ssl_tls.c: Fix PSA ECDH private key destruction
In TLS 1.3, a PSA ECDH private key may be created even if MBEDTLS_SSL_USA_PSA_CRYPTO is disabled. We must destroy this key if still referenced by an handshake context when we free such context. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
5b98ac9c64
commit
f12b81d387
1 changed files with 2 additions and 2 deletions
|
@ -3112,7 +3112,7 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
|
||||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECDH_C) && \
|
#if defined(MBEDTLS_ECDH_C) && \
|
||||||
defined(MBEDTLS_USE_PSA_CRYPTO)
|
( defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3) )
|
||||||
psa_destroy_key( handshake->ecdh_psa_privkey );
|
psa_destroy_key( handshake->ecdh_psa_privkey );
|
||||||
#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_ECDH_C && MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue