diff options
Diffstat (limited to 'src/ssl/s3_lib.c')
-rw-r--r-- | src/ssl/s3_lib.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/ssl/s3_lib.c b/src/ssl/s3_lib.c index 617ea6e..5209802 100644 --- a/src/ssl/s3_lib.c +++ b/src/ssl/s3_lib.c @@ -335,14 +335,17 @@ int SSL_CTX_set1_tls_channel_id(SSL_CTX *ctx, EVP_PKEY *private_key) { } int SSL_set1_tls_channel_id(SSL *ssl, EVP_PKEY *private_key) { - ssl->tlsext_channel_id_enabled = 1; if (EVP_PKEY_id(private_key) != EVP_PKEY_EC || - EVP_PKEY_bits(private_key) != 256) { + EC_GROUP_get_curve_name(EC_KEY_get0_group(private_key->pkey.ec)) != + NID_X9_62_prime256v1) { OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_NOT_P256); return 0; } + EVP_PKEY_free(ssl->tlsext_channel_id_private); ssl->tlsext_channel_id_private = EVP_PKEY_up_ref(private_key); + ssl->tlsext_channel_id_enabled = 1; + return 1; } |