Inprove code base on review comments

Change debug messag for server finished.
Change name of generate_application_keys.
Remove the client vertificate tests from ssl-opt.sh.
Add test strings for server finished in ssl-opt.sh.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>

library/ssl_tls13_generic.c

@@ -920,12 +920,12 @@ static int ssl_tls13_postprocess_server_finished_message( mbedtls_ssl_context *s
         goto cleanup;
     }
 
-    ret = mbedtls_ssl_tls1_3_generate_application_keys(
+    ret = mbedtls_ssl_tls13_generate_application_keys(
         ssl, &traffic_keys );
     if( ret != 0 )
     {
         MBEDTLS_SSL_DEBUG_RET( 1,
-            "mbedtls_ssl_tls1_3_generate_application_keys", ret );
+            "mbedtls_ssl_tls13_generate_application_keys", ret );
         goto cleanup;
     }
 
@@ -981,7 +981,7 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
     unsigned char *buf;
     size_t buflen;
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished_in" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished message" ) );
 
     /* Preprocessing step: Compute handshake digest */
     MBEDTLS_SSL_PROC_CHK( ssl_tls13_preprocess_finished_message( ssl ) );
@@ -996,7 +996,7 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
 
 cleanup:
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished_in" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished message" ) );
     return( ret );
 }
 

library/ssl_tls13_keys.c

@@ -1111,7 +1111,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
 /* Generate application traffic keys since any records following a 1-RTT Finished message
  * MUST be encrypted under the application traffic key.
  */
-int mbedtls_ssl_tls1_3_generate_application_keys(
+int mbedtls_ssl_tls13_generate_application_keys(
                                         mbedtls_ssl_context *ssl,
                                         mbedtls_ssl_key_set *traffic_keys )
 {

library/ssl_tls13_keys.h

@@ -577,7 +577,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
  *        with states Initial -> Early -> Handshake -> Application, and
  *        this function represents the Handshake -> Application transition.
  *
- *        In the handshake stage, mbedtls_ssl_tls1_3_generate_application_keys()
+ *        In the handshake stage, mbedtls_ssl_tls13_generate_application_keys()
  *        can be used to derive the handshake traffic keys.
  *
  * \param ssl  The SSL context to operate on. This must be in key schedule
@@ -601,7 +601,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application(
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
-int mbedtls_ssl_tls1_3_generate_application_keys(
+int mbedtls_ssl_tls13_generate_application_keys(
     mbedtls_ssl_context* ssl, mbedtls_ssl_key_set *traffic_keys );
 
 /**

tests/ssl-opt.sh

@@ -8820,9 +8820,7 @@ run_test    "TLS1.3: Test client hello msg work - openssl" \
             -c "tls1_3 client state: 19"    \
             -c "tls1_3 client state: 5"     \
             -c "tls1_3 client state: 3"     \
-            -c "tls1_3 client state: 9"     \
             -c "tls1_3 client state: 13"    \
-            -c "tls1_3 client state: 7"     \
             -c "tls1_3 client state: 20"    \
             -c "tls1_3 client state: 11"    \
             -c "tls1_3 client state: 14"    \
@@ -8835,7 +8833,8 @@ run_test    "TLS1.3: Test client hello msg work - openssl" \
             -c "Certificate verification flags clear" \
             -c "=> parse certificate verify"          \
             -c "<= parse certificate verify"          \
-            -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0"
+            -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
+            -c "<= parse finished message"
 
 requires_gnutls_tls1_3
 requires_gnutls_next_no_ticket
@@ -8853,9 +8852,7 @@ run_test    "TLS1.3: Test client hello msg work - gnutls" \
             -c "tls1_3 client state: 19"    \
             -c "tls1_3 client state: 5"     \
             -c "tls1_3 client state: 3"     \
-            -c "tls1_3 client state: 9"     \
             -c "tls1_3 client state: 13"    \
-            -c "tls1_3 client state: 7"     \
             -c "tls1_3 client state: 20"    \
             -c "tls1_3 client state: 11"    \
             -c "tls1_3 client state: 14"    \
@@ -8868,7 +8865,9 @@ run_test    "TLS1.3: Test client hello msg work - gnutls" \
             -c "Certificate verification flags clear" \
             -c "=> parse certificate verify"          \
             -c "<= parse certificate verify"          \
-            -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0"
+            -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
+            -c "<= parse finished message"
+
 
 # Test heap memory usage after handshake
 requires_config_enabled MBEDTLS_MEMORY_DEBUG