mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-15 19:20:55 +00:00
tls: never destroy a priavte key that is not owned/created by TLS module
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
parent
0813b6f28d
commit
b46217d5c1
@ -2622,11 +2622,8 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl)
|
||||
}
|
||||
|
||||
ssl->handshake->ecdh_psa_privkey = pk->priv_id;
|
||||
|
||||
if (pk_type == MBEDTLS_PK_OPAQUE) {
|
||||
/* Key should not be destroyed in the TLS library */
|
||||
ssl->handshake->ecdh_psa_privkey_is_external = 1;
|
||||
}
|
||||
/* Key should not be destroyed in the TLS library */
|
||||
ssl->handshake->ecdh_psa_privkey_is_external = 1;
|
||||
|
||||
status = psa_get_key_attributes(ssl->handshake->ecdh_psa_privkey,
|
||||
&key_attributes);
|
||||
|
Loading…
x
Reference in New Issue
Block a user