mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 11:17:29 +02:00
Merge pull request #5456 from SparkiDev/ssl_set1_curve_fix
wolfSSL_CTX_set1_curves_list: X25519 and X448 defines
This commit is contained in:
David Garske
GitHub
@ -33555,7 +33555,8 @@ void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **
|
|||||||
|
|
||||||
#endif /* WOLFSSL_NGINX / WOLFSSL_HAPROXY */
|
#endif /* WOLFSSL_NGINX / WOLFSSL_HAPROXY */
|
||||||
|
|
||||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
|
#if defined(OPENSSL_EXTRA) && (defined(HAVE_ECC) || \
|
||||||
|
defined(HAVE_CURVE25519) || defined(HAVE_CURVE448))
|
||||||
int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
|
int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
|
||||||
{
|
{
|
||||||
int idx, start = 0, len;
|
int idx, start = 0, len;
|
||||||
@ -33596,14 +33597,18 @@ int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
|
|||||||
{
|
{
|
||||||
curve = WOLFSSL_ECC_SECP521R1;
|
curve = WOLFSSL_ECC_SECP521R1;
|
||||||
}
|
}
|
||||||
|
#ifdef HAVE_CURVE25519
|
||||||
else if (XSTRCMP(name, "X25519") == 0)
|
else if (XSTRCMP(name, "X25519") == 0)
|
||||||
{
|
{
|
||||||
curve = WOLFSSL_ECC_X25519;
|
curve = WOLFSSL_ECC_X25519;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
#ifdef HAVE_CURVE448
|
||||||
else if (XSTRCMP(name, "X448") == 0)
|
else if (XSTRCMP(name, "X448") == 0)
|
||||||
{
|
{
|
||||||
curve = WOLFSSL_ECC_X448;
|
curve = WOLFSSL_ECC_X448;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
else {
|
else {
|
||||||
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
|
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
|
||||||
int ret;
|
int ret;
|
||||||
@ -33659,7 +33664,7 @@ int wolfSSL_set1_curves_list(WOLFSSL* ssl, const char* names)
|
|||||||
}
|
}
|
||||||
return wolfSSL_CTX_set1_curves_list(ssl->ctx, names);
|
return wolfSSL_CTX_set1_curves_list(ssl->ctx, names);
|
||||||
}
|
}
|
||||||
#endif /* OPENSSL_EXTRA && HAVE_ECC */
|
#endif /* OPENSSL_EXTRA && (HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448) */
|
||||||
|
|
||||||
#ifdef OPENSSL_EXTRA
|
#ifdef OPENSSL_EXTRA
|
||||||
/* Sets a callback for when sending and receiving protocol messages.
|
/* Sets a callback for when sending and receiving protocol messages.
|
||||||
|
|||||||
31
tests/api.c
31
tests/api.c
@ -36233,7 +36233,7 @@ static int test_wolfSSL_sk_SSL_CIPHER(void)
|
|||||||
|
|
||||||
static int test_wolfSSL_set1_curves_list(void)
|
static int test_wolfSSL_set1_curves_list(void)
|
||||||
{
|
{
|
||||||
#if defined(OPENSSL_EXTRA) && defined(HAVE_RSA)
|
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
|
||||||
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
|
#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
|
||||||
SSL* ssl = NULL;
|
SSL* ssl = NULL;
|
||||||
SSL_CTX* ctx = NULL;
|
SSL_CTX* ctx = NULL;
|
||||||
@ -36243,18 +36243,43 @@ static int test_wolfSSL_set1_curves_list(void)
|
|||||||
#else
|
#else
|
||||||
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||||
#endif
|
#endif
|
||||||
AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
|
AssertTrue(SSL_CTX_use_certificate_file(ctx, eccCertFile,
|
||||||
SSL_FILETYPE_PEM));
|
SSL_FILETYPE_PEM));
|
||||||
AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
|
AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, SSL_FILETYPE_PEM));
|
||||||
AssertNotNull(ssl = SSL_new(ctx));
|
AssertNotNull(ssl = SSL_new(ctx));
|
||||||
|
|
||||||
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WOLFSSL_FAILURE);
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WOLFSSL_FAILURE);
|
||||||
|
#ifdef HAVE_ECC
|
||||||
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-25X"), WOLFSSL_FAILURE);
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-25X"), WOLFSSL_FAILURE);
|
||||||
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-256"), WOLFSSL_SUCCESS);
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-256"), WOLFSSL_SUCCESS);
|
||||||
|
#endif
|
||||||
|
#ifdef HAVE_CURVE25519
|
||||||
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "X25519"), WOLFSSL_SUCCESS);
|
||||||
|
#else
|
||||||
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "X25519"), WOLFSSL_FAILURE);
|
||||||
|
#endif
|
||||||
|
#ifdef HAVE_CURVE448
|
||||||
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "X448"), WOLFSSL_SUCCESS);
|
||||||
|
#else
|
||||||
|
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "X448"), WOLFSSL_FAILURE);
|
||||||
|
#endif
|
||||||
|
|
||||||
AssertIntEQ(SSL_set1_curves_list(ssl, NULL), WOLFSSL_FAILURE);
|
AssertIntEQ(SSL_set1_curves_list(ssl, NULL), WOLFSSL_FAILURE);
|
||||||
|
#ifdef HAVE_ECC
|
||||||
AssertIntEQ(SSL_set1_curves_list(ssl, "P-25X"), WOLFSSL_FAILURE);
|
AssertIntEQ(SSL_set1_curves_list(ssl, "P-25X"), WOLFSSL_FAILURE);
|
||||||
AssertIntEQ(SSL_set1_curves_list(ssl, "P-256"), WOLFSSL_SUCCESS);
|
AssertIntEQ(SSL_set1_curves_list(ssl, "P-256"), WOLFSSL_SUCCESS);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifdef HAVE_CURVE25519
|
||||||
|
AssertIntEQ(SSL_set1_curves_list(ssl, "X25519"), WOLFSSL_SUCCESS);
|
||||||
|
#else
|
||||||
|
AssertIntEQ(SSL_set1_curves_list(ssl, "X25519"), WOLFSSL_FAILURE);
|
||||||
|
#endif
|
||||||
|
#ifdef HAVE_CURVE448
|
||||||
|
AssertIntEQ(SSL_set1_curves_list(ssl, "X448"), WOLFSSL_SUCCESS);
|
||||||
|
#else
|
||||||
|
AssertIntEQ(SSL_set1_curves_list(ssl, "X448"), WOLFSSL_FAILURE);
|
||||||
|
#endif
|
||||||
|
|
||||||
SSL_free(ssl);
|
SSL_free(ssl);
|
||||||
SSL_CTX_free(ctx);
|
SSL_CTX_free(ctx);
|
||||||
|
|||||||
Reference in New Issue
Block a user