diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-12-18 17:32:47 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2013-12-18 17:32:47 +0100 |
| commit | 9dbc8481f0c09b0aa004927bf9bd7dded601d040 (patch) | |
| tree | 89cb5c0159de6d1349db20738dbe993bed7f155a | |
| parent | 0994c807524e5ad74d439e3bfe7142ba80cb2a56 (diff) | |
| download | gnutls-9dbc8481f0c09b0aa004927bf9bd7dded601d040.tar.gz | |
disable the non-suiteb curves when requested
| -rw-r--r-- | lib/algorithms/ecc.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c index 3aa4000f9d..ecba392f74 100644 --- a/lib/algorithms/ecc.c +++ b/lib/algorithms/ecc.c @@ -30,6 +30,7 @@ */ static const gnutls_ecc_curve_entry_st ecc_curves[] = { +#ifdef ENABLE_NON_SUITEB_CURVES { .name = "SECP192R1", .oid = "1.2.840.10045.3.1.1", @@ -44,6 +45,7 @@ static const gnutls_ecc_curve_entry_st ecc_curves[] = { .tls_id = 21, .size = 28, }, +#endif { .name = "SECP256R1", .oid = "1.2.840.10045.3.1.7", @@ -180,7 +182,7 @@ gnutls_ecc_curve_t _gnutls_ecc_curve_get_id(const char *name) -*/ gnutls_ecc_curve_t _gnutls_ecc_bits_to_curve(int bits) { - gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_SECP224R1; + gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_SECP256R1; GNUTLS_ECC_CURVE_LOOP( if (8 * p->size >= bits) { |