summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAdam Langley <agl@google.com>2015-05-12 14:26:54 -0700
committerKenny Root <kroot@google.com>2015-05-12 23:07:25 +0000
commit62d05888d1cf178d900b54e7e035928abea512b1 (patch)
tree74bb1bb6350db1b04b8ac87e12ed0115d6ee7894
parente9ada863a7b3e81f5d2b1e3bdd2305da902a87f5 (diff)
downloadexternal_boringssl-62d05888d1cf178d900b54e7e035928abea512b1.zip
external_boringssl-62d05888d1cf178d900b54e7e035928abea512b1.tar.gz
external_boringssl-62d05888d1cf178d900b54e7e035928abea512b1.tar.bz2
external/boringssl: add P-521 back into the ClientHello.
This change does strange things to servers which take it as clue that nothing to do with P-521 is acceptable just because it's missing from the ClientHello. Hopefully for the next Android release we can remove this and replace it with the support for the CFRG curves. Bug: 20634927 Change-Id: I1d1a65cd82f68ac6d8da5560075cbacaebf539e1
-rw-r--r--src/ssl/t1_lib.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/ssl/t1_lib.c b/src/ssl/t1_lib.c
index 433a647..58b7f04 100644
--- a/src/ssl/t1_lib.c
+++ b/src/ssl/t1_lib.c
@@ -358,6 +358,9 @@ static const uint8_t ecformats_default[] = {
static const uint16_t eccurves_default[] = {
23, /* X9_62_prime256v1 */
24, /* secp384r1 */
+#if defined(ANDROID)
+ 25, /* secp521r1 */
+#endif
};
int tls1_ec_curve_id2nid(uint16_t curve_id) {