Use EC_KEY_new_by_curve_name.
May as well use this convenience function when we can. A little tidier. Even
fixes a leak on malloc failure in eckey_type2param.
Change-Id: Ie48dd98f2fe03fa9911bd78db4423ab9faefc63d
Reviewed-on: https://boringssl-review.googlesource.com/3772
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c
index 670ee74..6c4afb1 100644
--- a/crypto/evp/p_ec_asn1.c
+++ b/crypto/evp/p_ec_asn1.c
@@ -142,23 +142,14 @@
}
} else if (ptype == V_ASN1_OBJECT) {
ASN1_OBJECT *poid = pval;
- EC_GROUP *group;
/* type == V_ASN1_OBJECT => the parameters are given
* by an asn1 OID */
- eckey = EC_KEY_new();
+ eckey = EC_KEY_new_by_curve_name(OBJ_obj2nid(poid));
if (eckey == NULL) {
OPENSSL_PUT_ERROR(EVP, eckey_type2param, ERR_R_MALLOC_FAILURE);
goto err;
}
- group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
- if (group == NULL) {
- goto err;
- }
- if (EC_KEY_set_group(eckey, group) == 0) {
- goto err;
- }
- EC_GROUP_free(group);
} else {
OPENSSL_PUT_ERROR(EVP, eckey_type2param, EVP_R_DECODE_ERROR);
goto err;
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 910a051..5f891d4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1222,7 +1222,6 @@
} else if (alg_k & SSL_kEECDH) {
uint16_t curve_id;
int curve_nid = 0;
- EC_GROUP *ngroup;
const EC_GROUP *group;
CBS point;
@@ -1243,25 +1242,13 @@
goto f_err;
}
- ecdh = EC_KEY_new();
+ ecdh = EC_KEY_new_by_curve_name(curve_nid);
if (ecdh == NULL) {
OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange,
- ERR_R_MALLOC_FAILURE);
+ ERR_R_EC_LIB);
goto err;
}
- ngroup = EC_GROUP_new_by_curve_name(curve_nid);
- if (ngroup == NULL) {
- OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_EC_LIB);
- goto err;
- }
- if (!EC_KEY_set_group(ecdh, ngroup)) {
- EC_GROUP_free(ngroup);
- OPENSSL_PUT_ERROR(SSL, ssl3_get_server_key_exchange, ERR_R_EC_LIB);
- goto err;
- }
- EC_GROUP_free(ngroup);
-
group = EC_KEY_get0_group(ecdh);
/* Next, get the encoded ECPoint */
