eden-emu/mbedtls
17
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add ecp_supported_curves and simplify some code

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-09-16 17:30:04 +02:00 committed by Paul Bakker
parent 7038039f2e
commit 568c9cf878
5 changed files with 95 additions and 113 deletions
Download patch file Download diff file Expand all files Collapse all files

33
library/ssl_cli.c
View file

@ -233,32 +233,20 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,
unsigned char *p = buf;
unsigned char elliptic_curve_list[20];
size_t elliptic_curve_len = 0;
ecp_curve_info *curve;
((void) ssl);
*olen = 0;
SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP521R1 );
#endif
#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP384R1 );
#endif
#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP256R1 );
#endif
#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP224R1 );
#endif
#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
elliptic_curve_list[elliptic_curve_len++] = 0x00;
elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP192R1 );
#endif
for( curve = ecp_supported_curves;
curve->grp_id != POLARSSL_ECP_DP_NONE;
curve++ )
{
elliptic_curve_list[elliptic_curve_len++] = curve->name >> 8;
elliptic_curve_list[elliptic_curve_len++] = curve->name & 0xFF;
}
if( elliptic_curve_len == 0 )
return;
@ -1134,10 +1122,13 @@ static int ssl_parse_server_ecdh_params( ssl_context *ssl,
if( ( ret = ecdh_read_params( &ssl->handshake->ecdh_ctx,
(const unsigned char **) p, end ) ) != 0 )
{
SSL_DEBUG_RET( 2, ( "ecdh_read_params" ), ret );
SSL_DEBUG_RET( 1, ( "ecdh_read_params" ), ret );
return( ret );
}
SSL_DEBUG_MSG( 2, ( "ECDH curve size: %d",
(int) ssl->handshake->ecdh_ctx.grp.nbits ) );
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
ssl->handshake->ecdh_ctx.grp.nbits > 521 )
{