commit 853854958fe926c896734b5a5df79dea63bb6628
author Ronald Cron <ronald.cron@arm.com> Wed Jul 20 16:44:00 2022 +0200
committer Ronald Cron <ronald.cron@arm.com> Wed Jul 20 17:49:22 2022 +0200
tree bdae5670f5fe5adca426a7f1e161b4220fa98939
parent 7f9ccfeccce3b5e2e729f73152c2e53f1b5269bb

TLS 1.3: Add selected key exchange mode field

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/ssl_misc.h

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 39a47ca..2ad5965 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -611,7 +611,8 @@
      * Handshake specific crypto variables
      */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
+    uint8_t key_exchange_mode; /*!< Selected key exchange mode */
+    uint8_t tls13_kex_modes;   /*!< key exchange modes for TLS 1.3 */
 
     /** Number of HelloRetryRequest messages received/sent from/to the server. */
     int hello_retry_request_count;
@@ -1817,6 +1818,29 @@
 }
 
 /*
+ * Helper functions to check the selected key exchange mode.
+ */
+static inline int mbedtls_ssl_tls13_key_exchange_mode_check(
+    mbedtls_ssl_context *ssl, int kex_mask )
+{
+    return( ( ssl->handshake->key_exchange_mode & kex_mask ) != 0 );
+}
+
+static inline int mbedtls_ssl_tls13_key_exchange_mode_with_psk(
+    mbedtls_ssl_context *ssl )
+{
+    return( mbedtls_ssl_tls13_key_exchange_mode_check( ssl,
+                   MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
+}
+
+static inline int mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral(
+    mbedtls_ssl_context *ssl )
+{
+    return( mbedtls_ssl_tls13_key_exchange_mode_check( ssl,
+                   MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
+}
+
+/*
  * Fetch TLS 1.3 handshake message header
  */
 MBEDTLS_CHECK_RETURN_CRITICAL