summaryrefslogtreecommitdiff
path: root/lib/auth/ecdhe.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/auth/ecdhe.c')
-rw-r--r--lib/auth/ecdhe.c17
1 files changed, 11 insertions, 6 deletions
diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c
index 8c20d6c1cc..883f6cd046 100644
--- a/lib/auth/ecdhe.c
+++ b/lib/auth/ecdhe.c
@@ -172,7 +172,8 @@ int _gnutls_proc_ecdh_common_client_kx(gnutls_session_t session,
gnutls_assert();
goto cleanup;
}
- } else if (ecurve->pk == GNUTLS_PK_ECDH_X25519) {
+ } else if (ecurve->pk == GNUTLS_PK_ECDH_X25519 ||
+ ecurve->pk == GNUTLS_PK_ECDH_X448) {
if (ecurve->size != point_size)
return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
@@ -183,7 +184,8 @@ int _gnutls_proc_ecdh_common_client_kx(gnutls_session_t session,
goto cleanup;
}
- /* RFC7748 requires to mask the MSB in the final byte */
+ /* RFC7748 requires to mask the MSB in the final byte
+ * for X25519 (not X448) */
if (ecurve->id == GNUTLS_ECC_CURVE_X25519) {
session->key.proto.tls12.ecdh.raw.data[point_size-1] &= 0x7f;
}
@@ -282,7 +284,7 @@ _gnutls_gen_ecdh_common_client_kx_int(gnutls_session_t session,
gnutls_assert();
goto cleanup;
}
- } else if (pk == GNUTLS_PK_ECDH_X25519) {
+ } else if (pk == GNUTLS_PK_ECDH_X25519 || pk == GNUTLS_PK_ECDH_X448) {
ret =
_gnutls_buffer_append_data_prefix(data, 8,
session->key.proto.tls12.ecdh.params.raw_pub.data,
@@ -382,7 +384,8 @@ _gnutls_proc_ecdh_common_server_kx(gnutls_session_t session,
if (ret < 0)
return gnutls_assert_val(ret);
- } else if (ecurve->pk == GNUTLS_PK_ECDH_X25519) {
+ } else if (ecurve->pk == GNUTLS_PK_ECDH_X25519 ||
+ ecurve->pk == GNUTLS_PK_ECDH_X448) {
if (ecurve->size != point_size)
return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
@@ -391,7 +394,8 @@ _gnutls_proc_ecdh_common_server_kx(gnutls_session_t session,
if (ret < 0)
return gnutls_assert_val(ret);
- /* RFC7748 requires to mask the MSB in the final byte */
+ /* RFC7748 requires to mask the MSB in the final byte
+ * for X25519 (not X448) */
if (ecurve->id == GNUTLS_ECC_CURVE_X25519) {
session->key.proto.tls12.ecdh.raw.data[point_size-1] &= 0x7f;
}
@@ -462,7 +466,8 @@ int _gnutls_ecdh_common_print_server_kx(gnutls_session_t session,
if (ret < 0)
return gnutls_assert_val(ret);
- } else if (group->pk == GNUTLS_PK_ECDH_X25519) {
+ } else if (group->pk == GNUTLS_PK_ECDH_X25519 ||
+ group->pk == GNUTLS_PK_ECDH_X448) {
ret =
_gnutls_buffer_append_data_prefix(data, 8,
session->key.proto.tls12.ecdh.params.raw_pub.data,
View Lorry Controller Status