fix various issues
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 525dd1a..9d924ad 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1186,7 +1186,6 @@
int ret;
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
{
- /* Compute resumption_master_secret */
ret = mbedtls_ssl_tls13_generate_resumption_master_secret( ssl );
if( ret != 0 )
{
@@ -1271,7 +1270,6 @@
#if defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
- /* Compute resumption_master_secret */
ret = mbedtls_ssl_tls13_generate_resumption_master_secret( ssl );
if( ret != 0 )
{
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 479bb4e..941a19e 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -621,7 +621,7 @@
* \returns A negative error code on failure.
*/
int mbedtls_ssl_tls13_generate_resumption_master_secret(
- mbedtls_ssl_context* ssl );
+ mbedtls_ssl_context *ssl );
/**
* \brief Calculate the verify_data value for the client or server TLS 1.3
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index b9ec064..c6cedf0 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1477,11 +1477,11 @@
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
/*
- * State Handler: MBEDTLS_SSL_SERVER_FINISHED
+ * Handler for MBEDTLS_SSL_SERVER_FINISHED
*/
static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
{
- int ret;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
ret = mbedtls_ssl_tls13_write_finished_message( ssl );
if( ret != 0 )
@@ -1492,34 +1492,26 @@
}
/*
- * State Handler: MBEDTLS_SSL_CLIENT_FINISHED
+ * Handler for MBEDTLS_SSL_CLIENT_FINISHED
*/
static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl )
{
- int ret;
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
MBEDTLS_SSL_DEBUG_MSG( 1,
- ( "Switch to handshake traffic keys for outbound traffic" ) );
+ ( "Switch to handshake traffic keys for inbound traffic" ) );
mbedtls_ssl_set_inbound_transform( ssl, ssl->handshake->transform_handshake );
+
ret = mbedtls_ssl_tls13_process_finished_message( ssl );
if( ret != 0 )
return( ret );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP );
return( 0 );
-
}
/*
- * State Handler: MBEDTLS_SSL_FLUSH_BUFFERS
- */
-static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl )
-{
- ((void) ssl);
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-}
-
-/*
- * State Handler: MBEDTLS_SSL_HANDSHAKE_WRAPUP
+ * Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
*/
static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
{