tls13: keys: Fail if the group type is not ECDHE or DHE
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index d8d28f1..897541b 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1304,9 +1304,9 @@
handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
#endif /* MBEDTLS_ECDH_C */
}
- else if( mbedtls_ssl_tls13_named_group_is_dhe( handshake->offered_group_id ) )
+ else
{
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHE not supported." ) );
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "Group not supported." ) );
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
}