Fix comments and remove hrr related code Change-Id: Iab1fc5415b3b7f7b5bcb0a41a01f4234cc3497d6 Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

commit: cfd925f3e8e2b27a6a5fe0b329c886d3e4f9cc93 [log] [tgz]
author: XiaokangQian <xiaokang.qian@arm.com> Thu Apr 14 07:10:37 2022 +0000
committer: XiaokangQian <xiaokang.qian@arm.com> Wed Apr 20 07:45:50 2022 +0000
tree: 474bd47c8fbf5187667aae97def89383a5cb0bf0
parent: ed582dd02383aaed5d38306581df8397a58ee41a [diff] [blame]
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index a6bcac3..fabc5d1 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c

@@ -1518,15 +1518,16 @@
                                                size_t buf_len )
 {
     uint8_t *p = (uint8_t*)buf;
+    const uint8_t *end = buf + buf_len;
     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
 
     /* Get size of the TLS opaque key_exchange field of the KeyShareEntry struct. */
+    MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
     uint16_t peerkey_len = MBEDTLS_GET_UINT16_BE( p, 0 );
     p += 2;
 
     /* Check if key size is consistent with given buffer length. */
-    if ( peerkey_len > ( buf_len - 2 ) )
-        return( MBEDTLS_ERR_SSL_DECODE_ERROR );
+    MBEDTLS_SSL_CHK_BUF_PTR( p, end, peerkey_len );
 
     /* Store peer's ECDH public key. */
     memcpy( handshake->ecdh_psa_peerkey, p, peerkey_len );
commit	cfd925f3e8e2b27a6a5fe0b329c886d3e4f9cc93	[log] [tgz]
author	XiaokangQian <xiaokang.qian@arm.com>	Thu Apr 14 07:10:37 2022 +0000
committer	XiaokangQian <xiaokang.qian@arm.com>	Wed Apr 20 07:45:50 2022 +0000
tree	474bd47c8fbf5187667aae97def89383a5cb0bf0
parent	ed582dd02383aaed5d38306581df8397a58ee41a [diff] [blame]