Update mbedtls_ssl_handshake_free() and address review comments.

Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
This commit is contained in:
Xiaofei Bai 2022-02-08 09:59:23 +00:00
parent 51f515a503
commit c234ecf695
3 changed files with 13 additions and 11 deletions

View File

@ -5579,7 +5579,12 @@ void mbedtls_ssl_handshake_free( mbedtls_ssl_context *ssl )
mbedtls_free( (void*) handshake->sig_algs );
handshake->sig_algs = NULL;
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( ssl->handshake->certificate_request_context )
{
mbedtls_free( (void*) handshake->certificate_request_context );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)

View File

@ -1468,6 +1468,7 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
if( certificate_request_context_len > 0 )
{
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_request_context_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "Certificate Request Context",
p, certificate_request_context_len );
@ -1479,7 +1480,6 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
return ( MBEDTLS_ERR_SSL_ALLOC_FAILED );
}
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, certificate_request_context_len );
memcpy( handshake->certificate_request_context, p,
certificate_request_context_len );
p += certificate_request_context_len;
@ -1523,7 +1523,7 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
{
MBEDTLS_SSL_DEBUG_MSG( 3,
( "Duplicate signature algorithms extensions found" ) );
goto error;
goto decode_error;
}
break;
@ -1540,23 +1540,21 @@ static int ssl_tls13_parse_certificate_request( mbedtls_ssl_context *ssl,
if( p != end )
{
MBEDTLS_SSL_DEBUG_MSG( 1,
( "CertificateRequset misaligned" ) );
goto error;
( "CertificateRequest misaligned" ) );
goto decode_error;
}
/* Check that we found signature algorithms extension */
if( ! sig_alg_ext_found )
{
MBEDTLS_SSL_DEBUG_MSG( 3,
( "no signature algorithms extension found" ) );
MBEDTLS_SSL_DEBUG_MSG( 1,
( "ssl_tls13_parse_certificate_request" ) );
goto error;
goto decode_error;
}
ssl->client_auth = 1;
return( 0 );
error:
decode_error:
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
MBEDTLS_ERR_SSL_DECODE_ERROR );
return( MBEDTLS_ERR_SSL_DECODE_ERROR );

View File

@ -158,9 +158,8 @@ int mbedtls_ssl_tls13_parse_sig_alg_ext( mbedtls_ssl_context *ssl,
size_t supported_sig_algs_len = 0;
const unsigned char *supported_sig_algs_end;
uint16_t sig_alg;
uint32_t common_idx = 0; /* iterate through received signature schemes list */
uint32_t common_idx = 0;
/* skip 2 bytes of signature algorithms length */
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
supported_sig_algs_len = MBEDTLS_GET_UINT16_BE( p, 0 );
p += 2;