Add MBEDTLS_ECDH_C guards to ECDH code-paths using legacy ECDH Previously, MBEDTLS_KEY_EXCHANGE_ECDH[E]_XXX_ENABLED would imply that MBEDTLS_ECDH_C is set, but with the introduction of tinyCrypt as an alternative ECDH implementation, this is no longer the case.

commit: 29d165565c4eb52351a5a8653049a611bdfb107c [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Wed Jul 24 11:11:45 2019 +0100
committer: Hanno Becker <hanno.becker@arm.com> Mon Aug 12 18:01:40 2019 +0100
tree: fdc3051e05eb0da6f14dd1b925bf6bbed16731b8
parent: 975b9ee3c808a4c0bb8d45873e83b24536691c58 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index da7285f..0500d85 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -1740,10 +1740,11 @@
     }
     else
 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) ||                     \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||                   \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) ||                      \
-    defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
+#if defined(MBEDTLS_ECDH_C) &&                                          \
+    ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)   ||              \
+      defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) ||              \
+      defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED)    ||              \
+      defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) )
     if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
         == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA                       ||
         mbedtls_ssl_suite_get_key_exchange( ciphersuite_info )
commit	29d165565c4eb52351a5a8653049a611bdfb107c	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Wed Jul 24 11:11:45 2019 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Mon Aug 12 18:01:40 2019 +0100
tree	fdc3051e05eb0da6f14dd1b925bf6bbed16731b8
parent	975b9ee3c808a4c0bb8d45873e83b24536691c58 [diff] [blame]