From 2555ca7b86c3ba095a21111d3f7d00e279de8e4d Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 13 Sep 2015 12:39:16 +0000
Subject: Use ECDH_size() instead of rolling our own.

ok beck@
---
 src/lib/libssl/s3_clnt.c | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

(limited to 'src/lib/libssl/s3_clnt.c')

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index c2f5ea4e07..e33d745b19 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.133 2015/09/12 20:56:14 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.134 2015/09/13 12:39:16 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1975,7 +1975,7 @@ ssl3_client_kex_ecdh(SSL *s, SESS_CERT *sess_cert, unsigned char *p,
 	unsigned char *encodedPoint = NULL;
 	unsigned long alg_k;
 	int encoded_pt_len = 0;
-	int field_size = 0;
+	int key_size;
 	EC_KEY *tkey;
 	int ret = -1;
 	int n;
@@ -2035,13 +2035,12 @@ ssl3_client_kex_ecdh(SSL *s, SESS_CERT *sess_cert, unsigned char *p,
 	 * Use the 'p' output buffer for the ECDH key, but make sure to clear
 	 * it out afterwards.
 	 */
-	field_size = EC_GROUP_get_degree(srvr_group);
-	if (field_size <= 0) {
+	key_size = ECDH_size(clnt_ecdh);
+	if (key_size <= 0) {
 		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
 		goto err;
 	}
-	n = ECDH_compute_key(p, (field_size + 7) / 8, srvr_ecpoint, clnt_ecdh,
-	    NULL);
+	n = ECDH_compute_key(p, key_size, srvr_ecpoint, clnt_ecdh, NULL);
 	if (n <= 0) {
 		SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_ECDH_LIB);
 		goto err;
-- 
cgit v1.2.3-55-g6feb