lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

test: pake: modify opaque key verification before destruction

Browse Source 
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit is contained in:
Valerio Setti
2022-12-12 11:59:25 +01:00
parent 31e99bb0c7
commit 785116a5be
3 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
programs/ssl/ssl_server2.c
View File

@ -4443,10 +4443,16 @@ exit:
* In case opaque keys it's the user responsibility to keep the key valid
* for the duration of the handshake and destroy it at the end
*/
if( ( opt.ecjpake_pw_opaque != DFL_ECJPAKE_PW_OPAQUE ) &&
( ! mbedtls_svc_key_id_is_null( ecjpake_pw_slot ) ) )
if( ( opt.ecjpake_pw_opaque != DFL_ECJPAKE_PW_OPAQUE ) )
{
psa_destroy_key( ecjpake_pw_slot );
psa_key_attributes_t check_attributes = PSA_KEY_ATTRIBUTES_INIT;
/* Verify that the key is still valid before destroying it */
if( psa_get_key_attributes( ecjpake_pw_slot, &check_attributes ) ==
PSA_SUCCESS )
{
psa_destroy_key( ecjpake_pw_slot );
}
}
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED && MBEDTLS_USE_PSA_CRYPTO */