mbedtls_ssl_get_key_exchange_md_tls1_2: return hashlen

In mbedtls_ssl_get_key_exchange_md_tls1_2, add an output parameter for the hash length. The code that calls this function can currently do without it, but it will need the hash length in the future, when adding support for a third-party callback to calculate the signature of the hash.
2018-04-24 11:53:22 +02:00 · 2018-04-24 11:53:22 +02:00 · ca1d742904
commit ca1d742904
parent 7aeb470f61
4 changed files with 15 additions and 19 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -2526,10 +2526,9 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
    defined(MBEDTLS_SSL_PROTO_TLS1_2)
        if( md_alg != MBEDTLS_MD_NONE )
        {
-            /* Info from md_alg will be used instead */
-            hashlen = 0;
-            ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, params,
-                                                          params_len, md_alg );
+            ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen,
+                                                          params, params_len,
+                                                          md_alg );
            if( ret != 0 )
                return( ret );
        }
@ -2541,8 +2540,7 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
        }

-        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
-            (unsigned int) ( mbedtls_md_get_size( mbedtls_md_info_from_type( md_alg ) ) ) );
+        MBEDTLS_SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );

        if( ssl->session_negotiate->peer_cert == NULL )
        {