Use EC_KEY_new_by_curve_name.

May as well use this convenience function when we can. A little tidier. Even fixes a leak on malloc failure in eckey_type2param. Change-Id: Ie48dd98f2fe03fa9911bd78db4423ab9faefc63d Reviewed-on: https://boringssl-review.googlesource.com/3772 Reviewed-by: Adam Langley <agl@google.com>
2015-03-05 03:05:11 -05:00 · 2015-03-05 03:05:11 -05:00 · 4f7783eaea
commit 4f7783eaea
parent 7cb0f44d9d
2 changed files with 3 additions and 25 deletions
--- a/crypto/evp/p_ec_asn1.c
+++ b/crypto/evp/p_ec_asn1.c
@ -142,23 +142,14 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) {
    }
  } else if (ptype == V_ASN1_OBJECT) {
    ASN1_OBJECT *poid = pval;
-    EC_GROUP *group;

    /* type == V_ASN1_OBJECT => the parameters are given
     * by an asn1 OID */
-    eckey = EC_KEY_new();
+    eckey = EC_KEY_new_by_curve_name(OBJ_obj2nid(poid));
    if (eckey == NULL) {
      OPENSSL_PUT_ERROR(EVP, eckey_type2param, ERR_R_MALLOC_FAILURE);
      goto err;
    }
-    group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
-    if (group == NULL) {
-      goto err;
-    }
-    if (EC_KEY_set_group(eckey, group) == 0) {
-      goto err;
-    }
-    EC_GROUP_free(group);
  } else {
    OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR);
    goto err;
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@ -1222,7 +1222,6 @@ int ssl3_get_server_key_exchange(SSL *s) {
  } else if (alg_k & SSL_kEECDH) {
    uint16_t curve_id;
    int curve_nid = 0;
-    EC_GROUP *ngroup;
    const EC_GROUP *group;
    CBS point;

@ -1243,25 +1242,13 @@ int ssl3_get_server_key_exchange(SSL *s) {
      goto f_err;
    }

-    ecdh = EC_KEY_new();
+    ecdh = EC_KEY_new_by_curve_name(curve_nid);
    if (ecdh == NULL) {
      OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange,
-                        ERR_R_MALLOC_FAILURE);
+                        ERR_R_EC_LIB);
      goto err;
    }

-    ngroup = EC_GROUP_new_by_curve_name(curve_nid);
-    if (ngroup == NULL) {
-      OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_EC_LIB);
-      goto err;
-    }
-    if (!EC_KEY_set_group(ecdh, ngroup)) {
-      EC_GROUP_free(ngroup);
-      OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_EC_LIB);
-      goto err;
-    }
-    EC_GROUP_free(ngroup);
-
    group = EC_KEY_get0_group(ecdh);

    /* Next, get the encoded ECPoint */