Remove non-PSA MAC key in mbedtls_ssl_cookie_ctx

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2024-12-29 18:18:24 +00:00 · 2022-03-04 14:35:13 +01:00 · 2022-03-04 14:35:13 +01:00 · 77b69ab971
commit 77b69ab971
parent 23d34ce372
2 changed files with 6 additions and 3 deletions
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@ -56,8 +56,9 @@ typedef struct mbedtls_ssl_cookie_ctx
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
    mbedtls_svc_key_id_t    MBEDTLS_PRIVATE(psa_hmac);   /*!< key id for the HMAC portion   */
    psa_algorithm_t         MBEDTLS_PRIVATE(psa_hmac_alg);  /*!< key algorithm for the HMAC portion   */
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#else
    mbedtls_md_context_t    MBEDTLS_PRIVATE(hmac_ctx);   /*!< context for the HMAC portion   */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 #if !defined(MBEDTLS_HAVE_TIME)
    unsigned long   MBEDTLS_PRIVATE(serial);     /*!< serial number for expiration   */
 #endif
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@ -70,8 +70,9 @@ void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx )
 {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
    ctx->psa_hmac = MBEDTLS_SVC_KEY_ID_INIT;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#else
    mbedtls_md_init( &ctx->hmac_ctx );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
 #if !defined(MBEDTLS_HAVE_TIME)
    ctx->serial = 0;
 #endif
@ -91,8 +92,9 @@ void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx )
 {
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
    psa_destroy_key( ctx->psa_hmac );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#else
    mbedtls_md_free( &ctx->hmac_ctx );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */

 #if defined(MBEDTLS_THREADING_C)
    mbedtls_mutex_free( &ctx->mutex );