From 72637c734bd98bbd5040f506710250673efd8977 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Sat, 29 Jan 2022 17:10:19 +0800
Subject: [PATCH] fix write certificate fail

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_tls13_client.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index db9b762961..cdb41f0de3 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1970,8 +1970,13 @@ static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl )
 {
     int ret;
 
-    mbedtls_ssl_set_outbound_transform( ssl, ssl->handshake->transform_handshake );
-
+    if( !ssl->handshake->client_auth )
+    {
+        MBEDTLS_SSL_DEBUG_MSG( 1,
+                  ( "Switch to handshake traffic keys for outbound traffic" ) );
+        mbedtls_ssl_set_outbound_transform( ssl,
+                                        ssl->handshake->transform_handshake );
+    }
     ret = mbedtls_ssl_tls13_write_finished_message( ssl );
     if( ret != 0 )
         return( ret );