From f86eb75c58f7a2fae462d6ddf0bf0354e45a69ca Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 6 May 2022 11:16:55 +0800 Subject: [PATCH] fix various issues Signed-off-by: Jerry Yu --- library/ssl_tls13_client.c | 5 +++-- library/ssl_tls13_keys.c | 4 +--- library/ssl_tls13_keys.h | 4 ++-- library/ssl_tls13_server.c | 7 ++++--- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 93b063278..59e42c868 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -1237,10 +1237,11 @@ static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl ) goto cleanup; } - ret = mbedtls_ssl_tls13_set_handshake_transform( ssl ); + ret = mbedtls_ssl_tls13_compute_handshake_transform( ssl ); if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_set_handshake_transform", + MBEDTLS_SSL_DEBUG_RET( 1, + "mbedtls_ssl_tls13_compute_handshake_transform", ret ); goto cleanup; } diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index dd6677ddf..74b269e6a 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -1511,7 +1511,7 @@ int mbedtls_ssl_tls13_generate_application_keys( return( ret ); } -int mbedtls_ssl_tls13_set_handshake_transform( mbedtls_ssl_context *ssl ) +int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl ) { int ret; mbedtls_ssl_key_set traffic_keys; @@ -1558,9 +1558,7 @@ int mbedtls_ssl_tls13_set_handshake_transform( mbedtls_ssl_context *ssl ) cleanup: mbedtls_platform_zeroize( &traffic_keys, sizeof( traffic_keys ) ); if( ret != 0 ) - { mbedtls_free( transform_handshake ); - } return( ret ); } diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h index 62bd6c005..676ebae8d 100644 --- a/library/ssl_tls13_keys.h +++ b/library/ssl_tls13_keys.h @@ -641,13 +641,13 @@ int mbedtls_ssl_tls13_calculate_verify_data( mbedtls_ssl_context *ssl, /** * \brief Compute TLS 1.3 handshake transform * - * \param ssl The SSL context to operate on. The early secrtet must have been + * \param ssl The SSL context to operate on. The early secret must have been * computed. * * \returns \c 0 on success. * \returns A negative error code on failure. */ -int mbedtls_ssl_tls13_set_handshake_transform( mbedtls_ssl_context *ssl ); +int mbedtls_ssl_tls13_compute_handshake_transform( mbedtls_ssl_context *ssl ); #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index d6c1f5edc..b2a5cfcf5 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -1029,10 +1029,11 @@ static int ssl_tls13_write_server_hello_body( mbedtls_ssl_context *ssl, static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - ret = mbedtls_ssl_tls13_set_handshake_transform( ssl ); + ret = mbedtls_ssl_tls13_compute_handshake_transform( ssl ); if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls13_set_handshake_transform", + MBEDTLS_SSL_DEBUG_RET( 1, + "mbedtls_ssl_tls13_compute_handshake_transform", ret ); return( ret ); } @@ -1040,7 +1041,7 @@ static int ssl_tls13_finalize_write_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_set_outbound_transform( ssl, ssl->handshake->transform_handshake ); MBEDTLS_SSL_DEBUG_MSG( - 3, ( "switching to new transform spec for outbound data" ) ); + 3, ( "switching to handshake transform for outbound data" ) ); return( ret ); }