From 77b69ab971f6236f10d54ce30bad7db4f098509e Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Fri, 4 Mar 2022 14:35:13 +0100 Subject: [PATCH] Remove non-PSA MAC key in mbedtls_ssl_cookie_ctx Signed-off-by: Neil Armstrong --- include/mbedtls/ssl_cookie.h | 3 ++- library/ssl_cookie.c | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h index b39c09a965..723a13e5ec 100644 --- a/include/mbedtls/ssl_cookie.h +++ b/include/mbedtls/ssl_cookie.h @@ -56,8 +56,9 @@ typedef struct mbedtls_ssl_cookie_ctx #if defined(MBEDTLS_USE_PSA_CRYPTO) mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac); /*!< key id for the HMAC portion */ psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */ -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#else mbedtls_md_context_t MBEDTLS_PRIVATE(hmac_ctx); /*!< context for the HMAC portion */ +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if !defined(MBEDTLS_HAVE_TIME) unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */ #endif diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c index e3a7f3d99d..ee8cc171d7 100644 --- a/library/ssl_cookie.c +++ b/library/ssl_cookie.c @@ -70,8 +70,9 @@ void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) ctx->psa_hmac = MBEDTLS_SVC_KEY_ID_INIT; -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#else mbedtls_md_init( &ctx->hmac_ctx ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if !defined(MBEDTLS_HAVE_TIME) ctx->serial = 0; #endif @@ -91,8 +92,9 @@ void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx ) { #if defined(MBEDTLS_USE_PSA_CRYPTO) psa_destroy_key( ctx->psa_hmac ); -#endif /* MBEDTLS_USE_PSA_CRYPTO */ +#else mbedtls_md_free( &ctx->hmac_ctx ); +#endif /* MBEDTLS_USE_PSA_CRYPTO */ #if defined(MBEDTLS_THREADING_C) mbedtls_mutex_free( &ctx->mutex );