From 06b364fdfd9a1816abaef3de336a4c701e760b3a Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 18 Oct 2023 11:22:50 +0800
Subject: [PATCH 1/3] fix miss sent extensions mask

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_tls13_client.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index c6fa3b3909..90f54f94b8 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1022,6 +1022,8 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext(
 
     MBEDTLS_SSL_DEBUG_BUF(3, "pre_shared_key identities", buf, p - buf);
 
+    mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY);
+
     return 0;
 }
 

From 1ccd6108e81e35cf2522af7e9ce40c65ad4d0c47 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 7 Nov 2023 14:57:12 +0800
Subject: [PATCH 2/3] Revert "fix miss sent extensions mask"

This reverts commit 06b364fdfd9a1816abaef3de336a4c701e760b3a.

It has been set in write_binders

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_tls13_client.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 90f54f94b8..c6fa3b3909 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1022,8 +1022,6 @@ int mbedtls_ssl_tls13_write_identities_of_pre_shared_key_ext(
 
     MBEDTLS_SSL_DEBUG_BUF(3, "pre_shared_key identities", buf, p - buf);
 
-    mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY);
-
     return 0;
 }
 

From 7cca7f68207036bcb095abff2bf53473bfab5d80 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Tue, 7 Nov 2023 15:00:32 +0800
Subject: [PATCH 3/3] move ext print to the end of write client hello

pre_shared_key extension is done at the end. The
information should be print after that

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_client.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/library/ssl_client.c b/library/ssl_client.c
index 1a56f1ebe8..656a6eb0b6 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -705,11 +705,6 @@ static int ssl_write_client_hello_body(mbedtls_ssl_context *ssl,
                               p_extensions_len, extensions_len);
     }
 
-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    MBEDTLS_SSL_PRINT_EXTS(
-        3, MBEDTLS_SSL_HS_CLIENT_HELLO, handshake->sent_extensions);
-#endif
-
     *out_len = p - buf;
     return 0;
 }
@@ -1021,6 +1016,11 @@ int mbedtls_ssl_write_client_hello(mbedtls_ssl_context *ssl)
 #endif
     }
 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+    MBEDTLS_SSL_PRINT_EXTS(
+        3, MBEDTLS_SSL_HS_CLIENT_HELLO, ssl->handshake->sent_extensions);
+#endif
+
 cleanup:
 
     MBEDTLS_SSL_DEBUG_MSG(2, ("<= write client hello"));