *txt;
+	int res;
+
+	out = BIO_new(BIO_s_mem());
+	if (!out)
+		return;
+
+	EVP_PKEY_print_private(out, (EVP_PKEY *) key, 0, NULL);
+	rlen = BIO_ctrl_pending(out);
+	txt = os_malloc(rlen + 1);
+	if (txt) {
+		res = BIO_read(out, txt, rlen);
+		if (res > 0) {
+			txt[res] = '\0';
+			wpa_printf(MSG_DEBUG, "%s: %s", title, txt);
+		}
+		os_free(txt);
+	}
+	BIO_free(out);
+}
+
 #endif /* CONFIG_ECC */