commit 2fc9a652bca2ba715e90d68b7bb0cbbd998db085
author Hanno Becker <hanno.becker@arm.com> Thu Jun 24 15:40:11 2021 +0100
committer Dave Rodgman <dave.rodgman@arm.com> Mon Jun 28 12:35:08 2021 +0100
tree bbd1cd6ba4ac052576a331e10e7f84179f751ed4
parent 2e3ecda684f867a6304d1611e13859ea1312e5c3

Address review feedback

Signed-off-by: Hanno Becker <hanno.becker@arm.com>

library/ssl_cli.c

diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index adcac44..1acb3d0 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -2558,7 +2558,7 @@
 
     /* First byte is curve_type; only named_curve is handled */
     if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE )
-        return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
 
     /* Next two bytes are the namedcurve value */
     tls_id = *(*p)++;
@@ -2569,7 +2569,7 @@
     if( ( handshake->ecdh_psa_type =
           mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 )
     {
-        return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
     }
     if( ecdh_bits > 0xffff )
         return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
@@ -2631,7 +2631,7 @@
     {
         MBEDTLS_SSL_DEBUG_MSG( 1,
             ( "bad server key exchange message (ECDHE curve)" ) );
-        return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
     }
 
     return( ret );
@@ -2801,7 +2801,7 @@
     {
         MBEDTLS_SSL_DEBUG_MSG( 1,
             ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) );
-        return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER );
+        return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
     }
 
     /*