yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix handshake failure in suite B

Browse source 
Fix handshake failure where PK key is translated as `MBEDTLS_ECKEY`
instead of `MBEDTLS_ECDSA`
This commit is contained in:
Ron Eldor 2018-02-06 15:59:38 +02:00
parent 32605dc830
commit 85e1dcff6a
2 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ChangeLog
View file

@ -1,5 +1,11 @@
mbed TLS ChangeLog (Sorted per branch, date) mbed TLS ChangeLog (Sorted per branch, date)
= mbed TLS x.x.x branch released xxxx-xx-xx
Bugfix
* Fix handshake failure in NIST suite b, where the key was determined as
MBEDTLS_ECKEY instead of MBEDTLS_ECDSA.
= mbed TLS 2.7.0 branch released 2018-02-03 = mbed TLS 2.7.0 branch released 2018-02-03
Security Security

3
library/x509_crt.c
View file

@ -133,7 +133,8 @@ const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ), MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ),
/* Only ECDSA */ /* Only ECDSA */
MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ), MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ) |
MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECKEY ),
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
/* Only NIST P-256 and P-384 */ /* Only NIST P-256 and P-384 */
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) | MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |