move ciphersuite validation to set_session

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-09-30 09:22:21 +08:00 · 2022-09-30 09:22:21 +08:00 · 19ae6f62c7
commit 19ae6f62c7
parent 25ab654781
4 changed files with 56 additions and 11 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1373,6 +1373,15 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
    if( ssl->handshake->resume == 1 )
        return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );

+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+    if( session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
+        ( ( ret = mbedtls_ssl_tls13_ciphersuite_to_alg(
+                      ssl, session->ciphersuite, NULL ) ) != 0 ) )
+    {
+        return( ret );
+    }
+#endif
+
    if( ( ret = mbedtls_ssl_session_copy( ssl->session_negotiate,
                                          session ) ) != 0 )
        return( ret );