Inprove code base on review comments
Change debug messag for server finished.
Change name of generate_application_keys.
Remove the client vertificate tests from ssl-opt.sh.
Add test strings for server finished in ssl-opt.sh.
Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 9be6948..91b4bdf 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -920,12 +920,12 @@
goto cleanup;
}
- ret = mbedtls_ssl_tls1_3_generate_application_keys(
+ ret = mbedtls_ssl_tls13_generate_application_keys(
ssl, &traffic_keys );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
- "mbedtls_ssl_tls1_3_generate_application_keys", ret );
+ "mbedtls_ssl_tls13_generate_application_keys", ret );
goto cleanup;
}
@@ -981,7 +981,7 @@
unsigned char *buf;
size_t buflen;
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished_in" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished message" ) );
/* Preprocessing step: Compute handshake digest */
MBEDTLS_SSL_PROC_CHK( ssl_tls13_preprocess_finished_message( ssl ) );
@@ -996,7 +996,7 @@
cleanup:
- MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished_in" ) );
+ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished message" ) );
return( ret );
}
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index fbbf096..c035504 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -1111,7 +1111,7 @@
/* Generate application traffic keys since any records following a 1-RTT Finished message
* MUST be encrypted under the application traffic key.
*/
-int mbedtls_ssl_tls1_3_generate_application_keys(
+int mbedtls_ssl_tls13_generate_application_keys(
mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys )
{
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 53dbe73..7ea0183 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -577,7 +577,7 @@
* with states Initial -> Early -> Handshake -> Application, and
* this function represents the Handshake -> Application transition.
*
- * In the handshake stage, mbedtls_ssl_tls1_3_generate_application_keys()
+ * In the handshake stage, mbedtls_ssl_tls13_generate_application_keys()
* can be used to derive the handshake traffic keys.
*
* \param ssl The SSL context to operate on. This must be in key schedule
@@ -601,7 +601,7 @@
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
-int mbedtls_ssl_tls1_3_generate_application_keys(
+int mbedtls_ssl_tls13_generate_application_keys(
mbedtls_ssl_context* ssl, mbedtls_ssl_key_set *traffic_keys );
/**
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 0e78356..997bdee 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -8820,9 +8820,7 @@
-c "tls1_3 client state: 19" \
-c "tls1_3 client state: 5" \
-c "tls1_3 client state: 3" \
- -c "tls1_3 client state: 9" \
-c "tls1_3 client state: 13" \
- -c "tls1_3 client state: 7" \
-c "tls1_3 client state: 20" \
-c "tls1_3 client state: 11" \
-c "tls1_3 client state: 14" \
@@ -8835,7 +8833,8 @@
-c "Certificate verification flags clear" \
-c "=> parse certificate verify" \
-c "<= parse certificate verify" \
- -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0"
+ -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
+ -c "<= parse finished message"
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
@@ -8853,9 +8852,7 @@
-c "tls1_3 client state: 19" \
-c "tls1_3 client state: 5" \
-c "tls1_3 client state: 3" \
- -c "tls1_3 client state: 9" \
-c "tls1_3 client state: 13" \
- -c "tls1_3 client state: 7" \
-c "tls1_3 client state: 20" \
-c "tls1_3 client state: 11" \
-c "tls1_3 client state: 14" \
@@ -8868,7 +8865,9 @@
-c "Certificate verification flags clear" \
-c "=> parse certificate verify" \
-c "<= parse certificate verify" \
- -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0"
+ -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
+ -c "<= parse finished message"
+
# Test heap memory usage after handshake
requires_config_enabled MBEDTLS_MEMORY_DEBUG