diff --git a/include/polarssl/config.h b/include/polarssl/config.h index 8c95c426a..0a64f6ede 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -814,9 +814,9 @@ #define POLARSSL_SSL_TRUNCATED_HMAC /** - * \def POLARSSL_SSL_SET_ECDH_CURVES + * \def POLARSSL_SSL_SET_CURVES * - * Enable ssl_set_ecdh_curves(). + * Enable ssl_set_curves(). * * This is disabled by default since it breaks binary compatibility with the * 1.3.x line. If you choose to enable it, you will need to rebuild your @@ -825,9 +825,9 @@ * * TODO: actually disable it when done working on this branch ,) * - * Uncomment to make ssl_set_ecdh_curves() available. + * Uncomment to make ssl_set_curves() available. */ -#define POLARSSL_SSL_SET_ECDH_CURVES +#define POLARSSL_SSL_SET_CURVES /** * \def POLARSSL_THREADING_ALT diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 2fdc01df4..3ab362921 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -728,8 +728,8 @@ struct _ssl_context int allow_legacy_renegotiation; /*!< allow legacy renegotiation */ const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */ #if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \ - defined(POLARSSL_SSL_SET_ECDH_CURVES) - const ecp_group_id *ecdh_curve_list;/*!< allowed curves for ECDH */ + defined(POLARSSL_SSL_SET_CURVES) + const ecp_group_id *curve_list; /*!< allowed curves */ #endif #if defined(POLARSSL_SSL_TRUNCATED_HMAC) int trunc_hmac; /*!< negotiate truncated hmac? */ @@ -1160,7 +1160,7 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); #endif #if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \ - defined(POLARSSL_SSL_SET_ECDH_CURVES) + defined(POLARSSL_SSL_SET_CURVES) /** * \brief Set the allowed ECDH curves. * (Default: all defined curves.) @@ -1169,10 +1169,9 @@ int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); * handshake curve preference. * * \param ssl SSL context - * \param ecdh_curve_list Zero terminated list of the allowed ECDH curves + * \param curves Zero terminated list of the allowed ECDH curves */ -void ssl_set_ecdh_curves( ssl_context *ssl, - const ecp_group_id *ecdh_curve_list ); +void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curves ); #endif #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index ac5f8028f..20a6be591 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2106,12 +2106,12 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) * } ServerECDHParams; */ ecp_group_id grp_id; -#if defined(POLARSSL_SSL_SET_ECDH_CURVES) +#if defined(POLARSSL_SSL_SET_CURVES) unsigned int pref_idx, curv_idx, found; /* Match our preference list against the agreed curves */ for( pref_idx = 0, found = 0; - ssl->ecdh_curve_list[pref_idx] != POLARSSL_ECP_DP_NONE; + ssl->curve_list[pref_idx] != POLARSSL_ECP_DP_NONE; pref_idx++ ) { /* Look through the agreed curve list */ @@ -2120,7 +2120,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) curv_idx++ ) { if (ssl->handshake->curves[curv_idx]->grp_id == - ssl->ecdh_curve_list[pref_idx] ) + ssl->curve_list[pref_idx] ) { /* We found our most preferred curve */ found = 1; @@ -2130,18 +2130,18 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) /* Exit the search if we have found our curve */ if( found == 1 ) - { break; - } } - /* If we haven't found any allowed / preferred curve, - * ssl->ecdh_curve_list[pref_idx] will contain POLARSSL_ECP_DP_NONE and + + /* + * If we haven't found any allowed / preferred curve, + * ssl->curve_list[pref_idx] will contain POLARSSL_ECP_DP_NONE and * ecp_use_known_dp() will fail. */ - grp_id = ssl->ecdh_curve_list[pref_idx]; + grp_id = ssl->curve_list[pref_idx]; #else grp_id = ssl->handshake->curves[0]->grp_id; -#endif /* POLARSSL_SSL_SET_ECDH_CURVES */ +#endif /* POLARSSL_SSL_SET_CURVES */ if( ( ret = ecp_use_known_dp( &ssl->handshake->ecdh_ctx.grp, grp_id ) ) != 0 ) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 29977d789..79b4bb75c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3335,7 +3335,7 @@ int ssl_init( ssl_context *ssl ) * * TODO: Add the Montgomery curves */ - static const ecp_group_id ecdh_default_curve_list[] = + static const ecp_group_id default_curve_list[] = { #if defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) POLARSSL_ECP_DP_SECP521R1, @@ -3425,8 +3425,8 @@ int ssl_init( ssl_context *ssl ) #endif #if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \ - defined(POLARSSL_SSL_SET_ECDH_CURVES) - ssl->ecdh_curve_list = ecdh_default_curve_list; + defined(POLARSSL_SSL_SET_CURVES) + ssl->curve_list = default_curve_list; #endif if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) @@ -4657,12 +4657,12 @@ md_type_t ssl_md_alg_from_hash( unsigned char hash ) #endif #if defined(POLARSSL_KEY_EXCHANGE__SOME__ECDHE_ENABLED) && \ - defined(POLARSSL_SSL_SET_ECDH_CURVES) + defined(POLARSSL_SSL_SET_CURVES) /* * Set the allowed ECDH curves. */ -void ssl_set_ecdh_curves( ssl_context *ssl, const ecp_group_id *ecdh_curve_list ) +void ssl_set_curves( ssl_context *ssl, const ecp_group_id *curve_list ) { - ssl->ecdh_curve_list = ecdh_curve_list; + ssl->curve_list = curve_list; } #endif