Completely remove P-224 from the TLS stack.
It already wasn't in the default list and no one enables it. Remove it
altogether. (It's also gone from the current TLS 1.3 draft.)
Change-Id: I143d07d390d186252204df6bdb8ffd22649f80e3
Reviewed-on: https://boringssl-review.googlesource.com/6775
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 8b5bf8e..3e5d9d9 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -343,7 +343,6 @@
/* ECC curves from RFC4492. */
static const struct tls_curve tls_curves[] = {
- {21, NID_secp224r1, "P-224"},
{23, NID_X9_62_prime256v1, "P-256"},
{24, NID_secp384r1, "P-384"},
{25, NID_secp521r1, "P-521"},
diff --git a/ssl/test/bssl_shim.cc b/ssl/test/bssl_shim.cc
index 13edeed..73ca87d 100644
--- a/ssl/test/bssl_shim.cc
+++ b/ssl/test/bssl_shim.cc
@@ -1239,7 +1239,7 @@
}
if (config->enable_all_curves) {
static const int kAllCurves[] = {
- NID_secp224r1, NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1,
+ NID_X9_62_prime256v1, NID_secp384r1, NID_secp521r1,
};
if (!SSL_set1_curves(ssl.get(), kAllCurves,
sizeof(kAllCurves) / sizeof(kAllCurves[0]))) {
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 6f2bb4e..2a32cd3 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1691,14 +1691,13 @@
{
name: "UnsupportedCurve",
config: Config{
- CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
- // BoringSSL implements P-224 but doesn't enable it by
- // default.
- CurvePreferences: []CurveID{CurveP224},
+ CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
+ CurvePreferences: []CurveID{CurveP256},
Bugs: ProtocolBugs{
IgnorePeerCurvePreferences: true,
},
},
+ flags: []string{"-p384-only"},
shouldFail: true,
expectedError: ":WRONG_CURVE:",
},
@@ -4622,7 +4621,6 @@
name string
id CurveID
}{
- {"P-224", CurveP224},
{"P-256", CurveP256},
{"P-384", CurveP384},
{"P-521", CurveP521},
