diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 8a515772d..c411715d6 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -383,7 +383,7 @@ struct mbedtls_ssl_handshake_params #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - mbedtls_ecp_curve_info const *curve_info; /*!< Info for EC for ECDHE. */ + uint16_t curve_tls_id; /*!< TLS ID of EC for ECDHE. */ #endif #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) unsigned char *psk; /*!< PSK from the callback */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index e743eff87..83d24b25c 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -321,8 +321,8 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, if( info->grp_id != *gid ) continue; - if( ssl->handshake->curve_info == NULL ) - ssl->handshake->curve_info = info; + if( ssl->handshake->curve_tls_id == 0 ) + ssl->handshake->curve_tls_id = tls_id; } *curve_ids++ = info->grp_id; @@ -968,7 +968,7 @@ static int ssl_ciphersuite_is_match( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) if( mbedtls_ssl_ciphersuite_uses_ec( suite_info ) && - ssl->handshake->curve_info == NULL ) + ssl->handshake->curve_tls_id == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: " "no common elliptic curve" ) ); @@ -3327,7 +3327,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * ECPoint public; * } ServerECDHParams; */ - const mbedtls_ecp_curve_info *curve = ssl->handshake->curve_info; + const mbedtls_ecp_curve_info *curve = + mbedtls_ecp_curve_info_from_tls_id( ssl->handshake->curve_tls_id ); int ret; size_t len = 0;