Do not encrypt CCS records According to the TLS 1.3 standard the CCS records must be unencrypted. When a record is not encrypted the counter, used in the dynamic IV creation, is not incremented. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

commit: 96ec83138540d7399d9e17a68f304425661ee9e5 [log] [tgz]
author: Gabor Mezei <gabor.mezei@arm.com> Wed Jun 22 13:17:28 2022 +0200
committer: Gabor Mezei <gabor.mezei@arm.com> Wed Jun 22 17:07:21 2022 +0200
tree: 8d150aabeb2e46820efe33024445f86304357d16
parent: 7e2dbafe2deee55a93ba1d782fe1cfdaee9aff12 [diff] [blame]
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index b1f0c90..b9a191f 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h

@@ -1271,7 +1271,8 @@
 int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl,
                                       size_t buf_len, size_t msg_len );
 
-int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush );
+int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush,
+                              int encrypt );
 int mbedtls_ssl_flush_output( mbedtls_ssl_context *ssl );
 
 int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl );
commit	96ec83138540d7399d9e17a68f304425661ee9e5	[log] [tgz]
author	Gabor Mezei <gabor.mezei@arm.com>	Wed Jun 22 13:17:28 2022 +0200
committer	Gabor Mezei <gabor.mezei@arm.com>	Wed Jun 22 17:07:21 2022 +0200
tree	8d150aabeb2e46820efe33024445f86304357d16
parent	7e2dbafe2deee55a93ba1d782fe1cfdaee9aff12 [diff] [blame]