Made supported curves configurable

2013-06-29 23:26:34 +02:00 · 2013-06-29 23:26:34 +02:00 · 5dc6b5fb05
commit 5dc6b5fb05
parent e2ab84f4a1
6 changed files with 141 additions and 12 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -200,16 +200,29 @@ static void ssl_write_supported_elliptic_curves_ext( ssl_context *ssl,

    SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );

+#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
    elliptic_curve_list[elliptic_curve_len++] = 0x00;
    elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP521R1;
+#endif
+#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
    elliptic_curve_list[elliptic_curve_len++] = 0x00;
    elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP384R1;
+#endif
+#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
    elliptic_curve_list[elliptic_curve_len++] = 0x00;
    elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP256R1;
+#endif
+#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
    elliptic_curve_list[elliptic_curve_len++] = 0x00;
    elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP224R1;
+#endif
+#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
    elliptic_curve_list[elliptic_curve_len++] = 0x00;
    elliptic_curve_list[elliptic_curve_len++] = POLARSSL_ECP_DP_SECP192R1;
+#endif
+
+    if( elliptic_curve_len == 0 )
+        return;

    *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_ELLIPTIC_CURVES >> 8 ) & 0xFF );
    *p++ = (unsigned char)( ( TLS_EXT_SUPPORTED_ELLIPTIC_CURVES      ) & 0xFF );