Inprove code base on review comments

Change debug messag for server finished.
Change name of generate_application_keys.
Remove the client vertificate tests from ssl-opt.sh.
Add test strings for server finished in ssl-opt.sh.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
This commit is contained in:
XiaokangQian 2021-11-10 06:17:40 +00:00
parent 57b2aff8a8
commit d0aa3e9307
4 changed files with 12 additions and 13 deletions

View file

@ -920,12 +920,12 @@ static int ssl_tls13_postprocess_server_finished_message( mbedtls_ssl_context *s
goto cleanup;
}
ret = mbedtls_ssl_tls1_3_generate_application_keys(
ret = mbedtls_ssl_tls13_generate_application_keys(
ssl, &traffic_keys );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
"mbedtls_ssl_tls1_3_generate_application_keys", ret );
"mbedtls_ssl_tls13_generate_application_keys", ret );
goto cleanup;
}
@ -981,7 +981,7 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
unsigned char *buf;
size_t buflen;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished_in" ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished message" ) );
/* Preprocessing step: Compute handshake digest */
MBEDTLS_SSL_PROC_CHK( ssl_tls13_preprocess_finished_message( ssl ) );
@ -996,7 +996,7 @@ int mbedtls_ssl_tls13_process_finished_message( mbedtls_ssl_context *ssl )
cleanup:
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished_in" ) );
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished message" ) );
return( ret );
}

View file

@ -1111,7 +1111,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
/* Generate application traffic keys since any records following a 1-RTT Finished message
* MUST be encrypted under the application traffic key.
*/
int mbedtls_ssl_tls1_3_generate_application_keys(
int mbedtls_ssl_tls13_generate_application_keys(
mbedtls_ssl_context *ssl,
mbedtls_ssl_key_set *traffic_keys )
{

View file

@ -577,7 +577,7 @@ int mbedtls_ssl_tls13_generate_handshake_keys( mbedtls_ssl_context *ssl,
* with states Initial -> Early -> Handshake -> Application, and
* this function represents the Handshake -> Application transition.
*
* In the handshake stage, mbedtls_ssl_tls1_3_generate_application_keys()
* In the handshake stage, mbedtls_ssl_tls13_generate_application_keys()
* can be used to derive the handshake traffic keys.
*
* \param ssl The SSL context to operate on. This must be in key schedule
@ -601,7 +601,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_application(
* \returns \c 0 on success.
* \returns A negative error code on failure.
*/
int mbedtls_ssl_tls1_3_generate_application_keys(
int mbedtls_ssl_tls13_generate_application_keys(
mbedtls_ssl_context* ssl, mbedtls_ssl_key_set *traffic_keys );
/**

View file

@ -8820,9 +8820,7 @@ run_test "TLS1.3: Test client hello msg work - openssl" \
-c "tls1_3 client state: 19" \
-c "tls1_3 client state: 5" \
-c "tls1_3 client state: 3" \
-c "tls1_3 client state: 9" \
-c "tls1_3 client state: 13" \
-c "tls1_3 client state: 7" \
-c "tls1_3 client state: 20" \
-c "tls1_3 client state: 11" \
-c "tls1_3 client state: 14" \
@ -8835,7 +8833,8 @@ run_test "TLS1.3: Test client hello msg work - openssl" \
-c "Certificate verification flags clear" \
-c "=> parse certificate verify" \
-c "<= parse certificate verify" \
-c "mbedtls_ssl_tls13_process_certificate_verify() returned 0"
-c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
-c "<= parse finished message"
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
@ -8853,9 +8852,7 @@ run_test "TLS1.3: Test client hello msg work - gnutls" \
-c "tls1_3 client state: 19" \
-c "tls1_3 client state: 5" \
-c "tls1_3 client state: 3" \
-c "tls1_3 client state: 9" \
-c "tls1_3 client state: 13" \
-c "tls1_3 client state: 7" \
-c "tls1_3 client state: 20" \
-c "tls1_3 client state: 11" \
-c "tls1_3 client state: 14" \
@ -8868,7 +8865,9 @@ run_test "TLS1.3: Test client hello msg work - gnutls" \
-c "Certificate verification flags clear" \
-c "=> parse certificate verify" \
-c "<= parse certificate verify" \
-c "mbedtls_ssl_tls13_process_certificate_verify() returned 0"
-c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
-c "<= parse finished message"
# Test heap memory usage after handshake
requires_config_enabled MBEDTLS_MEMORY_DEBUG