commit 8dc4ce76c748bd44a059d493ef2cfcc9ef43bb95
author Xiaokang Qian <xiaokang.qian@arm.com> Tue Feb 07 10:49:50 2023 +0000
committer Xiaokang Qian <xiaokang.qian@arm.com> Wed Feb 08 05:47:48 2023 +0000
tree aa1831f768f8799bc52c92a0874f89a66284a027
parent 6b980011e512cbf8d26f042010e478499b223308

Fix various coding style and comment issues

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>

library/ssl_tls13_client.c

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index f7f9f99..e896e82 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1266,16 +1266,16 @@
          * encrypted using a different ciphersuite than the one used for
          * the rejected early data.
          */
-
         ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(
             ssl->session_negotiate->ciphersuite);
         ssl->handshake->ciphersuite_info = ciphersuite_info;
+
         /* Enable psk and psk_ephermal to make stage early happy */
         ssl->handshake->key_exchange_mode =
             MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL;
 
         /* Start the TLS 1.3 key schedule:
-         * Set the PSK and derive early secret.
+         *     Set the PSK and derive early secret.
          */
         ret = mbedtls_ssl_tls13_key_schedule_stage_early(ssl);
         if (ret != 0) {
@@ -1926,7 +1926,11 @@
          * selected PSK:
          * - The TLS version number
          * - The selected cipher suite
-         * - The selected ALPN [RFC7301] protocol, if any (not checked yet)
+         * - The selected ALPN [RFC7301] protocol, if any
+         *
+         * We check here that when early data is involved the server
+         * selected the cipher suite associated to the pre-shared key
+         * as it must have.
          */
         MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
                                      MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);