From ba59f6b38ef6f3f3dc99ecb27633a5f3f2c51822 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden@patater.com>
Date: Mon, 3 Jun 2019 08:27:16 +0100
Subject: [PATCH] ssl_tls: Enable Suite B with subset of ECP curves

Make sure the code compiles even if some curves are not defined.

Fixes #1591
---
 ChangeLog         | 2 ++
 library/ssl_tls.c | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 8b9bfef7d..62e5a8cab 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -47,6 +47,8 @@ Bugfix
    * Fix Visual Studio Release x64 build configuration by inheriting
      PlatformToolset from the project configuration. Fixes #1430 reported by
      irwir.
+   * Enable Suite B with subset of ECP curves. Make sure the code compiles even
+     if some curves are not defined. Fixes #1591 reported by dbedev.
 
 Changes
    * Return from various debugging routines immediately if the
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1270ee9b8..3cf09bbdc 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7739,8 +7739,12 @@ static int ssl_preset_suiteb_hashes[] = {
 
 #if defined(MBEDTLS_ECP_C)
 static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = {
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
     MBEDTLS_ECP_DP_SECP256R1,
+#endif
+#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
     MBEDTLS_ECP_DP_SECP384R1,
+#endif
     MBEDTLS_ECP_DP_NONE
 };
 #endif