From d6e253ded9b9ba136399bf65b5c8148e0feb4d2c Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 18 May 2022 13:59:24 +0800
Subject: [PATCH] fix various issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_tls13_generic.c |  2 --
 library/ssl_tls13_keys.h    |  2 +-
 library/ssl_tls13_server.c  | 24 ++++++++----------------
 3 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 525dd1ad5..9d924add6 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -1186,7 +1186,6 @@ static int ssl_tls13_postprocess_finished_message( mbedtls_ssl_context *ssl )
     int ret;
     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER )
     {
-        /* Compute resumption_master_secret */
         ret = mbedtls_ssl_tls13_generate_resumption_master_secret( ssl );
         if( ret != 0 )
         {
@@ -1271,7 +1270,6 @@ static int ssl_tls13_finalize_finished_message( mbedtls_ssl_context *ssl )
 #if defined(MBEDTLS_SSL_CLI_C)
     if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
     {
-        /* Compute resumption_master_secret */
         ret = mbedtls_ssl_tls13_generate_resumption_master_secret( ssl );
         if( ret != 0 )
         {
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 479bb4e27..941a19ebe 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -621,7 +621,7 @@ int mbedtls_ssl_tls13_generate_application_keys(
  * \returns    A negative error code on failure.
  */
 int mbedtls_ssl_tls13_generate_resumption_master_secret(
-    mbedtls_ssl_context* ssl );
+    mbedtls_ssl_context *ssl );
 
 /**
  * \brief Calculate the verify_data value for the client or server TLS 1.3
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index b9ec06441..c6cedf08e 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1477,11 +1477,11 @@ static int ssl_tls13_write_certificate_verify( mbedtls_ssl_context *ssl )
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
 /*
- * State Handler: MBEDTLS_SSL_SERVER_FINISHED
+ * Handler for MBEDTLS_SSL_SERVER_FINISHED
  */
 static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
 {
-    int ret;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
     ret = mbedtls_ssl_tls13_write_finished_message( ssl );
     if( ret != 0 )
@@ -1492,34 +1492,26 @@ static int ssl_tls13_write_server_finished( mbedtls_ssl_context *ssl )
 }
 
 /*
- * State Handler: MBEDTLS_SSL_CLIENT_FINISHED
+ * Handler for MBEDTLS_SSL_CLIENT_FINISHED
  */
 static int ssl_tls13_process_client_finished( mbedtls_ssl_context *ssl )
 {
-    int ret;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
     MBEDTLS_SSL_DEBUG_MSG( 1,
-                  ( "Switch to handshake traffic keys for outbound traffic" ) );
+                  ( "Switch to handshake traffic keys for inbound traffic" ) );
     mbedtls_ssl_set_inbound_transform( ssl, ssl->handshake->transform_handshake );
+
     ret = mbedtls_ssl_tls13_process_finished_message( ssl );
     if( ret != 0 )
         return( ret );
 
     mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP );
     return( 0 );
-
 }
 
 /*
- * State Handler: MBEDTLS_SSL_FLUSH_BUFFERS
- */
-static int ssl_tls13_flush_buffers( mbedtls_ssl_context *ssl )
-{
-    ((void) ssl);
-    return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-}
-
-/*
- * State Handler: MBEDTLS_SSL_HANDSHAKE_WRAPUP
+ * Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
  */
 static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
 {