yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

ssl_tls.c: Use ETM status only in CBC mode case

Browse source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-03-25 14:36:28 +01:00
parent 862902dd57
commit fb39f15fa1
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
library/ssl_tls.c
View file

@ -7450,9 +7450,9 @@ static int ssl_tls12_populate_transform( mbedtls_ssl_transform *transform,
goto end;
}
if( ( transform->psa_alg == MBEDTLS_SSL_NULL_CIPHER ||
transform->psa_alg == PSA_ALG_CBC_NO_PADDING ) &&
transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED )
if( ( transform->psa_alg == MBEDTLS_SSL_NULL_CIPHER ) ||
( ( transform->psa_alg == PSA_ALG_CBC_NO_PADDING ) &&
( transform->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED ) ) )
/* mbedtls_ct_hmac() requires the key to be exportable */
psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT |
PSA_KEY_USAGE_VERIFY_HASH );