From dd55b25bd52fac82f48a95dfcc7a3d8b9f29ca74 Mon Sep 17 00:00:00 2001
From: Mateusz Starzyk <mateusz.starzyk@mobica.com>
Date: Tue, 17 Aug 2021 15:24:32 +0200
Subject: [PATCH] Require MESSAGE flag in PSA MAC setup.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
---
 library/psa_crypto.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3a24bfcac..adcb0ccf2 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -2398,7 +2398,7 @@ static psa_status_t psa_mac_setup( psa_mac_operation_t *operation,
     status = psa_get_and_lock_key_slot_with_policy(
                  key,
                  &slot,
-                 is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
+                 is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE,
                  alg );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -2583,8 +2583,9 @@ static psa_status_t psa_mac_compute_internal( mbedtls_svc_key_id_t key,
     uint8_t operation_mac_size = 0;
 
     status = psa_get_and_lock_key_slot_with_policy(
-                 key, &slot,
-                 is_sign ? PSA_KEY_USAGE_SIGN_HASH : PSA_KEY_USAGE_VERIFY_HASH,
+                 key,
+                 &slot,
+                 is_sign ? PSA_KEY_USAGE_SIGN_MESSAGE : PSA_KEY_USAGE_VERIFY_MESSAGE,
                  alg );
     if( status != PSA_SUCCESS )
         goto exit;