diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index d1c82f8e1..fa4552e9f 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -1522,7 +1522,6 @@ static int GetKey(DecodedCert* cert) #ifdef HAVE_ECC case ECDSAk: { - word32 oid = 0; int oidSz = 0; byte b = cert->source[cert->srcIdx++]; @@ -1533,12 +1532,10 @@ static int GetKey(DecodedCert* cert) return ASN_PARSE_E; while(oidSz--) - oid += cert->source[cert->srcIdx++]; - if (CheckCurve(oid) < 0) + cert->pkCurveOID += cert->source[cert->srcIdx++]; + + if (CheckCurve(cert->pkCurveOID) < 0) return ECC_CURVE_OID_E; - #ifdef OPENSSL_EXTRA - cert->pkCurveOID = oid; - #endif /* OPENSSL_EXTRA */ /* key header */ b = cert->source[cert->srcIdx++]; diff --git a/cyassl/internal.h b/cyassl/internal.h index 956e84c3b..c7e4d431a 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -1230,6 +1230,7 @@ struct CYASSL_CTX { word32 timeout; /* session timeout */ #ifdef HAVE_ECC word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ #endif #ifndef NO_PSK byte havePSK; /* psk key set by user */ @@ -1849,6 +1850,7 @@ struct CYASSL { ecc_key* eccTempKey; /* private ECDHE key */ ecc_key* eccDsaKey; /* private ECDSA key */ word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ byte peerEccKeyPresent; byte peerEccDsaKeyPresent; byte eccTempKeyPresent; diff --git a/src/internal.c b/src/internal.c index 0f438dd1b..7423b59a9 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1400,6 +1400,7 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) #ifdef HAVE_ECC ssl->eccTempKeySz = ctx->eccTempKeySz; + ssl->pkCurveOID = ctx->pkCurveOID; ssl->peerEccKeyPresent = 0; ssl->peerEccDsaKeyPresent = 0; ssl->eccDsaKeyPresent = 0; diff --git a/src/ssl.c b/src/ssl.c index b1d309db2..902ebd042 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -2137,6 +2137,13 @@ int CyaSSL_Init(void) break; } +#ifdef HAVE_ECC + if (ctx) + ctx->pkCurveOID = cert.pkCurveOID; + if (ssl) + ssl->pkCurveOID = cert.pkCurveOID; +#endif + FreeDecodedCert(&cert); }