Don't store client-supported ECs in heap-allocated buffer

So far, the client-proposed list of elliptic curves was stored for the duration of the entire handshake in a heap-allocated buffer referenced from mbedtls_ssl_handshake_params::curves. It is used in the following places: 1) When the server chooses a suitable ciphersuite, it checks that it has a certificate matching the ciphersuite; in particular, if the ciphersuite involves ECDHE, the server needs an EC certificate with a curve suitable for the client. 2) When performing the ECDHE key exchange, the server choose one curve among those proposed by the client which matches the server's own supported curve configuration. This commit removes the hold back the entire client-side curve list during the handshake, by performing (1) and (2) on during ClientHello parsing, and in case of (2) only remembering the curve chosen for ECDHE within mbedtls_ssl_handshake_params.
2026-05-11 06:28:17 +02:00 · 2019-06-17 14:30:05 +01:00
parent 1841f84c79
commit d3b2fcb7c6
3 changed files with 65 additions and 65 deletions
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -383,7 +383,7 @@ struct mbedtls_ssl_handshake_params
 #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
 #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
-    const mbedtls_ecp_curve_info **curves;      /*!<  Supported elliptic curves */
+    mbedtls_ecp_curve_info const *curve_info;  /*!< Info for EC for ECDHE. */
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
    unsigned char *psk;                 /*!<  PSK from the callback         */