Put X25519 behind P256

Option to have X25519 prioritized. Show curve name and DH key size in TLS v1.3.
2017-05-19 10:58:43 +10:00
parent 63a6618feb
commit 5ef977aa3d
3 changed files with 67 additions and 28 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1598,6 +1598,7 @@ int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name)
        case WOLFSSL_ECC_BRAINPOOLP256R1:
        case WOLFSSL_ECC_BRAINPOOLP384R1:
        case WOLFSSL_ECC_BRAINPOOLP512R1:
+        case WOLFSSL_ECC_X25519:
            break;

 #ifdef WOLFSSL_TLS13
@@ -14229,7 +14230,7 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
 {
    if (ssl == NULL)
        return NULL;
-    if (ssl->specs.kea != ecdhe_psk_kea &&
+    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->specs.kea != ecdhe_psk_kea &&
            ssl->specs.kea != ecc_diffie_hellman_kea)
        return NULL;
    if (ssl->ecdhCurveOID == 0)