ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-10 00:49:04 +08:00
Code Issues Releases Wiki Activity

tls: never destroy a priavte key that is not owned/created by TLS module

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2023-06-16 13:18:52 +02:00
parent 0813b6f28d
commit b46217d5c1
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
library/ssl_tls12_server.c
View File

@ -2622,11 +2622,8 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
} }
ssl->handshake->ecdh_psa_privkey = pk->priv_id; ssl->handshake->ecdh_psa_privkey = pk->priv_id;
/* Key should not be destroyed in the TLS library */
if (pk_type == MBEDTLS_PK_OPAQUE) { ssl->handshake->ecdh_psa_privkey_is_external = 1;
/* Key should not be destroyed in the TLS library */
ssl->handshake->ecdh_psa_privkey_is_external = 1;
}
status = psa_get_key_attributes(ssl->handshake->ecdh_psa_privkey, status = psa_get_key_attributes(ssl->handshake->ecdh_psa_privkey,
&key_attributes); &key_attributes);