Fix, improve and add comments

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2023-04-03 16:37:22 +02:00 · 2023-04-03 16:37:22 +02:00 · b828c7d3de
commit b828c7d3de
parent 4d31496294
3 changed files with 25 additions and 4 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1615,11 +1615,11 @@ struct mbedtls_ssl_context {
     *  ClientHello writing preparation stage with the previously negotiated
     *  TLS version.
     *
-     *  On client side, updated to the TLS version selected by the server for
-     *  the handshake when the ServerHello is received.
+     *  On client side, it is updated to the TLS version selected by the server
+     *  for the handshake when the ServerHello is received.
     *
-     *  On server side, updated to the TLS version the server selects for the
-     *  handshake when the ClientHello is received.
+     *  On server side, it is updated to the TLS version the server selects for
+     *  the handshake when the ClientHello is received.
     */
    mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version);

--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@ -1455,6 +1455,13 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl,
            return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
        }

+        /*
+         * Version 1.2 of the protocol has been negotiated, set the
+         * ssl->keep_current_message flag for the ServerHello to be kept and
+         * parsed as a TLS 1.2 ServerHello. We also change ssl->tls_version to
+         * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step()
+         * will dispatch to the TLS 1.2 state machine.
+         */
        ssl->keep_current_message = 1;
        ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
        MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -1381,6 +1381,13 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
            return ret;
        }

+        /*
+         * The supported versions extension was parsed successfully as the
+         * value returned by ssl_tls13_parse_supported_versions_ext() is
+         * positive. The return value is then equal to
+         * MBEDTLS_SSL_VERSION_TLS1_2 or MBEDTLS_SSL_VERSION_TLS1_3, defining
+         * the TLS version to negotiate.
+         */
        if (MBEDTLS_SSL_VERSION_TLS1_2 == ret) {
            return SSL_CLIENT_HELLO_TLS1_2;
        }
@ -1783,6 +1790,13 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl)
                                   * as negative error codes are handled
                                   * by MBEDTLS_SSL_PROC_CHK_NEG. */

+    /*
+     * Version 1.2 of the protocol has been chosen, set the
+     * ssl->keep_current_message flag for the ClientHello to be kept and parsed
+     * as a TLS 1.2 ClientHello. We also change ssl->tls_version to
+     * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step()
+     * will dispatch to the TLS 1.2 state machine.
+     */
    if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) {
        ssl->keep_current_message = 1;
        ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;