From 6bd98afdd05a70d5ab860e432291b21c10b26977 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 16 Oct 2020 15:31:57 -0700
Subject: [PATCH] Only allow TLS ECDH key sizes < 160-bits if `ECC_WEAK_CURVES`
 is defined.

---
 src/ssl.c               | 11 ++++++++---
 wolfssl/wolfcrypt/ecc.h |  4 ++++
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 65c20275e..d3dafc435 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -10151,12 +10151,13 @@ int wolfSSL_use_certificate_chain_file_format(WOLFSSL* ssl, const char* file,
 
 #ifdef HAVE_ECC
 
-/* Set Temp CTX EC-DHE size in octets, should be 14 - 66 for 112 - 521 bit */
+/* Set Temp CTX EC-DHE size in octets, can be 14 - 66 (112 - 521 bit) */
 int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz)
 {
     if (ctx == NULL)
         return BAD_FUNC_ARG;
 
+    /* if 0 then get from loaded private key */
     if (sz == 0) {
         /* applies only to ECDSA */
         if (ctx->privateKeyType != ecc_dsa_sa_algo)
@@ -10180,10 +10181,14 @@ int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz)
 }
 
 
-/* Set Temp SSL EC-DHE size in octets, should be 14 - 66 for 112 - 521 bit */
+/* Set Temp SSL EC-DHE size in octets, can be 14 - 66 (112 - 521 bit) */
 int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL* ssl, word16 sz)
 {
-    if (ssl == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    /* check size */
+    if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
         return BAD_FUNC_ARG;
 
     ssl->eccTempKeySz = sz;
diff --git a/wolfssl/wolfcrypt/ecc.h b/wolfssl/wolfcrypt/ecc.h
index ec1587d66..5ff59e9d0 100644
--- a/wolfssl/wolfcrypt/ecc.h
+++ b/wolfssl/wolfcrypt/ecc.h
@@ -125,7 +125,11 @@ enum {
     ECC_MAXNAME     = 16,   /* MAX CURVE NAME LENGTH */
     SIG_HEADER_SZ   =  7,   /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */
     ECC_BUFSIZE     = 256,  /* for exported keys temp buffer */
+#ifdef ECC_WEAK_CURVES
     ECC_MINSIZE     = 14,   /* MIN Private Key size */
+#else
+    ECC_MINSIZE     = 20,   /* MIN Private Key size */
+#endif
     ECC_MAXSIZE     = 66,   /* MAX Private Key size */
     ECC_MAXSIZE_GEN = 74,   /* MAX Buffer size required when generating ECC keys*/
     ECC_MAX_OID_LEN = 16,