commit 568c9cf87828bbeb6fd209250ee16a90f0626f35
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Sep 16 17:30:04 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Sep 18 14:34:34 2013 +0200
tree bbe3745c73592aaa0307efbd43ab876a70b11f28
parent 7038039f2e2f2e3fa63cf6387f62c6b691e62eb1

Add ecp_supported_curves and simplify some code

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index a899aff..300001e 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -233,32 +233,20 @@
     unsigned char *p = buf;
     unsigned char elliptic_curve_list[20];
     size_t elliptic_curve_len = 0;
+    ecp_curve_info *curve;
     ((void) ssl);
 
     *olen = 0;
 
     SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
 
-#if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED)
-    elliptic_curve_list[elliptic_curve_len++] = 0x00;
-    elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP521R1 );
-#endif
-#if defined(POLARSSL_ECP_DP_SECP384R1_ENABLED)
-    elliptic_curve_list[elliptic_curve_len++] = 0x00;
-    elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP384R1 );
-#endif
-#if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
-    elliptic_curve_list[elliptic_curve_len++] = 0x00;
-    elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP256R1 );
-#endif
-#if defined(POLARSSL_ECP_DP_SECP224R1_ENABLED)
-    elliptic_curve_list[elliptic_curve_len++] = 0x00;
-    elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP224R1 );
-#endif
-#if defined(POLARSSL_ECP_DP_SECP192R1_ENABLED)
-    elliptic_curve_list[elliptic_curve_len++] = 0x00;
-    elliptic_curve_list[elliptic_curve_len++] = ecp_named_curve_from_grp_id( POLARSSL_ECP_DP_SECP192R1 );
-#endif
+    for( curve = ecp_supported_curves;
+         curve->grp_id != POLARSSL_ECP_DP_NONE;
+         curve++ )
+    {
+        elliptic_curve_list[elliptic_curve_len++] = curve->name >> 8;
+        elliptic_curve_list[elliptic_curve_len++] = curve->name & 0xFF;
+    }
 
     if( elliptic_curve_len == 0 )
         return;
@@ -1134,10 +1122,13 @@
     if( ( ret = ecdh_read_params( &ssl->handshake->ecdh_ctx,
                                   (const unsigned char **) p, end ) ) != 0 )
     {
-        SSL_DEBUG_RET( 2, ( "ecdh_read_params" ), ret );
+        SSL_DEBUG_RET( 1, ( "ecdh_read_params" ), ret );
         return( ret );
     }
 
+    SSL_DEBUG_MSG( 2, ( "ECDH curve size: %d",
+                        (int) ssl->handshake->ecdh_ctx.grp.nbits ) );
+
     if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
         ssl->handshake->ecdh_ctx.grp.nbits > 521 )
     {