crypto, public_key & ssl: Change API to hide resource format for EC KEY

3 files changed, 29 insertions, 21 deletions

diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index a8027bb079..e953eb960f 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -235,7 +235,7 @@ static ERL_NIF_TERM term_to_ec_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_T
 static ERL_NIF_TERM ec_key_generate(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM ecdsa_sign_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM ecdsa_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM ecdh_compute_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM ecdh_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 
 
 /* helpers */
@@ -361,7 +361,7 @@ static ErlNifFunc nif_funcs[] = {
     {"ec_key_generate", 1, ec_key_generate},
     {"ecdsa_sign_nif", 3, ecdsa_sign_nif},
     {"ecdsa_verify_nif", 4, ecdsa_verify_nif},
-    {"ecdh_compute_key", 2, ecdh_compute_key}
+    {"ecdh_compute_key_nif", 2, ecdh_compute_key_nif}
 };
 
 #if defined(HAVE_EC)
@@ -3452,7 +3452,7 @@ static ERL_NIF_TERM ecdsa_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TER
   (_OthersPublicKey, _MyPrivateKey)
   (_OthersPublicKey, _MyEC_Point)
 */
-static ERL_NIF_TERM ecdh_compute_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+static ERL_NIF_TERM ecdh_compute_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {
 #if defined(HAVE_EC)
     ERL_NIF_TERM ret;
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 57ddf3fbac..543d589d7e 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -67,8 +67,8 @@
 -export([aes_cbc_ivec/1]).
 -export([aes_ctr_encrypt/3, aes_ctr_decrypt/3]).
 -export([aes_ctr_stream_init/2, aes_ctr_stream_encrypt/2, aes_ctr_stream_decrypt/2]).
--export([ec_key_new/1, ec_key_to_term/1, term_to_ec_key/1, ec_key_generate/1]).
--export([sign/4, verify/5, ecdh_compute_key/2]).
+-export([ecdh_generate_key/1, ecdh_compute_key/2]).
+-export([sign/4, verify/5]).
 
 -export([dh_generate_parameters/2, dh_check/1]). %% Testing see below
 
@@ -115,8 +115,8 @@
 		    hmac, hmac_init, hmac_update, hmac_final, hmac_final_n, info,
 		    rc2_cbc_encrypt, rc2_cbc_decrypt,
 		    srp_generate_key, srp_compute_key,
-		    ec_key_new, ec_key_to_term, term_to_ec_key, ec_key_generate,
-		    sign, verify, ecdh_compute_key,
+		    ecdh_generate_key, ecdh_compute_key,
+		    sign, verify,
 		    info_lib, algorithms]).
 
 -type mpint() :: binary().
@@ -859,7 +859,7 @@ verify(rsa, Type, DataOrDigest, Signature, Key) ->
 	Bool -> Bool
     end;
 verify(ecdsa, Type, DataOrDigest, Signature, Key) ->
-    case ecdsa_verify_nif(Type, DataOrDigest, Signature, map_ensure_int_as_bin(Key)) of
+    case ecdsa_verify_nif(Type, DataOrDigest, Signature, term_to_ec_key(Key)) of
 	notsup -> erlang:error(notsup);
 	Bool -> Bool
     end.
@@ -921,7 +921,7 @@ sign(dss, Type, DataOrDigest, Key) ->
 	Sign -> Sign
     end;
 sign(ecdsa, Type, DataOrDigest, Key) ->
-    case ecdsa_sign_nif(Type, DataOrDigest, map_ensure_int_as_bin(Key)) of
+    case ecdsa_sign_nif(Type, DataOrDigest, term_to_ec_key(Key)) of
 	error -> erlang:error(badkey, [Type,DataOrDigest,Key]);
 	Sign -> Sign
     end.
@@ -1229,6 +1229,16 @@ srp_compute_key(Verifier, Prime, ClientPublic, ServerPublic, ServerPrivate, Vers
 -spec ec_key_new(ec_named_curve()) -> ec_key_res().
 ec_key_new(_Curve) -> ?nif_stub.
 
+ecdh_generate_key(Curve) when is_atom(Curve) ->
+    ECKey = ec_key_new(Curve),
+    ec_key_generate(ECKey),
+    ec_key_to_term(ECKey);
+ecdh_generate_key(Key) ->
+    ECKey = term_to_ec_key(Key),
+    ec_key_generate(ECKey),
+    ec_key_to_term(ECKey).
+
+
 -spec ec_key_generate(ec_key_res()) -> ok | error.
 ec_key_generate(_Key) -> ?nif_stub.
 
@@ -1277,7 +1287,10 @@ term_to_ec_key_nif(_Curve, _PrivKey, _PubKey) -> ?nif_stub.
 
 
 -spec ecdh_compute_key(ec_key_res(), ec_key_res() | ec_point()) -> binary().
-ecdh_compute_key(_Others, _My) -> ?nif_stub.
+ecdh_compute_key(Others, My) ->
+    ecdh_compute_key_nif(term_to_ec_key(Others), My).
+
+ecdh_compute_key_nif(_Others, _My) -> ?nif_stub.
 
 
 %%  LOCAL FUNCTIONS
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl
index 09898efd49..55db09d9dd 100644
--- a/lib/crypto/test/crypto_SUITE.erl
+++ b/lib/crypto/test/crypto_SUITE.erl
@@ -1887,12 +1887,7 @@ ec(Config) when is_list(Config) ->
 
 ec_do() ->
     %% test for a name curve
-    L2 = crypto:ec_key_new(sect113r2),
-    crypto:ec_key_generate(L2),
-
-    D2 = crypto:ec_key_to_term(L2),
-    T2 = crypto:term_to_ec_key(D2),
-    ?line D2 = crypto:ec_key_to_term(T2),
+    D2 = crypto:ecdh_generate_key(sect113r2),
 
     %%TODO: find a published test case for a EC key
 
@@ -1933,13 +1928,13 @@ ec_do() ->
     CoFactor = 1,
     Curve = {{prime_field,P},{A,B,none},BasePoint, Order,CoFactor},
     CsCaKey = {Curve, undefined, PubKey},
-    T3 = crypto:term_to_ec_key(CsCaKey),
-    ?line CsCaKey = crypto:ec_key_to_term(T3),
+    %%T3 = crypto:term_to_ec_key(CsCaKey),
+    %%?line CsCaKey = crypto:ec_key_to_term(T3),
 
     Msg = <<99,234,6,64,190,237,201,99,80,248,58,40,70,45,149,218,5,246,242,63>>,
-    Sign = crypto:sign(ecdsa, sha, Msg, L2),
-    ?line true = crypto:verify(ecdsa, sha, Msg, Sign, L2),
-    ?line false = crypto:verify(ecdsa, sha, Msg, <<10,20>>, L2),
+    Sign = crypto:sign(ecdsa, sha, Msg, D2),
+    ?line true = crypto:verify(ecdsa, sha, Msg, Sign, D2),
+    ?line false = crypto:verify(ecdsa, sha, Msg, <<10,20>>, D2),
 
     ok.