From 6371b3c262b6dcdb4158e54bf10e8ea3357d377f Mon Sep 17 00:00:00 2001
From: toddouska <todd@wolfssl.com>
Date: Fri, 20 Jun 2014 09:22:40 -0700
Subject: [PATCH] send ecdsa_sign for client cert request type is sig algo
 ecdsa

---
 cyassl/internal.h |  5 ++++-
 src/internal.c    | 12 ++++++++++--
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/cyassl/internal.h b/cyassl/internal.h
index 9b6c95a58..59329a75e 100644
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@@ -1438,7 +1438,10 @@ enum ClientCertificateType {
     dss_fixed_dh        = 4,
     rsa_ephemeral_dh    = 5,
     dss_ephemeral_dh    = 6,
-    fortezza_kea_cert   = 20
+    fortezza_kea_cert   = 20,
+    ecdsa_sign          = 64,
+    rsa_fixed_ecdh      = 65,
+    ecdsa_fixed_ecdh    = 66
 };
 
 
diff --git a/src/internal.c b/src/internal.c
index f84225940..f2565bdb2 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -6009,7 +6009,7 @@ int SendCertificateRequest(CYASSL* ssl)
     int    sendSz;
     word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
     
-    int  typeTotal = 1;  /* only rsa for now */
+    int  typeTotal = 1;  /* only 1 for now */
     int  reqSz = ENUM_LEN + typeTotal + REQ_HEADER_SZ;  /* add auth later */
 
     if (IsAtLeastTLSv1_2(ssl))
@@ -6037,7 +6037,15 @@ int SendCertificateRequest(CYASSL* ssl)
 
     /* write to output */
     output[i++] = (byte)typeTotal;  /* # of types */
-    output[i++] = rsa_sign;
+#ifdef HAVE_ECC
+    if (ssl->options.cipherSuite0 == ECC_BYTE &&
+                     ssl->specs.sig_algo == ecc_dsa_sa_algo) {
+        output[i++] = ecdsa_sign;
+    } else
+#endif /* HAVE_ECC */
+    {
+        output[i++] = rsa_sign;
+    }
 
     /* supported hash/sig */
     if (IsAtLeastTLSv1_2(ssl)) {