forked from wolfSSL/wolfssl
adjust set1 curves list function for TLS extension sent
This commit is contained in:
Jacob Barthelmeh
30
src/ssl.c
30
src/ssl.c
@@ -44376,7 +44376,7 @@ void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **
|
|||||||
int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
|
int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
|
||||||
{
|
{
|
||||||
int idx, start = 0, len;
|
int idx, start = 0, len;
|
||||||
int curve;
|
word16 curve;
|
||||||
char name[MAX_CURVE_NAME_SZ];
|
char name[MAX_CURVE_NAME_SZ];
|
||||||
|
|
||||||
/* Disable all curves so that only the ones the user wants are enabled. */
|
/* Disable all curves so that only the ones the user wants are enabled. */
|
||||||
@@ -44405,13 +44405,35 @@ int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
|
|||||||
(XSTRNCMP(name, "P-521", len) == 0)) {
|
(XSTRNCMP(name, "P-521", len) == 0)) {
|
||||||
curve = WOLFSSL_ECC_SECP521R1;
|
curve = WOLFSSL_ECC_SECP521R1;
|
||||||
}
|
}
|
||||||
else if (XSTRNCMP(name, "X25519", len) == 0)
|
else if (XSTRNCMP(name, "X25519", len) == 0) {
|
||||||
curve = WOLFSSL_ECC_X25519;
|
curve = WOLFSSL_ECC_X25519;
|
||||||
else if ((curve = wc_ecc_get_curve_id_from_name(name)) < 0)
|
}
|
||||||
|
else {
|
||||||
|
int ret = wc_ecc_get_curve_id_from_name(name);
|
||||||
|
if (ret < 0) {
|
||||||
|
return WOLFSSL_FAILURE;
|
||||||
|
}
|
||||||
|
curve = (word16)ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (curve > (sizeof(word32) * WOLFSSL_BIT_SIZE)) {
|
||||||
|
/* shift left more than size of ctx->disabledCurves causes static
|
||||||
|
* analysis report */
|
||||||
|
WOLFSSL_MSG("curve value is too large for upcoming shift");
|
||||||
return WOLFSSL_FAILURE;
|
return WOLFSSL_FAILURE;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef NO_WOLFSSL_CLIENT
|
||||||
|
/* set the supported curve so client TLS extension contains only the
|
||||||
|
* desired curves */
|
||||||
|
if (wolfSSL_CTX_UseSupportedCurve(ctx, curve) != WOLFSSL_SUCCESS) {
|
||||||
|
WOLFSSL_MSG("Unable to set supported curve");
|
||||||
|
return WOLFSSL_FAILURE;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
/* Switch the bit to off and therefore is enabled. */
|
/* Switch the bit to off and therefore is enabled. */
|
||||||
ctx->disabledCurves &= ~(1 << curve);
|
ctx->disabledCurves &= ~(1U << curve);
|
||||||
start = idx + 1;
|
start = idx + 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -489,8 +489,8 @@ static WC_INLINE int mygetopt(int argc, char** argv, const char* optstring)
|
|||||||
if (myoptind == 0)
|
if (myoptind == 0)
|
||||||
myoptind++;
|
myoptind++;
|
||||||
|
|
||||||
if (myoptind >= argc || argv[myoptind][0] != '-' ||
|
if (myoptind >= argc || argv[myoptind] == NULL ||
|
||||||
argv[myoptind][1] == '\0') {
|
argv[myoptind][0] != '-' || argv[myoptind][1] == '\0') {
|
||||||
myoptarg = NULL;
|
myoptarg = NULL;
|
||||||
if (myoptind < argc)
|
if (myoptind < argc)
|
||||||
myoptarg = argv[myoptind];
|
myoptarg = argv[myoptind];
|
||||||
|
|||||||
Reference in New Issue
Block a user