lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

ssl_tls.c: Fix PSA ECDH private key destruction

Browse Source 
In TLS 1.3, a PSA ECDH private key may be created
even if MBEDTLS_SSL_USA_PSA_CRYPTO is disabled. We
must destroy this key if still referenced by an
handshake context when we free such context.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
2022-03-15 10:42:41 +01:00
parent 5b98ac9c64
commit f12b81d387
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
library/ssl_tls.c
View File

@ -3111,8 +3111,8 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
mbedtls_ssl_buffering_free( ssl ); mbedtls_ssl_buffering_free( ssl );
#endif /* MBEDTLS_SSL_PROTO_DTLS */ #endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_ECDH_C) && \ #if defined(MBEDTLS_ECDH_C) && \
defined(MBEDTLS_USE_PSA_CRYPTO) ( defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) )
psa_destroy_key( handshake->ecdh_psa_privkey ); psa_destroy_key( handshake->ecdh_psa_privkey );
#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */