From 35da9a2f2efae290d1e54e7a27f76c310b5fa86c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Fri, 29 Jun 2018 19:17:49 +0200 Subject: [PATCH] In psa_asymmetric_encrypt, allow public keys The code was accepting key pairs only, even though encryption doesn't require the private key. --- library/psa_crypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index af0b2f61a..a1b8104f7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2115,7 +2115,8 @@ psa_status_t psa_asymmetric_encrypt( psa_key_slot_t key, status = psa_get_key_from_slot( key, &slot, PSA_KEY_USAGE_ENCRYPT, alg ); if( status != PSA_SUCCESS ) return( status ); - if( ! PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) + if( ! ( PSA_KEY_TYPE_IS_PUBLIC_KEY( slot->type ) || + PSA_KEY_TYPE_IS_KEYPAIR( slot->type ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); #if defined(MBEDTLS_RSA_C)