mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-29 11:41:15 +03:00
Do not zeroize the ssl context if a key exporting function is set
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
Andrzej Kurek
@ -695,8 +695,11 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
|
|||||||
|
|
||||||
#if !defined(MBEDTLS_DEBUG_C) && \
|
#if !defined(MBEDTLS_DEBUG_C) && \
|
||||||
!defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
!defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||||
ssl = NULL; /* make sure we don't use it except for these cases */
|
if( ssl->f_export_keys == NULL )
|
||||||
(void) ssl;
|
{
|
||||||
|
ssl = NULL; /* make sure we don't use it except for these cases */
|
||||||
|
(void) ssl;
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -959,7 +962,7 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
|
|||||||
((void) mac_dec);
|
((void) mac_dec);
|
||||||
((void) mac_enc);
|
((void) mac_enc);
|
||||||
|
|
||||||
if( ssl->f_export_keys != NULL )
|
if( ssl != NULL && ssl->f_export_keys != NULL )
|
||||||
{
|
{
|
||||||
ssl->f_export_keys( ssl->p_export_keys,
|
ssl->f_export_keys( ssl->p_export_keys,
|
||||||
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET,
|
MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET,
|
||||||
|
|||||||
Reference in New Issue
Block a user