From ac4c625dead70e4930a78116cdf7897fe8e0902e Mon Sep 17 00:00:00 2001
From: Xiaokang Qian <xiaokang.qian@arm.com>
Date: Mon, 6 Feb 2023 10:15:00 +0000
Subject: [PATCH] Add hash check of ciphersuite for ticket psk

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
---
 library/ssl_tls13_client.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 68bea23a5..623849940 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1107,6 +1107,16 @@ static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl,
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
     if (selected_identity == 0 && ssl_tls13_has_configured_ticket(ssl)) {
         ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len);
+        if (mbedtls_psa_translate_md(ssl->handshake->ciphersuite_info->mac)
+            != hash_alg) {
+            MBEDTLS_SSL_DEBUG_MSG(
+                1, ("Invalid ciphersuite for ticket psk."));
+
+            MBEDTLS_SSL_PEND_FATAL_ALERT(
+                MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
+                MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
+        }
     } else
 #endif
     if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) {