tls13: early_data: cli: check a PSK has been selected in EE

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit is contained in:
Yanray Wang 2023-12-01 22:33:59 +08:00
parent 9ae6534c20
commit 744577a429

View file

@ -2187,12 +2187,14 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
* check here that the additional constraints on the handshake * check here that the additional constraints on the handshake
* parameters, when early data are exchanged, are met, * parameters, when early data are exchanged, are met,
* namely: * namely:
* - a PSK has been selected for the handshake
* - the selected PSK for the handshake was the first one proposed * - the selected PSK for the handshake was the first one proposed
* by the client. * by the client.
* - the selected ciphersuite for the handshake is the ciphersuite * - the selected ciphersuite for the handshake is the ciphersuite
* associated with the selected PSK. * associated with the selected PSK.
*/ */
if (handshake->selected_identity != 0 || if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) ||
handshake->selected_identity != 0 ||
handshake->ciphersuite_info->id != handshake->ciphersuite_info->id !=
ssl->session_negotiate->ciphersuite) { ssl->session_negotiate->ciphersuite) {