From 54f0ecb5363995decd1a9985a1525c88a80c0679 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Fri, 16 Jan 2026 19:59:10 +0000
Subject: [PATCH] Fix for ephemeral key usage limit.

---
 wolfcrypt/src/port/st/stsafe.c     | 2 +-
 wolfssl/wolfcrypt/port/st/stsafe.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/wolfcrypt/src/port/st/stsafe.c b/wolfcrypt/src/port/st/stsafe.c
index 7508efde2..2e498228a 100644
--- a/wolfcrypt/src/port/st/stsafe.c
+++ b/wolfcrypt/src/port/st/stsafe.c
@@ -1879,7 +1879,7 @@ int wolfSSL_STSAFE_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
 
                         ret = stse_generate_ecc_key_pair(&g_stse_handler, slot,
                             (stse_ecc_key_type_t)curve_id,
-                            STSAFEA_EPHEMERAL_KEY_USAGE_LIMIT,
+                            STSAFE_EPHEMERAL_KEY_USAGE_LIMIT,
                             ephemeralPubKey);
                         if (ret != STSE_OK) {
                             STSAFE_INTERFACE_PRINTF("stse_generate_ecc_key_pair (ephemeral for ECDH) error: %d\n", ret);
diff --git a/wolfssl/wolfcrypt/port/st/stsafe.h b/wolfssl/wolfcrypt/port/st/stsafe.h
index 49d61043c..322ef729c 100644
--- a/wolfssl/wolfcrypt/port/st/stsafe.h
+++ b/wolfssl/wolfcrypt/port/st/stsafe.h
@@ -94,7 +94,7 @@
 
     /* Key usage limits */
     #define STSAFE_PERSISTENT_KEY_USAGE_LIMIT  255  /* Usage limit for persistent keys in slot 1 */
-    #define STSAFE_EPHEMERAL_KEY_USAGE_LIMIT   255  /* Usage limit for ephemeral keys in slot 0xFF */
+    #define STSAFE_EPHEMERAL_KEY_USAGE_LIMIT   1    /* Usage limit for ephemeral keys in slot 0xFF */
 
     /* Hash types - must match stse_hash_algorithm_t values in STSELib */
     #define STSAFE_HASH_SHA256          0  /* STSE_SHA_256 */