fix various issues
- Signature of
- mbedtls_tls13_set_hs_sent_ext_mask
- check_received_extension and issues
- Also fix comment issue.
- improve readablity.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index c29b90e..27747a2 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -89,8 +89,8 @@
}
*out_len = 5 + versions_len;
- mbedtls_tls13_set_sent_ext_mask( ssl,
- MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS );
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask(
+ ssl, MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS );
MBEDTLS_SSL_DEBUG_MSG(
4, ( "sent %s extension",
mbedtls_tls13_get_extension_name(
@@ -365,8 +365,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, key_share extension", buf, *out_len );
- mbedtls_tls13_set_sent_ext_mask( ssl,
- MBEDTLS_TLS_EXT_KEY_SHARE );
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_KEY_SHARE );
MBEDTLS_SSL_DEBUG_MSG(
4, ( "sent %s extension",
@@ -612,8 +611,7 @@
*out_len = handshake->hrr_cookie_len + 6;
- mbedtls_tls13_set_sent_ext_mask( ssl,
- MBEDTLS_TLS_EXT_COOKIE );
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask( ssl, MBEDTLS_TLS_EXT_COOKIE );
MBEDTLS_SSL_DEBUG_MSG(
4, ( "sent %s extension",
mbedtls_tls13_get_extension_name(
@@ -688,8 +686,8 @@
*out_len = p - buf;
- mbedtls_tls13_set_sent_ext_mask( ssl,
- MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES );
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask(
+ ssl, MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES );
MBEDTLS_SSL_DEBUG_MSG(
4, ( "sent %s extension",
mbedtls_tls13_get_extension_name(
@@ -1059,8 +1057,8 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "pre_shared_key binders", buf, p - buf );
- mbedtls_tls13_set_sent_ext_mask( ssl,
- MBEDTLS_TLS_EXT_PRE_SHARED_KEY );
+ mbedtls_ssl_tls13_set_hs_sent_ext_mask(
+ ssl, MBEDTLS_TLS_EXT_PRE_SHARED_KEY );
MBEDTLS_SSL_DEBUG_MSG(
4, ( "sent %s extension",
mbedtls_tls13_get_extension_name(
@@ -1668,7 +1666,7 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello extensions", p, extensions_len );
- ssl->handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
+ handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
allowed_extensions_mask = is_hrr ?
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_HRR :
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_SH;
@@ -1687,7 +1685,7 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
extension_data_end = p + extension_data_len;
- ret = mbedtls_tls13_check_received_extensions(
+ ret = mbedtls_ssl_tls13_check_received_extension(
ssl,
is_hrr ?
-MBEDTLS_SSL_HS_SERVER_HELLO : MBEDTLS_SSL_HS_SERVER_HELLO,
@@ -1766,7 +1764,7 @@
MBEDTLS_SSL_TLS1_3_PRINT_EXTS(
3, is_hrr ? -MBEDTLS_SSL_HS_SERVER_HELLO : MBEDTLS_SSL_HS_SERVER_HELLO,
- ssl->handshake->received_extensions );
+ handshake->received_extensions );
cleanup:
@@ -1999,6 +1997,7 @@
size_t extensions_len;
const unsigned char *p = buf;
const unsigned char *extensions_end;
+ mbedtls_ssl_handshake_params *handshake = ssl->handshake;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
extensions_len = MBEDTLS_GET_UINT16_BE( p, 0 );
@@ -2008,7 +2007,7 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extensions_len );
extensions_end = p + extensions_len;
- ssl->handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
+ handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
while( p < extensions_end )
{
@@ -2028,7 +2027,7 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
- ret = mbedtls_tls13_check_received_extensions(
+ ret = mbedtls_ssl_tls13_check_received_extension(
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, extension_type,
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_EE );
if( ret != 0 )
@@ -2036,16 +2035,6 @@
switch( extension_type )
{
- case MBEDTLS_TLS_EXT_SERVERNAME:
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "found server_name extension" ) );
-
- /* The server_name extension should be an empty extension */
-
- break;
- case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS:
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "found extensions supported groups" ) );
- break;
-
#if defined(MBEDTLS_SSL_ALPN)
case MBEDTLS_TLS_EXT_ALPN:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) );
@@ -2069,7 +2058,7 @@
}
MBEDTLS_SSL_TLS1_3_PRINT_EXTS( 3, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
- ssl->handshake->received_extensions );
+ handshake->received_extensions );
/* Check that we consumed all the message. */
if( p != end )
@@ -2176,6 +2165,7 @@
size_t certificate_request_context_len = 0;
size_t extensions_len = 0;
const unsigned char *extensions_end;
+ mbedtls_ssl_handshake_params *handshake = ssl->handshake;
/* ...
* opaque certificate_request_context<0..2^8-1>
@@ -2191,7 +2181,6 @@
MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context",
p, certificate_request_context_len );
- mbedtls_ssl_handshake_params *handshake = ssl->handshake;
handshake->certificate_request_context =
mbedtls_calloc( 1, certificate_request_context_len );
if( handshake->certificate_request_context == NULL )
@@ -2215,7 +2204,7 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extensions_len );
extensions_end = p + extensions_len;
- ssl->handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
+ handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
while( p < extensions_end )
{
@@ -2229,7 +2218,7 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, extensions_end, extension_data_len );
- ret = mbedtls_tls13_check_received_extensions(
+ ret = mbedtls_ssl_tls13_check_received_extension(
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, extension_type,
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CR );
if( ret != 0 )
@@ -2260,7 +2249,7 @@
MBEDTLS_SSL_TLS1_3_PRINT_EXTS( 3,
MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
- ssl->handshake->received_extensions );
+ handshake->received_extensions );
/* Check that we consumed all the message. */
if( p != end )
@@ -2274,7 +2263,7 @@
*
* The "signature_algorithms" extension MUST be specified
*/
- if( ( ssl->handshake->received_extensions & MBEDTLS_SSL_EXT_SIG_ALG ) == 0 )
+ if( ( handshake->received_extensions & MBEDTLS_SSL_EXT_SIG_ALG ) == 0 )
{
MBEDTLS_SSL_DEBUG_MSG( 3,
( "no signature algorithms extension found" ) );
@@ -2514,10 +2503,11 @@
const unsigned char *buf,
const unsigned char *end )
{
+ mbedtls_ssl_handshake_params *handshake = ssl->handshake;
const unsigned char *p = buf;
- ssl->handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
+ handshake->received_extensions = MBEDTLS_SSL_EXT_NONE;
while( p < end )
{
@@ -2532,7 +2522,7 @@
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extension_data_len );
- ret = mbedtls_tls13_check_received_extensions(
+ ret = mbedtls_ssl_tls13_check_received_extension(
ssl, MBEDTLS_SSL_HS_CLIENT_HELLO, extension_type,
MBEDTLS_SSL_TLS1_3_ALLOWED_EXTS_OF_CH );
if( ret != 0 )
@@ -2556,7 +2546,7 @@
}
MBEDTLS_SSL_TLS1_3_PRINT_EXTS(
- 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, ssl->handshake->received_extensions );
+ 3, MBEDTLS_SSL_HS_NEW_SESSION_TICKET, handshake->received_extensions );
return( 0 );
}