diff options
author | Adam Langley <agl@google.com> | 2015-02-25 01:30:15 +0300 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-02-26 00:13:02 +0300 |
commit | 7c21925a10d451ed13ab201e0161dea40b974397 (patch) | |
tree | 62dcd96d3a57d2f637d327d7f16434ab02b030a1 | |
parent | 3ce3c369cb05b4ba9dcaad79b552713e7fa3581f (diff) |
EC_GROUP_cmp should return zero if the groups match.
(I got this wrong when reading the OpenSSL code.)
Change-Id: Ib289ef41d0ab5a3157ad8b9454d2de96d1f86c22
Reviewed-on: https://boringssl-review.googlesource.com/3620
Reviewed-by: Adam Langley <agl@google.com>
-rw-r--r-- | crypto/ec/ec.c | 7 | ||||
-rw-r--r-- | crypto/evp/p_ec_asn1.c | 6 | ||||
-rw-r--r-- | include/openssl/ec.h | 2 |
3 files changed, 9 insertions, 6 deletions
diff --git a/crypto/ec/ec.c b/crypto/ec/ec.c index 21a39405..ad47bb55 100644 --- a/crypto/ec/ec.c +++ b/crypto/ec/ec.c @@ -500,10 +500,9 @@ err: } int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ignored) { - if (a->curve_name == NID_undef || b->curve_name == NID_undef) { - return 0; - } - return a->curve_name == b->curve_name; + return a->curve_name == NID_undef || + b->curve_name == NID_undef || + a->curve_name != b->curve_name; } const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) { diff --git a/crypto/evp/p_ec_asn1.c b/crypto/evp/p_ec_asn1.c index 8967b502..670ee744 100644 --- a/crypto/evp/p_ec_asn1.c +++ b/crypto/evp/p_ec_asn1.c @@ -382,7 +382,11 @@ static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) { static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), *group_b = EC_KEY_get0_group(b->pkey.ec); - return EC_GROUP_cmp(group_a, group_b, NULL); + if (EC_GROUP_cmp(group_a, group_b, NULL) != 0) { + /* mismatch */ + return 0; + } + return 1; } static void int_ec_free(EVP_PKEY *pkey) { EC_KEY_free(pkey->pkey.ec); } diff --git a/include/openssl/ec.h b/include/openssl/ec.h index c952d9a9..318ce0f0 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -115,7 +115,7 @@ OPENSSL_EXPORT int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src); * error. */ OPENSSL_EXPORT EC_GROUP *EC_GROUP_dup(const EC_GROUP *a); -/* EC_GROUP_cmp returns one if |a| and |b| are the same group and zero +/* EC_GROUP_cmp returns zero if |a| and |b| are the same group and non-zero * otherwise. */ OPENSSL_EXPORT int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ignored); |