Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / d4c64027a5dd77eff105b7acc2bdddc239bb72f9^! / .
commitd4c64027a5dd77eff105b7acc2bdddc239bb72f9[log] [tgz]
authorRonald Cron <ronald.cron@arm.com>Mon Dec 06 09:06:46 2021 +0100
committerRonald Cron <ronald.cron@arm.com>Thu Dec 09 13:40:22 2021 +0100
tree96f9e2d54471c8885e7a4f117352dd8514080bed
parenta55c5a115298ec701a4f8d1dde89d00cd97287d7 [diff]
tls13: Move state transition after sending CCS to ssl_tls13_client.c

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 80cb4bf..3327fce 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c

@@ -1628,6 +1628,7 @@
     return( 0 );
 }
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
+
 /*
  * Handler for MBEDTLS_SSL_SERVER_FINISHED
  */
@@ -1651,6 +1652,24 @@
 }
 
 /*
+ * Handler for MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED
+ */
+#if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
+static int ssl_tls13_write_change_cipher_spec( mbedtls_ssl_context *ssl )
+{
+    int ret;
+
+    ret = mbedtls_ssl_tls13_write_change_cipher_spec( ssl );
+    if( ret != 0 )
+        return( ret );
+
+    mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
+
+    return( 0 );
+}
+#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
+
+/*
  * Handler for MBEDTLS_SSL_CLIENT_FINISHED
  */
 static int ssl_tls13_write_client_finished( mbedtls_ssl_context *ssl )
@@ -1754,7 +1773,7 @@
          */
 #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
         case MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED:
-            ret = mbedtls_ssl_tls13_write_change_cipher_spec( ssl );
+            ret = ssl_tls13_write_change_cipher_spec( ssl );
             break;
 #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
 

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 228303e..8b430de 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c

@@ -1169,26 +1169,6 @@
     return( 0 );
 }
 
-static int ssl_tls13_finalize_change_cipher_spec( mbedtls_ssl_context *ssl )
-{
-#if defined(MBEDTLS_SSL_SRV_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
-    {
-        MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
-        return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
-    }
-#endif /* MBEDTLS_SSL_SRV_C */
-
-#if defined(MBEDTLS_SSL_CLI_C)
-    if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
-    {
-        mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
-    }
-#endif /* MBEDTLS_SSL_CLI_C */
-
-    return( 0 );
-}
-
 int mbedtls_ssl_tls13_write_change_cipher_spec( mbedtls_ssl_context *ssl )
 {
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@@ -1205,8 +1185,6 @@
 
     ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
 
-    MBEDTLS_SSL_PROC_CHK( ssl_tls13_finalize_change_cipher_spec( ssl ) );
-
     /* Dispatch message */
     MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_write_record( ssl, 1 ) );