From 43a83f247cdf787d5a0e46d14834389affe0ef2b Mon Sep 17 00:00:00 2001 From: Xiaokang Qian Date: Fri, 6 Jan 2023 06:02:54 +0000 Subject: [PATCH] Move the place where call set_outbound_transform to switch handshake key Signed-off-by: Xiaokang Qian --- library/ssl_tls13_client.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index b154835a3d..cd36ea8672 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2235,9 +2235,11 @@ static int ssl_tls13_write_end_of_early_data(mbedtls_ssl_context *ssl) MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg(ssl, buf_len, 0)); - /* Switch outbound back to handshake key after end_of_early_data */ - mbedtls_ssl_set_outbound_transform( - ssl, ssl->handshake->transform_handshake); + /* TODO: Currently switch outbound back to handshake key in the case of + * MBEDTLS_SSL_CLIENT_CERTIFICATE. If we refine the coordinate function + * of client certificate state machine, we have to move the switch + * outbound function. + */ mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);