From a763498490601288b651f3f3843d06cd17a1693a Mon Sep 17 00:00:00 2001
From: XiaokangQian <xiaokang.qian@arm.com>
Date: Fri, 22 Oct 2021 06:32:32 +0000
Subject: [PATCH] Change code based on commetns

Focus on the code style, naming rule,etc.

Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>
---
 include/mbedtls/ssl.h                |  9 +++++++--
 library/ssl_tls13_generic.c          |  8 ++++----
 library/ssl_tls13_keys.c             | 16 ++++++++--------
 library/ssl_tls13_keys.h             |  6 +++---
 tests/suites/test_suite_ssl.function |  4 ++--
 5 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 3e1018125..b88351f90 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -39,6 +39,7 @@
 #if defined(MBEDTLS_DHM_C)
 #include "mbedtls/dhm.h"
 #endif
+
 /* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
  * to guards also being in ssl_srv.c and ssl_cli.c. There is a gap
  * in functionality that access to ecdh_ctx structure is needed for
@@ -1050,13 +1051,15 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );
 #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED &&
           !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
 typedef struct
 {
     unsigned char client_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ];
     unsigned char server_application_traffic_secret_N[ MBEDTLS_MD_MAX_SIZE ];
     unsigned char exporter_master_secret             [ MBEDTLS_MD_MAX_SIZE ];
     unsigned char resumption_master_secret           [ MBEDTLS_MD_MAX_SIZE ];
-} mbedtls_ssl_tls1_3_application_secrets;
+} mbedtls_ssl_tls13_application_secrets;
+#endif
 
 #if defined(MBEDTLS_SSL_DTLS_SRTP)
 
@@ -1122,7 +1125,9 @@ struct mbedtls_ssl_session
      * to be studied whether one of them can be removed. */
     unsigned char MBEDTLS_PRIVATE(minor_ver);    /*!< The TLS version used in the session. */
 
-    mbedtls_ssl_tls1_3_application_secrets MBEDTLS_PRIVATE(app_secrets);
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
+    mbedtls_ssl_tls13_application_secrets MBEDTLS_PRIVATE(app_secrets);
+#endif
 
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 #if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 87bc12ce2..1d41cd3d3 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -870,7 +870,7 @@ int mbedtls_ssl_tls13_finished_in_process( mbedtls_ssl_context* ssl )
     unsigned char *buf;
     size_t buflen;
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server finished_in_process" ) );
 
     /* Preprocessing step: Compute handshake digest */
     MBEDTLS_SSL_PROC_CHK( ssl_tls13_finished_in_preprocess( ssl ) );
@@ -885,7 +885,7 @@ int mbedtls_ssl_tls13_finished_in_process( mbedtls_ssl_context* ssl )
 
 cleanup:
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse finished" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server finished_in_process" ) );
     return( ret );
 }
 
@@ -893,14 +893,14 @@ static int ssl_tls13_finished_in_preprocess( mbedtls_ssl_context* ssl )
 {
     int ret;
 
-    ret = mbedtls_ssl_tls1_3_calc_finished( ssl,
+    ret = mbedtls_ssl_tls1_3_calculate_expected_finished( ssl,
                     ssl->handshake->state_local.finished_in.digest,
                     sizeof( ssl->handshake->state_local.finished_in.digest ),
                     &ssl->handshake->state_local.finished_in.digest_len,
                     ssl->conf->endpoint ^ 1 );
     if( ret != 0 )
     {
-        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_calc_finished", ret );
+        MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_tls1_3_calculate_expected_finished", ret );
         return( ret );
     }
 
diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c
index ddbeb626e..85026f538 100644
--- a/library/ssl_tls13_keys.c
+++ b/library/ssl_tls13_keys.c
@@ -469,7 +469,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
           mbedtls_md_type_t md_type,
           unsigned char const *application_secret,
           unsigned char const *transcript, size_t transcript_len,
-          mbedtls_ssl_tls1_3_application_secrets *derived )
+          mbedtls_ssl_tls13_application_secrets *derived )
 {
     int ret;
     mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
@@ -539,7 +539,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
           mbedtls_md_type_t md_type,
           unsigned char const *application_secret,
           unsigned char const *transcript, size_t transcript_len,
-          mbedtls_ssl_tls1_3_application_secrets *derived )
+          mbedtls_ssl_tls13_application_secrets *derived )
 {
     int ret;
     mbedtls_md_info_t const * const md_info = mbedtls_md_info_from_type( md_type );
@@ -643,13 +643,13 @@ exit:
     return( ret );
 }
 
-int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context* ssl,
+int mbedtls_ssl_tls1_3_calculate_expected_finished( mbedtls_ssl_context* ssl,
                                       unsigned char* dst,
                                       size_t dst_len,
                                       size_t *actual_len,
                                       int from )
 {
-    int ret;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
     unsigned char transcript[MBEDTLS_MD_MAX_SIZE];
     size_t transcript_len;
@@ -660,7 +660,7 @@ int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context* ssl,
     const mbedtls_md_info_t* const md = mbedtls_md_info_from_type( md_type );
     size_t const md_size = mbedtls_md_get_size( md );
 
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls1_3_calc_finished" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> mbedtls_ssl_tls1_3_calculate_expected_finished" ) );
 
     if( dst_len < md_size )
         return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
@@ -686,7 +686,7 @@ int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context* ssl,
     *actual_len = md_size;
 
     MBEDTLS_SSL_DEBUG_BUF( 3, "verify_data for finished message", dst, md_size );
-    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls1_3_calc_finished" ) );
+    MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= mbedtls_ssl_tls1_3_calculate_expected_finished" ) );
     return( 0 );
 }
 
@@ -1111,10 +1111,10 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
                                         mbedtls_ssl_context *ssl,
                                         mbedtls_ssl_key_set *traffic_keys )
 {
-    int ret = 0;
+    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
     /* Address at which to store the application secrets */
-    mbedtls_ssl_tls1_3_application_secrets * const app_secrets =
+    mbedtls_ssl_tls13_application_secrets * const app_secrets =
         &ssl->session_negotiate->app_secrets;
 
     /* Holding the transcript up to and including the ServerFinished */
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 31a5029b4..2509cffd5 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -344,7 +344,7 @@ int mbedtls_ssl_tls1_3_derive_application_secrets(
           mbedtls_md_type_t md_type,
           unsigned char const *master_secret,
           unsigned char const *transcript, size_t transcript_len,
-          mbedtls_ssl_tls1_3_application_secrets *derived );
+          mbedtls_ssl_tls13_application_secrets *derived );
 
 /**
  * \brief Derive TLS 1.3 resumption master secret from the master secret.
@@ -374,7 +374,7 @@ int mbedtls_ssl_tls1_3_derive_resumption_master_secret(
           mbedtls_md_type_t md_type,
           unsigned char const *application_secret,
           unsigned char const *transcript, size_t transcript_len,
-          mbedtls_ssl_tls1_3_application_secrets *derived );
+          mbedtls_ssl_tls13_application_secrets *derived );
 
 /**
  * \brief Compute the next secret in the TLS 1.3 key schedule
@@ -625,7 +625,7 @@ int mbedtls_ssl_tls1_3_generate_application_keys(
  * \returns    \c 0 on success.
  * \returns    A negative error code on failure.
  */
-int mbedtls_ssl_tls1_3_calc_finished( mbedtls_ssl_context *ssl,
+int mbedtls_ssl_tls1_3_calculate_expected_finished( mbedtls_ssl_context *ssl,
                                       unsigned char *dst,
                                       size_t dst_len,
                                       size_t *actual_len,
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 75eda1dcd..6d262cee2 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -3862,7 +3862,7 @@ void ssl_tls1_3_derive_application_secrets( int hash_alg,
                                           data_t *server_expected,
                                           data_t *exporter_expected )
 {
-    mbedtls_ssl_tls1_3_application_secrets secrets;
+    mbedtls_ssl_tls13_application_secrets secrets;
 
     /* Double-check that we've passed sane parameters. */
     mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;
@@ -3894,7 +3894,7 @@ void ssl_tls1_3_derive_resumption_secrets( int hash_alg,
                                            data_t *transcript,
                                            data_t *resumption_expected )
 {
-    mbedtls_ssl_tls1_3_application_secrets secrets;
+    mbedtls_ssl_tls13_application_secrets secrets;
 
     /* Double-check that we've passed sane parameters. */
     mbedtls_md_type_t md_type = (mbedtls_md_type_t) hash_alg;