change time unit of ticket to milliseconds
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index eac6326..32ad7aa 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -931,28 +931,10 @@
if (ssl_tls13_ticket_get_identity(
ssl, &hash_alg, &identity, &identity_len) == 0) {
#if defined(MBEDTLS_HAVE_TIME)
- mbedtls_time_t now = mbedtls_time(NULL);
+ mbedtls_ms_time_t now = mbedtls_ms_time();
mbedtls_ssl_session *session = ssl->session_negotiate;
uint32_t obfuscated_ticket_age =
(uint32_t) (now - session->ticket_received);
-
- /*
- * The ticket timestamp is in seconds but the ticket age is in
- * milliseconds. If the ticket was received at the end of a second and
- * re-used here just at the beginning of the next second, the computed
- * age `now - session->ticket_received` is equal to 1s thus 1000 ms
- * while the actual age could be just a few milliseconds or tens of
- * milliseconds. If the server has more accurate ticket timestamps
- * (typically timestamps in milliseconds), as part of the processing of
- * the ClientHello, it may compute a ticket lifetime smaller than the
- * one computed here and potentially reject the ticket. To avoid that,
- * remove one second to the ticket age if possible.
- */
- if (obfuscated_ticket_age > 0) {
- obfuscated_ticket_age -= 1;
- }
-
- obfuscated_ticket_age *= 1000;
obfuscated_ticket_age += session->ticket_age_add;
ret = ssl_tls13_write_identity(ssl, p, end,
@@ -2837,7 +2819,7 @@
#if defined(MBEDTLS_HAVE_TIME)
/* Store ticket creation time */
- session->ticket_received = mbedtls_time(NULL);
+ session->ticket_received = mbedtls_ms_time();
#endif
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(session->ciphersuite);