Make a copy of the key in operation while setting pake password

Additionally use psa_get_and_lock_key_slot_with_policy() to obtain key. This requires making this function public. This will have to be solved while adding driver dipatch for EC-JPAKE. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2025-07-30 22:43:08 +03:00 · 2022-11-15 22:22:07 +01:00
parent 32605b24be
commit 348410f709
3 changed files with 49 additions and 17 deletions
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@ -1829,7 +1829,7 @@ psa_status_t psa_pake_abort( psa_pake_operation_t * operation );
 */
 #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
 #define PSA_PAKE_OPERATION_INIT {PSA_ALG_NONE, 0, 0, 0, 0,              \
-                                 MBEDTLS_SVC_KEY_ID_INIT,               \
+                                 NULL, 0                ,               \
                                 PSA_PAKE_ROLE_NONE, {0}, 0, 0,         \
                                 {.dummy = 0}}
 #else
@ -1920,7 +1920,8 @@ struct psa_pake_operation_s
 #if defined(MBEDTLS_PSA_BUILTIN_PAKE)
    unsigned int MBEDTLS_PRIVATE(input_step);
    unsigned int MBEDTLS_PRIVATE(output_step);
-    mbedtls_svc_key_id_t MBEDTLS_PRIVATE(password);
+    uint8_t* MBEDTLS_PRIVATE(password_data);
+    size_t MBEDTLS_PRIVATE(password_bytes);
    psa_pake_role_t MBEDTLS_PRIVATE(role);
    uint8_t MBEDTLS_PRIVATE(buffer[MBEDTLS_PSA_PAKE_BUFFER_SIZE]);
    size_t MBEDTLS_PRIVATE(buffer_length);