From 85b4170047dcf116651549f0d1273d9e622dad2d Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 16 Oct 2020 16:10:27 -0700
Subject: [PATCH] Fix for TLS sniffer with non-standard curves. If curve not
 provided in key share data, then use private key curve. ZD 11128.

---
 src/sniffer.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/sniffer.c b/src/sniffer.c
index 588bdd807..b1d33931e 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -2276,6 +2276,11 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
                 SetError(PARTIAL_INPUT_STR, error, session, FATAL_ERROR_STATE);
                 ret = -1;
             }
+
+            /* if curve not provided in key share data, then use private key curve */
+            if (useEccCurveId == ECC_CURVE_DEF && key.dp) {
+                useEccCurveId = key.dp->id;
+            }
         }
 
         if (ret == 0) {