Add, Initialize & Free HMAC keys in mbedtls_ssl_transform
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 0656439..73504a6 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -948,6 +948,12 @@
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ mbedtls_svc_key_id_t psa_mac_enc; /*!< MAC (encryption) */
+ mbedtls_svc_key_id_t psa_mac_dec; /*!< MAC (decryption) */
+ psa_algorithm_t psa_mac_alg; /*!< psa MAC algorithm */
+#endif
+
mbedtls_md_context_t md_ctx_enc; /*!< MAC (encryption) */
mbedtls_md_context_t md_ctx_dec; /*!< MAC (decryption) */
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 5f80ed5..8a71a19 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5611,6 +5611,10 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_destroy_key( transform->psa_mac_enc );
+ psa_destroy_key( transform->psa_mac_dec );
+#endif
mbedtls_md_free( &transform->md_ctx_enc );
mbedtls_md_free( &transform->md_ctx_dec );
#endif
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index adb18ab..e8d7d88 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -610,6 +610,10 @@
#endif
#if defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ transform->psa_mac_enc = MBEDTLS_SVC_KEY_ID_INIT;
+ transform->psa_mac_dec = MBEDTLS_SVC_KEY_ID_INIT;
+#endif
mbedtls_md_init( &transform->md_ctx_enc );
mbedtls_md_init( &transform->md_ctx_dec );
#endif