Remove non-PSA MAC key in mbedtls_ssl_cookie_ctx
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
diff --git a/include/mbedtls/ssl_cookie.h b/include/mbedtls/ssl_cookie.h
index b39c09a..723a13e 100644
--- a/include/mbedtls/ssl_cookie.h
+++ b/include/mbedtls/ssl_cookie.h
@@ -56,8 +56,9 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(psa_hmac); /*!< key id for the HMAC portion */
psa_algorithm_t MBEDTLS_PRIVATE(psa_hmac_alg); /*!< key algorithm for the HMAC portion */
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#else
mbedtls_md_context_t MBEDTLS_PRIVATE(hmac_ctx); /*!< context for the HMAC portion */
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if !defined(MBEDTLS_HAVE_TIME)
unsigned long MBEDTLS_PRIVATE(serial); /*!< serial number for expiration */
#endif
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index e3a7f3d..ee8cc17 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -70,8 +70,9 @@
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
ctx->psa_hmac = MBEDTLS_SVC_KEY_ID_INIT;
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#else
mbedtls_md_init( &ctx->hmac_ctx );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if !defined(MBEDTLS_HAVE_TIME)
ctx->serial = 0;
#endif
@@ -91,8 +92,9 @@
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( ctx->psa_hmac );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#else
mbedtls_md_free( &ctx->hmac_ctx );
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &ctx->mutex );