commit 6c780469609da63915ec9930efb2a8ee0985799c
author Hanno Becker <hanno.becker@arm.com> Fri Apr 30 05:35:50 2021 +0100
committer Hanno Becker <hanno.becker@arm.com> Fri Apr 30 05:37:11 2021 +0100
tree 59f635f77b91eb07182f5317fa125942ea62d251
parent 91e1cc3bd7dcfe89dd0c9c2d6ad7041f839c5c31

Remove uses of MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH

The error code MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH is only
returned from the internal function

```
   mbedtls_ssl_set_calc_verify_md()
```

Moreover, at every call-site of this function, it is only
checked whether the return value is 0 or not, while the
exact return value is irrelevant.

The behavior the library is therefore unchanged if we return 1
instead of MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH in
`mbedtls_ssl_set_calc_verify_md()`. This commit makes this change.

Signed-off-by: Hanno Becker <hanno.becker@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 422df99..aceeb45 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6998,14 +6998,14 @@
 {
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
     if( ssl->minor_ver != MBEDTLS_SSL_MINOR_VERSION_3 )
-        return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+        return( 1 );
 
     switch( md )
     {
 #if defined(MBEDTLS_SSL_PROTO_TLS1) || defined(MBEDTLS_SSL_PROTO_TLS1_1)
 #if defined(MBEDTLS_MD5_C)
         case MBEDTLS_SSL_HASH_MD5:
-            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+            return( 1 );
 #endif
 #if defined(MBEDTLS_SHA1_C)
         case MBEDTLS_SSL_HASH_SHA1:
@@ -7024,7 +7024,7 @@
             break;
 #endif
         default:
-            return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+            return( 1 );
     }
 
     return 0;
@@ -7032,7 +7032,7 @@
     (void) ssl;
     (void) md;
 
-    return MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH;
+    return( 1 );
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 }