From 9f92695c8d0c53ba1cb78f94c7ad684d6971e678 Mon Sep 17 00:00:00 2001
From: Pengyu Lv <pengyu.lv@arm.com>
Date: Thu, 17 Nov 2022 15:22:33 +0800
Subject: [PATCH] tls13: set key exchange mode in ticket_flags on client/server

Set the ticket_flags when:
  - server: preparing NST (new session ticket) message
  - client: postprocessing NST message

Clear the ticket_flags when:
  - server: preparing NST message
  - client: parsing NST message

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
---
 library/ssl_tls13_client.c | 9 +++++++++
 library/ssl_tls13_server.c | 7 +++++++
 2 files changed, 16 insertions(+)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 291a4cff65..e824a5431a 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -2618,6 +2618,10 @@ static int ssl_tls13_parse_new_session_ticket(mbedtls_ssl_context *ssl,
     session->ticket = ticket;
     session->ticket_len = ticket_len;
 
+    /* Clear all flags in ticket_flags */
+    mbedtls_ssl_tls13_session_clear_ticket_flags(session,
+                                                 MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
+
     MBEDTLS_SSL_CHK_BUF_READ_PTR(p, end, 2);
     extensions_len = MBEDTLS_GET_UINT16_BE(p, 0);
     p += 2;
@@ -2701,6 +2705,11 @@ static int ssl_tls13_postprocess_new_session_ticket(mbedtls_ssl_context *ssl,
                           session->resumption_key,
                           session->resumption_key_len);
 
+    /* Set ticket_flags depends on the selected key exchange modes */
+    mbedtls_ssl_tls13_session_set_ticket_flags(session,
+                                               ssl->conf->tls13_kex_modes);
+    MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);
+
     return 0;
 }
 
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 980c2255b0..f951813de5 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -2604,6 +2604,13 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
     session->start = mbedtls_time(NULL);
 #endif
 
+    /* Set ticket_flags depends on the advertised psk key exchange mode */
+    mbedtls_ssl_tls13_session_clear_ticket_flags(session,
+                                                 MBEDTLS_SSL_TLS1_3_TICKET_FLAGS_MASK);
+    mbedtls_ssl_tls13_session_set_ticket_flags(session,
+                                               ssl->handshake->tls13_kex_modes);
+    MBEDTLS_SSL_DEBUG_TICKET_FLAGS(4, session->ticket_flags);
+
     /* Generate ticket_age_add */
     if ((ret = ssl->conf->f_rng(ssl->conf->p_rng,
                                 (unsigned char *) &session->ticket_age_add,