From ebd652fe2dfc2c82d774bfd334398279d9027492 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Fri, 5 Jan 2018 21:18:59 +0100
Subject: [PATCH] ssl_write_server_key_exchange: calculate hashlen explicitly

The pk layer can infer the hash length from the hash type. Calculate
it explicitly here anyway because it's needed for debugging purposes,
and it's needed for the upcoming feature allowing the signature
operation to be offloaded to an external cryptographic processor, as
the offloading code will need to know what length hash to copy.
---
 library/ssl_srv.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index bc94ebb982..84c8e1e117 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -3135,8 +3135,7 @@ curve_matching_done:
 
             mbedtls_md_init( &ctx );
 
-            /* Info from md_alg will be used instead */
-            hashlen = 0;
+            hashlen = mbedtls_md_get_size( md_info );
 
             /*
              * digitally-signed struct {
@@ -3165,8 +3164,7 @@ curve_matching_done:
             return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
         }
 
-        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
-            (unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) );
+        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
 
         /*
          * 3.3: Compute and add the signature