diff options
| -rw-r--r-- | src/lib/tls/msg_client_kex.cpp | 6 | ||||
| -rw-r--r-- | src/tests/unit_tls.cpp | 3 |
2 files changed, 6 insertions, 3 deletions
diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp index 81b01a704..6dc8295a6 100644 --- a/src/lib/tls/msg_client_kex.cpp +++ b/src/lib/tls/msg_client_kex.cpp @@ -169,12 +169,12 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io, Curve25519_PrivateKey priv_key(rng); PK_Key_Agreement ka(priv_key, rng, "Raw"); ecdh_secret = ka.derive_key(0, counterparty_key.public_value()).bits_of(); -#else - throw Internal_Error("Negotiated X25519 somehow, but it is disabled"); -#endif // X25519 is always compressed but sent as "uncompressed" in TLS our_ecdh_public = priv_key.public_value(); +#else + throw Internal_Error("Negotiated X25519 somehow, but it is disabled"); +#endif } else { diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index 9cc6d4793..ec082027b 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -912,8 +912,11 @@ class TLS_Unit_Tests : public Test { { "use_ecc_point_compression", "true" } }); test_modern_versions(results, *creds, "ECDH", "AES-128/GCM", "AEAD", { { "ecc_curves", "secp384r1" } }); + +#if defined(BOTAN_HAS_CURVE_25519) test_modern_versions(results, *creds, "ECDH", "AES-128/GCM", "AEAD", { { "ecc_curves", "x25519" } }); +#endif std::unique_ptr<Botan::Credentials_Manager> creds_with_client_cert(create_creds(rng, true)); test_modern_versions(results, *creds_with_client_cert, "ECDH", "AES-256/GCM"); |