ssl_pick_cert: use the public key for can_do This is in preparation for support of external private key operations, where there is no private key object.

commit: e198df53a070da3e29707fd16c5736811a2b1415 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri Jan 05 21:17:45 2018 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue Apr 24 09:32:29 2018 +0200
tree: b28c267c6f794582465e90573e75aedc18a75e4c
parent: 9eb5e9a16ea7a5f639bb948ac6089457c5fcf6c2 [diff] [blame]
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 70fe13d..2034d75 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c

@@ -707,7 +707,7 @@
         MBEDTLS_SSL_DEBUG_CRT( 3, "candidate certificate chain, certificate",
                           cur->cert );
 
-        if( ! mbedtls_pk_can_do( cur->key, pk_alg ) )
+        if( ! mbedtls_pk_can_do( &cur->cert->pk, pk_alg ) )
         {
             MBEDTLS_SSL_DEBUG_MSG( 3, ( "certificate mismatch: key type" ) );
             continue;
commit	e198df53a070da3e29707fd16c5736811a2b1415	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Jan 05 21:17:45 2018 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Apr 24 09:32:29 2018 +0200
tree	b28c267c6f794582465e90573e75aedc18a75e4c
parent	9eb5e9a16ea7a5f639bb948ac6089457c5fcf6c2 [diff] [blame]