From 80325d00cf85b7bf97882ac68d7a76b867a642c3 Mon Sep 17 00:00:00 2001 From: Neil Armstrong Date: Wed, 23 Mar 2022 14:01:56 +0100 Subject: [PATCH] Allow ECDSA PK Opaque keys for ECDH Derivation Signed-off-by: Neil Armstrong --- library/pk.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/pk.c b/library/pk.c index 7f4d5fe94..3b42799c7 100644 --- a/library/pk.c +++ b/library/pk.c @@ -735,8 +735,10 @@ int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk, /* prepare the key attributes */ psa_set_key_type( &attributes, key_type ); psa_set_key_bits( &attributes, bits ); - psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH ); + psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH | + PSA_KEY_USAGE_DERIVE); psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA(hash_alg) ); + psa_set_key_enrollment_algorithm( &attributes, PSA_ALG_ECDH ); /* import private key into PSA */ if( PSA_SUCCESS != psa_import_key( &attributes, d, d_len, key ) )