mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 11:40:53 +02:00
Merge pull request #10446 from kaleb-himes/quickfix
Fix private key lock issues in master
This commit is contained in:
+8
-1
@@ -31059,11 +31059,18 @@ static int DecodePrivateKey_ex(WOLFSSL *ssl, byte keyType, const DerBuffer* key,
|
||||
|
||||
/* Set start of data to beginning of buffer. */
|
||||
idx = 0;
|
||||
/* Decode the key assuming it is a Dilithium private key. */
|
||||
/* Decode the key assuming it is a Dilithium private key. The FIPS
|
||||
* wrapper for wc_dilithium_import_private gates on the per-thread
|
||||
* privateKeyReadEnable flag, which is unset by default in any
|
||||
* thread that hasn't called PRIVATE_KEY_UNLOCK(). Without the
|
||||
* bracket, decoding a Dilithium/ML-DSA private key from a
|
||||
* handshake worker thread fails with FIPS_PRIVATE_KEY_LOCKED_E. */
|
||||
PRIVATE_KEY_UNLOCK();
|
||||
ret = wc_Dilithium_PrivateKeyDecode(key->buffer,
|
||||
&idx,
|
||||
(dilithium_key*)*hsKey,
|
||||
key->length);
|
||||
PRIVATE_KEY_LOCK();
|
||||
if (ret == 0) {
|
||||
WOLFSSL_MSG("Using Dilithium private key");
|
||||
|
||||
|
||||
+8
-1
@@ -956,10 +956,17 @@ static int ProcessBufferTryDecodeDilithium(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
|
||||
/* Initialize Dilithium key. */
|
||||
ret = wc_dilithium_init(key);
|
||||
if (ret == 0) {
|
||||
/* Decode as a Dilithium private key. */
|
||||
/* Decode as a Dilithium private key. The FIPS wrapper for
|
||||
* wc_dilithium_import_private gates on the per-thread
|
||||
* privateKeyReadEnable flag, which is unset by default in any
|
||||
* thread that hasn't called PRIVATE_KEY_UNLOCK(). Without the
|
||||
* bracket, loading a Dilithium/ML-DSA private key from a
|
||||
* worker thread fails with FIPS_PRIVATE_KEY_LOCKED_E. */
|
||||
idx = 0;
|
||||
PRIVATE_KEY_UNLOCK();
|
||||
ret = wc_Dilithium_PrivateKeyDecode(der->buffer, &idx, key,
|
||||
der->length);
|
||||
PRIVATE_KEY_LOCK();
|
||||
if (ret == 0) {
|
||||
ret = dilithium_get_oid_sum(key, &keyFormatTemp);
|
||||
if (ret == 0) {
|
||||
|
||||
Reference in New Issue
Block a user