commit 75fe8c7e548f4159d3cd5ec2199a1be3e27aa205
author XiaokangQian <xiaokang.qian@arm.com> Wed Jun 15 09:42:45 2022 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Wed Jun 15 09:42:45 2022 +0000
tree 13ae92327d826d1603a5b51f00b82c0c8900f5b9
parent fb665a8452982e92dfd8011fe0d80b78a614defe

Change place of ssl_tls13_check_ephemeral_key_exchange

Change-Id: Id49172f7375e2a0771ad1216fb7eead808f0db3e
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls13_server.c

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index e4ca6aa..6527e21 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -392,7 +392,7 @@
             {
                 ssl->handshake->key_cert = key_cert;
                 MBEDTLS_SSL_DEBUG_CRT(
-                        3, "selected certificate chain, certificate",
+                        3, "selected certificate (chain)",
                         ssl->handshake->key_cert->cert );
                 return( 0 );
             }
@@ -769,10 +769,18 @@
     ssl_tls13_debug_print_client_hello_exts( ssl );
 #endif /* MBEDTLS_DEBUG_C */
 
+    return( hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK );
+}
+
+/* Update the handshake state machine */
+
+static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
+{
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
     /*
      * Here we only support the ephemeral or (EC)DHE key echange mode
      */
-
     if( !ssl_tls13_check_ephemeral_key_exchange( ssl ) )
     {
         MBEDTLS_SSL_DEBUG_MSG(
@@ -783,15 +791,6 @@
         return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
     }
 
-    return( hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK );
-}
-
-/* Update the handshake state machine */
-
-static int ssl_tls13_postprocess_client_hello( mbedtls_ssl_context* ssl )
-{
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
     /*
      * Server certificate selection
      */