yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-05-09 21:42:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

tinyCrypt: Remove check for Secp256r1 in SrvKeyExch writing

Browse source 
The use of tinyCrypt is restricted Secp256r1-only, and a check in
ssl_ciphersuite_is_match() ensures that an EC ciphersuite is chosen
only if the client advertised support for Secp256r1, too.
This commit is contained in:
Hanno Becker 2019-07-24 11:54:54 +01:00
parent 9175c21b72
commit b1626fb619
1 changed files with 0 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
library/ssl_srv.c
View file

@ -3398,14 +3398,6 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl,
0x04 /* Uncompressed */ 0x04 /* Uncompressed */
}; };
if( ssl->handshake->curve_tls_id != secp256r1_tls_id )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported curve %u (expected %u)",
(unsigned) ssl->handshake->curve_tls_id,
secp256r1_tls_id ) );
return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
}
if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey, if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
ssl->handshake->ecdh_privkey, ssl->handshake->ecdh_privkey,
uecc_curve ) ) uecc_curve ) )