From b828c7d3de14dff05b4ce6a050f79b3d810e18e7 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Mon, 3 Apr 2023 16:37:22 +0200
Subject: [PATCH] Fix, improve and add comments

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 include/mbedtls/ssl.h      |  8 ++++----
 library/ssl_tls13_client.c |  7 +++++++
 library/ssl_tls13_server.c | 14 ++++++++++++++
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index d649266b9..f8c5948b8 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1615,11 +1615,11 @@ struct mbedtls_ssl_context {
      *  ClientHello writing preparation stage with the previously negotiated
      *  TLS version.
      *
-     *  On client side, updated to the TLS version selected by the server for
-     *  the handshake when the ServerHello is received.
+     *  On client side, it is updated to the TLS version selected by the server
+     *  for the handshake when the ServerHello is received.
      *
-     *  On server side, updated to the TLS version the server selects for the
-     *  handshake when the ClientHello is received.
+     *  On server side, it is updated to the TLS version the server selects for
+     *  the handshake when the ClientHello is received.
      */
     mbedtls_ssl_protocol_version MBEDTLS_PRIVATE(tls_version);
 
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index fedb2be96..6cf47fe29 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1455,6 +1455,13 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl,
             return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
         }
 
+        /*
+         * Version 1.2 of the protocol has been negotiated, set the
+         * ssl->keep_current_message flag for the ServerHello to be kept and
+         * parsed as a TLS 1.2 ServerHello. We also change ssl->tls_version to
+         * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step()
+         * will dispatch to the TLS 1.2 state machine.
+         */
         ssl->keep_current_message = 1;
         ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
         MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 93f31a537..4ed332f59 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1381,6 +1381,13 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
             return ret;
         }
 
+        /*
+         * The supported versions extension was parsed successfully as the
+         * value returned by ssl_tls13_parse_supported_versions_ext() is
+         * positive. The return value is then equal to
+         * MBEDTLS_SSL_VERSION_TLS1_2 or MBEDTLS_SSL_VERSION_TLS1_3, defining
+         * the TLS version to negotiate.
+         */
         if (MBEDTLS_SSL_VERSION_TLS1_2 == ret) {
             return SSL_CLIENT_HELLO_TLS1_2;
         }
@@ -1783,6 +1790,13 @@ static int ssl_tls13_process_client_hello(mbedtls_ssl_context *ssl)
                                    * as negative error codes are handled
                                    * by MBEDTLS_SSL_PROC_CHK_NEG. */
 
+    /*
+     * Version 1.2 of the protocol has been chosen, set the
+     * ssl->keep_current_message flag for the ClientHello to be kept and parsed
+     * as a TLS 1.2 ClientHello. We also change ssl->tls_version to
+     * MBEDTLS_SSL_VERSION_TLS1_2 thus from now on mbedtls_ssl_handshake_step()
+     * will dispatch to the TLS 1.2 state machine.
+     */
     if (SSL_CLIENT_HELLO_TLS1_2 == parse_client_hello_ret) {
         ssl->keep_current_message = 1;
         ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;