Reduce paramter hrr from ssl_tls13_parse_server_hello
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 3b2313a..40748e9 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1021,8 +1021,7 @@
*/
static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
const unsigned char *buf,
- const unsigned char *end,
- int hrr )
+ const unsigned char *end)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned char *p = buf;
@@ -1166,6 +1165,9 @@
{
unsigned int extension_type;
size_t extension_data_len;
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+ int hrr;
+#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, 4 );
extension_type = MBEDTLS_GET_UINT16_BE( p, 0 );
@@ -1224,13 +1226,16 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
case MBEDTLS_TLS_EXT_KEY_SHARE:
+ hrr = ssl_server_hello_is_hrr( ssl, buf, end );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) );
- if( hrr )
+ if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
ret = ssl_tls13_hrr_check_key_share_ext( ssl,
p, p + extension_data_len );
- else
+ else if( hrr == SSL_SERVER_HELLO_COORDINATE_HELLO )
ret = ssl_tls13_parse_key_share_ext( ssl,
p, p + extension_data_len );
+ else
+ ret = hrr;
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
@@ -1440,8 +1445,7 @@
* the respective parsing function.
*/
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_server_hello( ssl, buf,
- buf + buf_len,
- hrr ) );
+ buf + buf_len ) );
if( hrr == SSL_SERVER_HELLO_COORDINATE_HRR )
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_reset_transcript_for_hrr( ssl ) );