commit 799077177b20f0a563eff235159792d96e0649cc
author Ronald Cron <ronald.cron@arm.com> Wed Jul 20 17:05:29 2022 +0200
committer Ronald Cron <ronald.cron@arm.com> Wed Jul 20 17:49:58 2022 +0200
tree 3c308d6fa73b6f6b152f5917e0b810e0e3e33aa6
parent 853854958fe926c896734b5a5df79dea63bb6628

TLS 1.3: Use selected key exchange mode field

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/ssl_tls13_server.c

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 7c28c57..02a2850 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -397,7 +397,7 @@
     if( !ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( ssl ) )
         return( 0 );
 
-    ssl->handshake->tls13_kex_modes =
+    ssl->handshake->key_exchange_mode =
         MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
     return( 1 );
 }
@@ -1167,7 +1167,7 @@
      * of the HRR is then to transmit a cookie to force the client to demonstrate
      * reachability at their apparent network address (primarily useful for DTLS).
      */
-    if( ! mbedtls_ssl_tls13_some_ephemeral_enabled( ssl ) )
+    if( ! mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral( ssl ) )
         return( 0 );
 
     /* We should only send the key_share extension if the client's initial
@@ -1555,7 +1555,7 @@
                               ssl, buf_len, msg_len ) );
 
 #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-    if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
+    if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
         mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
     else
         mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );