commit f5b4d25cfaf39b1acdf49882ebbf6a85517392ea
author Xiaofei Bai <xiaofei.bai@arm.com> Fri Jan 28 06:37:15 2022 +0000
committer Xiaofei Bai <xiaofei.bai@arm.com> Fri Jan 28 06:37:15 2022 +0000
tree 2caf3146cb5aa36104c0416d2bd68e2e18a0f5a4
parent 82f0a9a1dbd7761b5e600a0cc1bbe064cac0ea9a

Add received_sig_algs member to struct  mbedtls_ssl_handshake_params

Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 2f4d04e..86699d9 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -155,26 +155,25 @@
                                          const unsigned char *end )
 {
     const unsigned char *p = buf;
-    size_t sig_algs_len = 0;
-    uint16_t *sig_algs;
-    const unsigned char *sig_algs_end;
+    size_t supported_sig_algs_len = 0;
+    const unsigned char *supported_sig_algs_end;
     uint16_t sig_alg;
     uint32_t common_idx = 0; /* iterate through received signature schemes list */
 
     /* skip 2 bytes of signature algorithms length */
     MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
-    sig_algs_len = MBEDTLS_GET_UINT16_BE( p, 0 );
+    supported_sig_algs_len = MBEDTLS_GET_UINT16_BE( p, 0 );
     p += 2;
 
-    sig_algs = mbedtls_calloc( MBEDTLS_SIG_ALGS_SIZE, sizeof( uint16_t ) );
-    if( sig_algs == NULL )
-        return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+    memset( ssl->handshake->received_sig_algs, 0,
+            sizeof( ssl->handshake->received_sig_algs) );
 
-    MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, sig_algs_len );
-    sig_algs_end = p + sig_algs_len;
-    while( p < sig_algs_end && common_idx + 1 < MBEDTLS_SIG_ALGS_SIZE )
+    MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, supported_sig_algs_len );
+    supported_sig_algs_end = p + supported_sig_algs_len;
+    while( p < supported_sig_algs_end &&
+           common_idx + 1 < MBEDTLS_RECEIVED_SIG_ALGS_SIZE )
     {
-        MBEDTLS_SSL_CHK_BUF_READ_PTR( p, sig_algs_end, 2 );
+        MBEDTLS_SSL_CHK_BUF_READ_PTR( p, supported_sig_algs_end, 2 );
         sig_alg = MBEDTLS_GET_UINT16_BE( p, 0 );
         p += 2;
 
@@ -184,7 +183,7 @@
         if( mbedtls_ssl_sig_alg_is_offered( ssl, sig_alg ) &&
             mbedtls_ssl_sig_alg_is_supported( ssl, sig_alg ) )
         {
-            sig_algs[common_idx] = sig_alg;
+            ssl->handshake->received_sig_algs[common_idx] = sig_alg;
             common_idx += 1;
         }
     }
@@ -195,7 +194,6 @@
             ( "Signature algorithms extension length misaligned" ) );
         MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
                                       MBEDTLS_ERR_SSL_DECODE_ERROR );
-        mbedtls_free( sig_algs );
         return( MBEDTLS_ERR_SSL_DECODE_ERROR );
     }
 
@@ -204,13 +202,10 @@
         MBEDTLS_SSL_DEBUG_MSG( 3, ( "no signature algorithm in common" ) );
         MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE,
                                       MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
-        mbedtls_free( sig_algs );
         return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE );
     }
 
-    sig_algs[common_idx] = MBEDTLS_TLS1_3_SIG_NONE;
-    ssl->handshake->sig_algs = sig_algs;
-    ssl->handshake->sig_algs_heap_allocated = 1;
+    ssl->handshake->received_sig_algs[common_idx] = MBEDTLS_TLS1_3_SIG_NONE;
     return( 0 );
 }