commit c4b8c99a38e2201598c839483c307ba5073fe1e8
author XiaokangQian <xiaokang.qian@arm.com> Thu Apr 07 11:31:38 2022 +0000
committer XiaokangQian <xiaokang.qian@arm.com> Wed Apr 20 07:43:48 2022 +0000
tree 0b73a72546c2cd3b9693dff522de93ac1fc36fcb
parent 8840888fbc0ccb3b29b1e5769a59fe9150c46ce0

Rebase and solve conflicts and issues

Change-Id: I17246c5b2f8a8ec4989c8b0b83b55cad0491b78a
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 4f1bac6..cf64e81 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -912,18 +912,6 @@
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
     if( mbedtls_ssl_conf_is_tls13_only( conf ) )
     {
-        if( conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-             MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS 1.3 is not yet supported." ) );
-             return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-        }
-
-        if( conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS 1.3 server is not supported yet." ) );
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-        }
-
         MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is tls13 only." ) );
         return( 0 );
     }
@@ -940,18 +928,6 @@
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && defined(MBEDTLS_SSL_PROTO_TLS1_3)
     if( mbedtls_ssl_conf_is_hybrid_tls12_tls13( conf ) )
     {
-        if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
-        {
-             MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS not yet supported in Hybrid TLS 1.3 + TLS 1.2" ) );
-             return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-        }
-
-        if( conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-        {
-            MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS 1.3 server is not supported yet." ) );
-            return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-        }
-
         MBEDTLS_SSL_DEBUG_MSG( 4, ( "The SSL configuration is TLS 1.3 or TLS 1.2." ) );
         return( 0 );
     }

library/ssl_tls13_server.c

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 934737a..9f55fe7 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -107,8 +107,6 @@
 
     ssl->major_ver = major_ver;
     ssl->minor_ver = minor_ver;
-    ssl->handshake->max_major_ver = ssl->major_ver;
-    ssl->handshake->max_minor_ver = ssl->minor_ver;
     return( 0 );
 }
 
@@ -436,10 +434,6 @@
                           ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,
                           &buf, &buflen ) );
 
-    mbedtls_ssl_tls13_add_hs_hdr_to_checksum( ssl,
-                                              MBEDTLS_SSL_HS_CLIENT_HELLO,
-                                              buflen );
-
     MBEDTLS_SSL_PROC_CHK_NEG( ssl_client_hello_parse( ssl, buf, buf + buflen ) );
     hrr_required = ret;
 
@@ -786,7 +780,8 @@
      * - The entire content of the CH message, if no PSK extension is present
      * - The content up to but excluding the PSK extension, if present.
      */
-    ssl->handshake->update_checksum( ssl, buf, p - buf );
+    mbedtls_ssl_add_hs_msg_to_checksum( ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
+                                        buf, p - buf );
     /*
      * Search for a matching ciphersuite
      */