From 81d391f773a450afd09e7925b818a36409bbd85b Mon Sep 17 00:00:00 2001
From: Neil Armstrong <narmstrong@baylibre.com>
Date: Fri, 20 May 2022 09:26:16 +0200
Subject: [PATCH] Check when usage == 0 in mbedtls_pk_can_do_ext()

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
---
 library/pk.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/library/pk.c b/library/pk.c
index f25266ad12..1eab65a276 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -256,7 +256,8 @@ int mbedtls_pk_can_do_ext( const mbedtls_pk_context *ctx, psa_algorithm_t alg,
         return( 0 );
 
     /* Filter out non allowed usage flags */
-    if( ( usage & ~( PSA_KEY_USAGE_SIGN_HASH |
+    if( usage == 0 ||
+        ( usage & ~( PSA_KEY_USAGE_SIGN_HASH |
                      PSA_KEY_USAGE_DECRYPT |
                      PSA_KEY_USAGE_DERIVE ) ) != 0 )
         return( 0 );