Merge branch 'development' into random_bye_on_hrr
Signed-off-by: BensonLiou <momo1208@gmail.com>
diff --git a/library/ssl_client.c b/library/ssl_client.c
index 8892acf..371c06c 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -792,10 +792,15 @@
(ssl->handshake->cookie == NULL))
#endif
{
- ret = ssl_generate_random(ssl);
- if (ret != 0) {
- MBEDTLS_SSL_DEBUG_RET(1, "Random bytes generation failed", ret);
- return ret;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+ if (ssl->handshake->hello_retry_request_count == 0)
+#endif
+ {
+ ret = ssl_generate_random(ssl);
+ if (ret != 0) {
+ MBEDTLS_SSL_DEBUG_RET(1, "Random bytes generation failed", ret);
+ return ret;
+ }
}
}
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 8cf2105..edaf01d 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -2396,7 +2396,7 @@
* corrupt them bit-by-bit. */
for (cur_byte = 0; cur_byte < sizeof(should_corrupt_byte); cur_byte++) {
int cur_bit;
- unsigned char * const byte = &serialized_session[cur_byte];
+ unsigned char *const byte = &serialized_session[cur_byte];
if (should_corrupt_byte[cur_byte] == 0) {
continue;
@@ -3850,6 +3850,7 @@
MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1,
MBEDTLS_SSL_IANA_TLS_GROUP_NONE
};
+ uint8_t client_random[MBEDTLS_CLIENT_HELLO_RANDOM_LEN];
mbedtls_platform_zeroize(&client_ep, sizeof(client_ep));
mbedtls_platform_zeroize(&server_ep, sizeof(server_ep));
@@ -3987,9 +3988,16 @@
if (!client_ep.ssl.handshake->hello_retry_request_flag) {
TEST_EQUAL(client_ep.ssl.early_data_state,
MBEDTLS_SSL_EARLY_DATA_STATE_CAN_WRITE);
+ memcpy(client_random,
+ client_ep.ssl.handshake->randbytes,
+ MBEDTLS_CLIENT_HELLO_RANDOM_LEN);
} else {
TEST_EQUAL(client_ep.ssl.early_data_state,
MBEDTLS_SSL_EARLY_DATA_STATE_REJECTED);
+ TEST_MEMORY_COMPARE(client_random,
+ MBEDTLS_CLIENT_HELLO_RANDOM_LEN,
+ client_ep.ssl.handshake->randbytes,
+ MBEDTLS_CLIENT_HELLO_RANDOM_LEN);
}
break;