tls13: early_data: cli: check a PSK has been selected in EE
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit is contained in:
parent
9ae6534c20
commit
744577a429
1 changed files with 3 additions and 1 deletions
|
@ -2187,12 +2187,14 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
|
||||||
* check here that the additional constraints on the handshake
|
* check here that the additional constraints on the handshake
|
||||||
* parameters, when early data are exchanged, are met,
|
* parameters, when early data are exchanged, are met,
|
||||||
* namely:
|
* namely:
|
||||||
|
* - a PSK has been selected for the handshake
|
||||||
* - the selected PSK for the handshake was the first one proposed
|
* - the selected PSK for the handshake was the first one proposed
|
||||||
* by the client.
|
* by the client.
|
||||||
* - the selected ciphersuite for the handshake is the ciphersuite
|
* - the selected ciphersuite for the handshake is the ciphersuite
|
||||||
* associated with the selected PSK.
|
* associated with the selected PSK.
|
||||||
*/
|
*/
|
||||||
if (handshake->selected_identity != 0 ||
|
if ((!mbedtls_ssl_tls13_key_exchange_mode_with_psk(ssl)) ||
|
||||||
|
handshake->selected_identity != 0 ||
|
||||||
handshake->ciphersuite_info->id !=
|
handshake->ciphersuite_info->id !=
|
||||||
ssl->session_negotiate->ciphersuite) {
|
ssl->session_negotiate->ciphersuite) {
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue