guards transform_earlydata

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2025-03-29 04:20:12 +00:00 · 2022-11-04 14:07:25 +08:00 · 2022-11-04 14:07:25 +08:00 · 3d9b590f02
commit 3d9b590f02
parent 84a6edac10
2 changed files with 12 additions and 8 deletions
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -890,13 +890,6 @@ struct mbedtls_ssl_handshake_params
    uint16_t mtu;                       /*!<  Handshake mtu, used to fragment outgoing messages */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */

-#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-    /*! TLS 1.3 transforms for 0-RTT and encrypted handshake messages.
-     *  Those pointers own the transforms they reference. */
-    mbedtls_ssl_transform *transform_handshake;
-    mbedtls_ssl_transform *transform_earlydata;
-#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
-
    /*
     * Checksum contexts
     */
@ -981,6 +974,8 @@ struct mbedtls_ssl_handshake_params
    unsigned char *certificate_request_context;
 #endif

+    /** TLS 1.3 transform for encrypted handshake messages. */
+    mbedtls_ssl_transform *transform_handshake;
    union
    {
        unsigned char early    [MBEDTLS_TLS1_3_MD_MAX_SIZE];
@ -989,6 +984,11 @@ struct mbedtls_ssl_handshake_params
    } tls13_master_secrets;

    mbedtls_ssl_tls13_handshake_secrets tls13_hs_secrets;
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+    mbedtls_ssl_tls13_early_secrets tls13_early_secrets;
+    /** TLS 1.3 transform for 0-RTT application and handshake messages. */
+    mbedtls_ssl_transform *transform_earlydata;
+#endif
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

 #if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1447,9 +1447,11 @@ void mbedtls_ssl_session_reset_msg_layer( mbedtls_ssl_context *ssl,

    if( ssl->handshake != NULL )
    {
+#if defined(MBEDTLS_SSL_EARLY_DATA)
        mbedtls_ssl_transform_free( ssl->handshake->transform_earlydata );
        mbedtls_free( ssl->handshake->transform_earlydata );
        ssl->handshake->transform_earlydata = NULL;
+#endif

        mbedtls_ssl_transform_free( ssl->handshake->transform_handshake );
        mbedtls_free( ssl->handshake->transform_handshake );
@ -4067,9 +4069,11 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )

 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
    mbedtls_ssl_transform_free( handshake->transform_handshake );
+    mbedtls_free( handshake->transform_handshake );
+#if defined(MBEDTLS_SSL_EARLY_DATA)
    mbedtls_ssl_transform_free( handshake->transform_earlydata );
    mbedtls_free( handshake->transform_earlydata );
-    mbedtls_free( handshake->transform_handshake );
+#endif
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */