Clarify the need for calling mbedtls_ssl_derive_keys after extension …

…parsing Use a more straightforward condition to note that session resumption is happening. Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Mbed-TLS · Jul 6, 2022 · 77473eb · 77473eb
1 parent 33b731f
commit 77473eb
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
@@ -2527,7 +2527,12 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
  }
  }
 
- if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC )
+ /*
+ * mbedtls_ssl_derive_keys() has to be called after the parsing of the
+ * extensions. It sets the transform data for the resumed session which in
+ * case of DTLS includes the server CID extracted from the CID extension.
+ */
+ if( ssl->handshake->resume )
  {
  if( ( ret = mbedtls_ssl_derive_keys( ssl ) ) != 0 )
  {