From 51aa52eba4d9b53ddcc1f39d297d0d78b8ef61a4 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Wed, 24 May 2023 12:37:50 +0200 Subject: [PATCH] pk: fix key properties when importing private key Signed-off-by: Valerio Setti --- library/pkparse.c | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/library/pkparse.c b/library/pkparse.c index 18b40ceb84..e70953e9af 100644 --- a/library/pkparse.c +++ b/library/pkparse.c @@ -642,16 +642,9 @@ static int pk_parse_key_rfc8410_der(mbedtls_pk_context *pk, psa_status_t status; psa_set_key_type(&attributes, PSA_KEY_TYPE_ECC_KEY_PAIR(pk->ec_family)); - /* Setting largest masks for usage and key algorithms */ - psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | - PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_EXPORT); -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) - psa_set_key_algorithm(&attributes, - PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); -#else - psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); -#endif + psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_EXPORT | + PSA_KEY_USAGE_DERIVE); + psa_set_key_algorithm(&attributes, PSA_ALG_ECDH); status = psa_import_key(&attributes, key, len, &pk->priv_id); if (status != PSA_SUCCESS) { @@ -1304,13 +1297,14 @@ static int pk_parse_key_sec1_der(mbedtls_pk_context *pk, /* Setting largest masks for usage and key algorithms */ psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_SIGN_MESSAGE | - PSA_KEY_USAGE_EXPORT); + PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_DERIVE); #if defined(MBEDTLS_ECDSA_DETERMINISTIC) psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_ANY_HASH)); #else psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(PSA_ALG_ANY_HASH)); #endif + psa_set_key_enrollment_algorithm(&attributes, PSA_ALG_ECDH); status = psa_import_key(&attributes, priv_key_raw, priv_key_len, &pk->priv_id);