@@ -3272,10 +3272,14 @@ static int DoKexDhReply(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
32723272 if (ret == 0 )
32733273 ret = wc_ecc_import_x963 (f , fSz , key_ptr );
32743274 if (ret == 0 ) {
3275+ #ifdef PRIVATE_KEY_UNLOCK
32753276 PRIVATE_KEY_UNLOCK ();
3277+ #endif
32763278 ret = wc_ecc_shared_secret (& ssh -> handshake -> privKey .ecc ,
32773279 key_ptr , ssh -> k , & ssh -> kSz );
3280+ #ifdef PRIVATE_KEY_LOCK
32783281 PRIVATE_KEY_LOCK ();
3282+ #endif
32793283 }
32803284 wc_ecc_free (key_ptr );
32813285 wc_ecc_free (& ssh -> handshake -> privKey .ecc );
@@ -7074,11 +7078,15 @@ int SendKexDhReply(WOLFSSH* ssh)
70747078 ssh -> ctx -> privateKeySz );
70757079 /* Flatten the public key into x963 value for the exchange hash. */
70767080 if (ret == 0 ) {
7081+ #ifdef PRIVATE_KEY_UNLOCK
70777082 PRIVATE_KEY_UNLOCK ();
7083+ #endif
70787084 ret = wc_ecc_export_x963 (& sigKeyBlock_ptr -> sk .ecc .key ,
70797085 sigKeyBlock_ptr -> sk .ecc .q ,
70807086 & sigKeyBlock_ptr -> sk .ecc .qSz );
7087+ #ifdef PRIVATE_KEY_LOCK
70817088 PRIVATE_KEY_LOCK ();
7089+ #endif
70827090 }
70837091 /* Hash in the length of the public key block. */
70847092 if (ret == 0 ) {
@@ -7307,15 +7315,23 @@ int SendKexDhReply(WOLFSSH* ssh)
73077315 wc_ecc_get_curve_size_from_id (primeId ),
73087316 privKey , primeId );
73097317 if (ret == 0 ) {
7318+ #ifdef PRIVATE_KEY_UNLOCK
73107319 PRIVATE_KEY_UNLOCK ();
7320+ #endif
73117321 ret = wc_ecc_export_x963 (privKey , f_ptr , & fSz );
7322+ #ifdef PRIVATE_KEY_LOCK
73127323 PRIVATE_KEY_LOCK ();
7324+ #endif
73137325 }
73147326 if (ret == 0 ) {
7327+ #ifdef PRIVATE_KEY_UNLOCK
73157328 PRIVATE_KEY_UNLOCK ();
7329+ #endif
73167330 ret = wc_ecc_shared_secret (privKey , pubKey ,
73177331 ssh -> k , & ssh -> kSz );
7332+ #ifdef PRIVATE_KEY_LOCK
73187333 PRIVATE_KEY_LOCK ();
7334+ #endif
73197335 }
73207336 wc_ecc_free (privKey );
73217337 wc_ecc_free (pubKey );
0 commit comments