From ee24f8cecb1bf88af6a140ce312226d6b2634836 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 19 Jun 2019 12:33:04 +0100 Subject: [PATCH] Remove unnecessary check for presence of supported EC list For both client/server the EC curve list is assumed not to be NULL: - On the client-side, it's assumed when writing the supported elliptic curve extension: https://github.com/ARMmbed/mbedtls/blob/c54ee936d7e2787143be6b3eb761f1a822ccad63/library/ssl_cli.c#L316 - On the server, it is assumed when searching for a suitable curve for the ECDHE exchange: https://github.com/ARMmbed/mbedtls/blob/c54ee936d7e2787143be6b3eb761f1a822ccad63/library/ssl_srv.c#L3200 It is therefore not necessary to check this in mbedtls_ssl_check_curve(). --- library/ssl_tls.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 633fb4b42..d669fe77a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -11241,9 +11241,6 @@ unsigned char mbedtls_ssl_hash_from_md_alg( int md ) */ int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ) { - if( ssl->conf->curve_list == NULL ) - return( -1 ); - MBEDTLS_SSL_BEGIN_FOR_EACH_SUPPORTED_EC_GRP_ID( own_ec_id ) if( own_ec_id == grp_id ) return( 0 );