fix format and potential non-PSK fail issue
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 10e9bb7..7447197 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -290,7 +290,7 @@
* binders >= 33 bytes
*/
binders = identities_end;
- MBEDTLS_SSL_CHK_BUF_READ_PTR( binders, end, 33 );
+ MBEDTLS_SSL_CHK_BUF_READ_PTR( binders, end, 33 + 2 );
binders_len = MBEDTLS_GET_UINT16_BE( binders, 0 );
p_binder_len = binders + 2;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p_binder_len, end, binders_len );
@@ -353,6 +353,10 @@
return( MBEDTLS_ERR_SSL_DECODE_ERROR );
}
+ /* Update the handshake transcript with the binder list. */
+ ssl->handshake->update_checksum( ssl,
+ identities_end,
+ (size_t)( binders_end - identities_end ) );
if( matched_identity == -1 )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "No matched pre shared key found" ) );
@@ -362,10 +366,6 @@
ssl->handshake->selected_identity = (uint16_t)matched_identity;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Pre shared key found" ) );
- /* Update the handshake transcript with the binder list. */
- ssl->handshake->update_checksum( ssl,
- identities_end,
- (size_t)( binders_end - identities_end ) );
return( 0 );
}
@@ -1340,7 +1340,8 @@
if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY)
{
ssl->handshake->extensions_present &= ~MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
- }else if( ret != 0 )
+ }
+ else if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_tls13_parse_pre_shared_key_ext" ),
ret );