Use tinyCrypt only for ECDHE-RSA/ECDSA in SrvKeyExch writing
In a way inconsistent with the rest of the library restricting the
use of tinyCrypt to pure-ECDHE, the previous ServerKeyExchange writing
routine would use tinyCrypt also for ECDHE-PSK-based ciphersuites.
This commit fixes this.
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index d508967..3198596 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -3384,87 +3384,98 @@
*/
#if defined(MBEDTLS_USE_TINYCRYPT)
- static const uint16_t secp256r1_tls_id = 23;
- static const unsigned char ecdh_param_hdr[] = {
- MBEDTLS_ECP_TLS_NAMED_CURVE,
- ( secp256r1_tls_id >> 8 ) & 0xFF,
- ( secp256r1_tls_id >> 0 ) & 0xFF,
- 2 * NUM_ECC_BYTES + 1,
- 0x04 /* Uncompressed */
- };
-
- if( ssl->handshake->curve_tls_id != secp256r1_tls_id )
+ if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
+ == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
+ mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
+ == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA )
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported curve %u (expected %u)",
- (unsigned) ssl->handshake->curve_tls_id,
- secp256r1_tls_id ) );
- return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+ static const uint16_t secp256r1_tls_id = 23;
+ static const unsigned char ecdh_param_hdr[] = {
+ MBEDTLS_ECP_TLS_NAMED_CURVE,
+ ( secp256r1_tls_id >> 8 ) & 0xFF,
+ ( secp256r1_tls_id >> 0 ) & 0xFF,
+ 2 * NUM_ECC_BYTES + 1,
+ 0x04 /* Uncompressed */
+ };
+
+ if( ssl->handshake->curve_tls_id != secp256r1_tls_id )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported curve %u (expected %u)",
+ (unsigned) ssl->handshake->curve_tls_id,
+ secp256r1_tls_id ) );
+ return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+ }
+
+ if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
+ ssl->handshake->ecdh_privkey,
+ uecc_curve ) )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+ dig_signed = ssl->out_msg + ssl->out_msglen;
+#endif
+
+ memcpy( ssl->out_msg + ssl->out_msglen,
+ ecdh_param_hdr, sizeof( ecdh_param_hdr ) );
+ ssl->out_msglen += sizeof( ecdh_param_hdr );
+
+ memcpy( &ssl->out_msg[ssl->out_msglen],
+ ssl->handshake->ecdh_ownpubkey,
+ 2*NUM_ECC_BYTES );
+ ssl->out_msglen += 2*NUM_ECC_BYTES;
}
-
- if( !uECC_make_key( ssl->handshake->ecdh_ownpubkey,
- ssl->handshake->ecdh_privkey,
- uecc_curve ) )
+ else
+#endif /* MBEDTLS_ECDH_C */
+#if !defined(MBEDTLS_ECDH_C)
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "Key creation failed" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
+#else
+ {
+ const mbedtls_ecp_curve_info *curve =
+ mbedtls_ecp_curve_info_from_tls_id( ssl->handshake->curve_tls_id );
+ int ret;
+ size_t len = 0;
+
+ if( curve == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) );
+ return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+ }
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", curve->name ) );
+
+ if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx,
+ curve->grp_id ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret );
+ return( ret );
+ }
+
+ if( ( ret = mbedtls_ecdh_make_params(
+ &ssl->handshake->ecdh_ctx, &len,
+ ssl->out_msg + ssl->out_msglen,
+ MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen,
+ mbedtls_ssl_conf_get_frng( ssl->conf ),
+ mbedtls_ssl_conf_get_prng( ssl->conf ) ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
+ return( ret );
+ }
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
- dig_signed = ssl->out_msg + ssl->out_msglen;
+ dig_signed = ssl->out_msg + ssl->out_msglen;
#endif
- memcpy( ssl->out_msg + ssl->out_msglen,
- ecdh_param_hdr, sizeof( ecdh_param_hdr ) );
- ssl->out_msglen += sizeof( ecdh_param_hdr );
+ ssl->out_msglen += len;
- memcpy( &ssl->out_msg[ssl->out_msglen],
- ssl->handshake->ecdh_ownpubkey,
- 2*NUM_ECC_BYTES );
- ssl->out_msglen += 2*NUM_ECC_BYTES;
-
-#else /* MBEDTLS_USE_TINYCRYPT */
-
- const mbedtls_ecp_curve_info *curve =
- mbedtls_ecp_curve_info_from_tls_id( ssl->handshake->curve_tls_id );
- int ret;
- size_t len = 0;
-
- if( curve == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) );
- return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
+ MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
+ MBEDTLS_DEBUG_ECDH_Q );
}
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", curve->name ) );
-
- if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx,
- curve->grp_id ) ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecp_group_load", ret );
- return( ret );
- }
-
- if( ( ret = mbedtls_ecdh_make_params(
- &ssl->handshake->ecdh_ctx, &len,
- ssl->out_msg + ssl->out_msglen,
- MBEDTLS_SSL_OUT_CONTENT_LEN - ssl->out_msglen,
- mbedtls_ssl_conf_get_frng( ssl->conf ),
- mbedtls_ssl_conf_get_prng( ssl->conf ) ) ) != 0 )
- {
- MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
- return( ret );
- }
-
-#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
- dig_signed = ssl->out_msg + ssl->out_msglen;
-#endif
-
- ssl->out_msglen += len;
-
- MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx,
- MBEDTLS_DEBUG_ECDH_Q );
-
-#endif /* MBEDTLS_USE_TINYCRYPT */
-
+#endif /* MBEDTLS_ECDH_C */
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED */