Fix missing check on server-chosen curve We had this check in the non-PSA case, but it was missing in the PSA case. Backport of 141be6cc7faeb68296625670b851670542481ab6 with just the error code change to adapt to 2.28. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

commit: 0178487fb2b5a5b75d67480521d43f20461c1098 [log] [tgz]
author: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Tue Jan 25 11:46:19 2022 +0100
committer: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon Feb 14 13:00:42 2022 +0100
tree: cf806ee849936a331187504ae6b540be26518c20
parent: 298d6cc397b38e1ec641bdc13977c8a1ababb009 [diff] [blame]
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index b87879c..ea85ced 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c

@@ -2703,6 +2703,10 @@
     tls_id <<= 8;
     tls_id |= *(*p)++;
 
+    /* Check it's a curve we offered */
+    if( mbedtls_ssl_check_curve_tls_id( ssl, tls_id ) != 0 )
+        return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
+
     /* Convert EC group to PSA key type. */
     if( ( handshake->ecdh_psa_type =
           mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 )
commit	0178487fb2b5a5b75d67480521d43f20461c1098	[log] [tgz]
author	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Tue Jan 25 11:46:19 2022 +0100
committer	Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	Mon Feb 14 13:00:42 2022 +0100
tree	cf806ee849936a331187504ae6b540be26518c20
parent	298d6cc397b38e1ec641bdc13977c8a1ababb009 [diff] [blame]