fix various issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2025-11-03 20:22:59 -05:00 · 2021-10-08 15:14:45 +08:00 · 2021-10-08 15:14:45 +08:00 · c1ddeef53a
commit c1ddeef53a
parent d96a5c2d86
4 changed files with 14 additions and 21 deletions
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -1501,9 +1501,7 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl,
 int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl,
                                            size_t buf_len,
                                            size_t msg_len );
-/*
- * Update checksum with handshake header
- */
+
 void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
                                               unsigned hs_type,
                                               size_t total_hs_len );
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -5558,9 +5558,6 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
 void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
                                        mbedtls_ssl_transform *transform )
 {
-    if( ssl->transform_in == transform )
-        return;
-
    ssl->transform_in = transform;
    mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_COUNTER_LEN );
 }
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -7062,20 +7062,22 @@ int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl,
                                          size_t dst_len,
                                          size_t *olen )
 {
+    switch( md )
+    {
+
 #if defined(MBEDTLS_SHA384_C)
-    if( md == MBEDTLS_MD_SHA384 )
-    {
+    case MBEDTLS_MD_SHA384:
        return( ssl_get_handshake_transcript_sha384( ssl, dst, dst_len, olen ) );
-    }
-    else
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA384_C */
+
 #if defined(MBEDTLS_SHA256_C)
-    if( md == MBEDTLS_MD_SHA256 )
-    {
+    case MBEDTLS_MD_SHA256:
        return( ssl_get_handshake_transcript_sha256( ssl, dst, dst_len, olen ) );
-    }
-    else
 #endif /* MBEDTLS_SHA256_C */
+
+    default:
+        break;
+    }
    return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
 }
 #endif /* !MBEDTLS_USE_PSA_CRYPTO */
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@ -534,22 +534,18 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
 /*
 * TLS 1.3 key schedule evolutions
 *
- *   Early Data -> Handshake -> Application
+ *   Early -> Handshake -> Application
 *
 * Small wrappers around mbedtls_ssl_tls1_3_evolve_secret().
 */

 /**
- * \brief Begin TLS 1.3 key schedule by calculating early secret
- *        from chosen PSK.
+ * \brief Begin TLS 1.3 key schedule by calculating early secret.
 *
 *        The TLS 1.3 key schedule can be viewed as a simple state machine
 *        with states Initial -> Early -> Handshake -> Application, and
 *        this function represents the Initial -> Early transition.
 *
- *        In the early stage, mbedtls_ssl_tls1_3_generate_early_data_keys()
- *        can be used to derive the 0-RTT traffic keys.
- *
 * \param ssl  The SSL context to operate on.
 *
 * \returns    \c 0 on success.