Fix PSA crypto inconsistencies in agreement+derivation * #3742 After input of a key as SECRET in the derivation, allow the derivation result to be used as key. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

commit: 0ee0d52967ce17b66364246e29a57530a6e07632 [log] [tgz]
author: Steven Cooreman <steven.cooreman@silabs.com> Mon Oct 05 16:03:42 2020 +0200
committer: Steven Cooreman <steven.cooreman@silabs.com> Mon Oct 05 16:08:18 2020 +0200
tree: 4bdd211bb29b290bb421b5e40837fdc08c5627ad
parent: ce48e85db9d8a63922f2274064f4d1d3d127356b [diff] [blame]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 71a505c..69852fa 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -5877,6 +5877,11 @@
                                                 shared_secret,
                                                 shared_secret_length );
 
+    /* If a private key has been added as SECRET, we allow the derived
+     * key material to be used as a key in PSA Crypto. */
+    if( step == PSA_KEY_DERIVATION_INPUT_SECRET )
+        operation->can_output_key = 1;
+
 exit:
     mbedtls_platform_zeroize( shared_secret, shared_secret_length );
     return( status );
commit	0ee0d52967ce17b66364246e29a57530a6e07632	[log] [tgz]
author	Steven Cooreman <steven.cooreman@silabs.com>	Mon Oct 05 16:03:42 2020 +0200
committer	Steven Cooreman <steven.cooreman@silabs.com>	Mon Oct 05 16:08:18 2020 +0200
tree	4bdd211bb29b290bb421b5e40837fdc08c5627ad
parent	ce48e85db9d8a63922f2274064f4d1d3d127356b [diff] [blame]