mirror of
https://github.com/cuberite/polarssl.git
synced 2025-10-17 12:10:43 -04:00
e5a916fd3c
The comments were about the time we were using mbedtls_pk_ec(), which can return NULL, which we don't want to propagate to other functions. Now we're using mbedtls_pk_get_ec_group_id() with is a safer interface (and works even when EC is provided by drivers). The check for GROUP_NONE was an heritage from the previous NULL check. However it's actually useless: if NONE were returned (which can't happen or parsing of the certificate would have failed and we wouldn't be here), then mbedtls_ssl_check_curve() would work and just say that the curve wasn't valid, which is OK. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>