mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 17:54:21 +01:00
0178487fb2
We had this check in the non-PSA case, but it was missing in the PSA case. Backport of 141be6cc7faeb68296625670b851670542481ab6 with just the error code change to adapt to 2.28. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
8 lines
416 B
Plaintext
8 lines
416 B
Plaintext
Bugfix
|
|
* Fix a bug in (D)TLS curve negotiation: when MBEDTLS_USE_PSA_CRYPTO was
|
|
enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
|
|
client would fail to check that the curve selected by the server for
|
|
ECDHE was indeed one that was offered. As a result, the client would
|
|
accept any curve that it supported, even if that curve was not allowed
|
|
according to its configuration.
|