From f878dbcef2eebbb017f6ddee6f19af67ce8761a8 Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Wed, 20 Mar 2013 09:18:05 -0700
Subject: [PATCH] fix ecc key load w/ no rsa, ssn5

---
 src/internal.c | 16 ++++++++++------
 src/ssl.c      |  6 +++++-
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index e98856313..90c31eefb 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1010,14 +1010,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
 #endif
 
 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA256
-    if (tls & havePSK) {
+    if (tls && havePSK) {
         suites->suites[idx++] = 0;
         suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256;
     }
 #endif
 
 #ifdef BUILD_TLS_PSK_WITH_NULL_SHA
-    if (tls & havePSK) {
+    if (tls && havePSK) {
         suites->suites[idx++] = 0;
         suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA;
     }
@@ -1135,8 +1135,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
                 suites->hashSigAlgo[idx++] = sha256_mac;
                 suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
             #endif
-            suites->hashSigAlgo[idx++] = sha_mac;
-            suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
+            #ifndef NO_SHA
+                suites->hashSigAlgo[idx++] = sha_mac;
+                suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo;
+            #endif
         }
 
         if (haveRSAsig) {
@@ -1148,8 +1150,10 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK,
                 suites->hashSigAlgo[idx++] = sha256_mac;
                 suites->hashSigAlgo[idx++] = rsa_sa_algo;
             #endif
-            suites->hashSigAlgo[idx++] = sha_mac;
-            suites->hashSigAlgo[idx++] = rsa_sa_algo;
+            #ifndef NO_SHA
+                suites->hashSigAlgo[idx++] = sha_mac;
+                suites->hashSigAlgo[idx++] = rsa_sa_algo;
+            #endif
         }
 
         suites->hashSigAlgoSz = idx;
diff --git a/src/ssl.c b/src/ssl.c
index 7a337f7ab..90e73ff47 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1178,6 +1178,7 @@ int CyaSSL_Init(void)
         int           ret;
         int           dynamicType = 0;
         int           eccKey = 0;
+        int           rsaKey = 0;
         void*         heap = ctx ? ctx->heap : NULL;
 
         info.set      = 0;
@@ -1416,12 +1417,14 @@ int CyaSSL_Init(void)
                         FreeRsaKey(&key);
                         return SSL_BAD_FILE;
                     }
+                } else {
+                    rsaKey = 1;
                 }
                 FreeRsaKey(&key);
             }
 #endif
 #ifdef HAVE_ECC  
-            if (eccKey ) {
+            if (!rsaKey) {
                 /* make sure ECC key can be used */
                 word32  idx = 0;
                 ecc_key key;
@@ -1432,6 +1435,7 @@ int CyaSSL_Init(void)
                     return SSL_BAD_FILE;
                 }
                 ecc_free(&key);
+                eccKey = 1;
                 ctx->haveStaticECC = 1;
                 if (ssl)
                     ssl->options.haveStaticECC = 1;