AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Set ecdh_psa_privkey_is_external to 1 right after setting ecdh_psa_privkey in ssl_get_ecdh_params_from_cert()

Browse Source 
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-04-04 11:25:23 +02:00
parent f716a700a1
commit e88d190f2e
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
library/ssl_tls12_server.c
View File

@ -2883,19 +2883,22 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
ssl->handshake->ecdh_psa_privkey =
*( (mbedtls_svc_key_id_t*) pk->pk_ctx );
/* Key should not be destroyed in the TLS library */
ssl->handshake->ecdh_psa_privkey_is_external = 1;
status = psa_get_key_attributes( ssl->handshake->ecdh_psa_privkey,
&key_attributes );
if( status != PSA_SUCCESS)
{
ssl->handshake->ecdh_psa_privkey = MBEDTLS_SVC_KEY_ID_INIT;
return( psa_ssl_status_to_mbedtls( status ) );
}
ssl->handshake->ecdh_psa_type = psa_get_key_type( &key_attributes );
ssl->handshake->ecdh_bits = psa_get_key_bits( &key_attributes );
psa_reset_key_attributes( &key_attributes );
/* Key should not be destroyed in the TLS library */
ssl->handshake->ecdh_psa_privkey_is_external = 1;
ret = 0;
break;
case MBEDTLS_PK_ECKEY: