tls13: srv: Postpone client random copy
To avoid doing it twice in case we eventually
negotiate the version 1.2 of the protocol,
postpone the copy of the client random
bytes.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index b2166d2..128c460 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1241,6 +1241,7 @@
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const unsigned char *p = buf;
+ const unsigned char *random;
size_t legacy_session_id_len;
size_t cipher_suites_len;
const unsigned char *cipher_suites_end;
@@ -1297,10 +1298,7 @@
* with Random defined as:
* opaque Random[32];
*/
- MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes",
- p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN);
-
- memcpy(&handshake->randbytes[0], p, MBEDTLS_CLIENT_HELLO_RANDOM_LEN);
+ random = p;
p += MBEDTLS_CLIENT_HELLO_RANDOM_LEN;
/* ...
@@ -1373,6 +1371,14 @@
#endif
/*
+ * We are negotiation the version 1.3 of the protocol. Do what we have
+ * postponed: copy of the client random bytes.
+ */
+ MBEDTLS_SSL_DEBUG_BUF(3, "client hello, random bytes",
+ random, MBEDTLS_CLIENT_HELLO_RANDOM_LEN);
+ memcpy(&handshake->randbytes[0], random, MBEDTLS_CLIENT_HELLO_RANDOM_LEN);
+
+ /*
* Search for a matching ciphersuite
*/
for (; p < cipher_suites_end; p += 2) {