From c1ddeef53aa547956f63a5da74f4e93f1865fa35 Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Fri, 8 Oct 2021 15:14:45 +0800
Subject: [PATCH] fix various issues

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_misc.h       |  4 +---
 library/ssl_msg.c        |  3 ---
 library/ssl_tls.c        | 20 +++++++++++---------
 library/ssl_tls13_keys.h |  8 ++------
 4 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 6f83fc3276..06351fc0c7 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1501,9 +1501,7 @@ int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl,
 int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl,
                                             size_t buf_len,
                                             size_t msg_len );
-/*
- * Update checksum with handshake header
- */
+
 void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
                                                unsigned hs_type,
                                                size_t total_hs_len );
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index e636762c53..13a9e0ff31 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5558,9 +5558,6 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
 void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
                                         mbedtls_ssl_transform *transform )
 {
-    if( ssl->transform_in == transform )
-        return;
-
     ssl->transform_in = transform;
     mbedtls_platform_zeroize( ssl->in_ctr, MBEDTLS_SSL_COUNTER_LEN );
 }
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 58b81ff26d..26cf6b3e09 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -7062,20 +7062,22 @@ int mbedtls_ssl_get_handshake_transcript( mbedtls_ssl_context *ssl,
                                           size_t dst_len,
                                           size_t *olen )
 {
+    switch( md )
+    {
+
 #if defined(MBEDTLS_SHA384_C)
-    if( md == MBEDTLS_MD_SHA384 )
-    {
+    case MBEDTLS_MD_SHA384:
         return( ssl_get_handshake_transcript_sha384( ssl, dst, dst_len, olen ) );
-    }
-    else
-#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_SHA384_C */
+
 #if defined(MBEDTLS_SHA256_C)
-    if( md == MBEDTLS_MD_SHA256 )
-    {
+    case MBEDTLS_MD_SHA256:
         return( ssl_get_handshake_transcript_sha256( ssl, dst, dst_len, olen ) );
-    }
-    else
 #endif /* MBEDTLS_SHA256_C */
+
+    default:
+        break;
+    }
     return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
 }
 #endif /* !MBEDTLS_USE_PSA_CRYPTO */
diff --git a/library/ssl_tls13_keys.h b/library/ssl_tls13_keys.h
index 45b0fdfa4c..866aae9117 100644
--- a/library/ssl_tls13_keys.h
+++ b/library/ssl_tls13_keys.h
@@ -534,22 +534,18 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
 /*
  * TLS 1.3 key schedule evolutions
  *
- *   Early Data -> Handshake -> Application
+ *   Early -> Handshake -> Application
  *
  * Small wrappers around mbedtls_ssl_tls1_3_evolve_secret().
  */
 
 /**
- * \brief Begin TLS 1.3 key schedule by calculating early secret
- *        from chosen PSK.
+ * \brief Begin TLS 1.3 key schedule by calculating early secret.
  *
  *        The TLS 1.3 key schedule can be viewed as a simple state machine
  *        with states Initial -> Early -> Handshake -> Application, and
  *        this function represents the Initial -> Early transition.
  *
- *        In the early stage, mbedtls_ssl_tls1_3_generate_early_data_keys()
- *        can be used to derive the 0-RTT traffic keys.
- *
  * \param ssl  The SSL context to operate on.
  *
  * \returns    \c 0 on success.