Async callback: use mbedtls_pk_check_pair to compare keys
In the current test code, the object that is used as a public key in the certificate also contains a private key. However this is because of the way the stest code is built and does not demonstrate the API in a useful way. Use mbedtls_pk_check_pair, which is not what real-world code would do (since the private key would typically be in an external cryptoprocessor) but is a more representative placeholder.
This commit is contained in:
parent
a668c60186
commit
3dae1cfa3a
1 changed files with 6 additions and 3 deletions
|
@ -963,11 +963,14 @@ static int ssl_async_start( mbedtls_ssl_context *ssl,
|
|||
mbedtls_printf( "Async %s callback: looking for DN=%s\n", op_name, dn );
|
||||
}
|
||||
|
||||
/* Look for a private key that matches the public key in cert.
|
||||
* Since this test code has the private key inside Mbed TLS,
|
||||
* we call mbedtls_pk_check_pair to match a private key with the
|
||||
* public key. */
|
||||
for( slot = 0; slot < config_data->slots_used; slot++ )
|
||||
{
|
||||
if( memcmp( &config_data->slots[slot].cert->pk,
|
||||
&cert->pk,
|
||||
sizeof( cert->pk ) ) == 0 )
|
||||
if( mbedtls_pk_check_pair( &cert->pk,
|
||||
config_data->slots[slot].pk ) == 0 )
|
||||
break;
|
||||
}
|
||||
if( slot == config_data->slots_used )
|
||||
|
|
Loading…
Reference in a new issue