From d2542dcf386e79441f0475b274fb573ecf92559b Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Thu, 21 May 2020 13:39:17 +0200
Subject: [PATCH] Restore StoreKeys functionality for TLS case

---
 src/keys.c | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/keys.c b/src/keys.c
index 0545d6507..2c7bfae69 100644
--- a/src/keys.c
+++ b/src/keys.c
@@ -3236,18 +3236,19 @@ int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side)
 #endif
 
 #ifdef HAVE_SECURE_RENEGOTIATION
-    if (ssl->options.dtls &&
-            ssl->secure_renegotiation &&
+    if (ssl->secure_renegotiation &&
             ssl->secure_renegotiation->cache_status == SCR_CACHE_NEEDED) {
         keys = &ssl->secure_renegotiation->tmp_keys;
 #ifdef WOLFSSL_DTLS
-        /* epoch is incremented after StoreKeys is called */
-        ssl->secure_renegotiation->tmp_keys.dtls_epoch = ssl->keys.dtls_epoch + 1;
-        /* we only need to copy keys on second and future renegotiations */
-        if (ssl->keys.dtls_epoch > 1)
-            scr_copy = 1;
-        ssl->encrypt.src = KEYS_NOT_SET;
-        ssl->decrypt.src = KEYS_NOT_SET;
+        if (ssl->options.dtls) {
+            /* epoch is incremented after StoreKeys is called */
+            ssl->secure_renegotiation->tmp_keys.dtls_epoch = ssl->keys.dtls_epoch + 1;
+            /* we only need to copy keys on second and future renegotiations */
+            if (ssl->keys.dtls_epoch > 1)
+                scr_copy = 1;
+            ssl->encrypt.src = KEYS_NOT_SET;
+            ssl->decrypt.src = KEYS_NOT_SET;
+        }
 #endif
         CacheStatusPP(ssl->secure_renegotiation);
     }