Add PSA key in mbedtls_ssl_cookie_ctx
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index 34452aa..b39c09a 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -53,6 +53,10 @@
*/
typedef struct mbedtls_ssl_cookie_ctx
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac); /*!< key id for the HMAC portion */
+ psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_md_context_t MBEDTLS_PRIVATE(hmac_ctx); /*!< context for the HMAC portion */
#if !defined(MBEDTLS_HAVE_TIME)
unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 358169e..9f27a87 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -68,6 +68,9 @@
void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ ctx->psa_hmac = MBEDTLS_SVC_KEY_ID_INIT;
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_md_init( &ctx->hmac_ctx );
#if !defined(MBEDTLS_HAVE_TIME)
ctx->serial = 0;
@@ -86,6 +89,9 @@
void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx )
{
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ psa_destroy_key( ctx->psa_hmac );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
mbedtls_md_free( &ctx->hmac_ctx );
#if defined(MBEDTLS_THREADING_C)