From e31da3c8eee0fdd1dcf6c0a9c3e447aba90a70e3 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 1 Jul 2023 14:48:01 +0000
Subject: Use BN_bn2binpad() instead of handrolling it

As ugly as the BN_bn2binpad() internals are, what it does is quite handy
with all sorts of EC stuff. So use it here too and eliminate some ugly
manual pointer zeroing and offsets. Also switch len and buflen from size_t
to int to remove an iffy cast: both are set by functions that return a
non-negative int.

ok jsing
---
 src/lib/libcrypto/ecdh/ech_key.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'src/lib/libcrypto/ecdh')

diff --git a/src/lib/libcrypto/ecdh/ech_key.c b/src/lib/libcrypto/ecdh/ech_key.c
index 1dfb3c0fa9..b364b31c88 100644
--- a/src/lib/libcrypto/ecdh/ech_key.c
+++ b/src/lib/libcrypto/ecdh/ech_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ech_key.c,v 1.20 2023/07/01 14:39:34 tb Exp $ */
+/* $OpenBSD: ech_key.c,v 1.21 2023/07/01 14:48:01 tb Exp $ */
 /* ====================================================================
  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  *
@@ -98,8 +98,8 @@ ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 	const BIGNUM *priv_key;
 	const EC_GROUP* group;
 	int ret = -1;
-	size_t buflen, len;
 	unsigned char *buf = NULL;
+	int buflen, len;
 
 	if (outlen > INT_MAX) {
 		/* Sort of, anyway. */
@@ -156,9 +156,7 @@ ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 		ECDHerror(ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
-
-	memset(buf, 0, buflen - len);
-	if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
+	if (BN_bn2binpad(x, buf, buflen) != buflen) {
 		ECDHerror(ERR_R_BN_LIB);
 		goto err;
 	}
-- 
cgit v1.2.3-55-g6feb