Implement the client side of certificate compression. Change-Id: I0aced480af98276ebfe0970b4afb9aa957ee07cb Reviewed-on: https://boringssl-review.googlesource.com/29024 Reviewed-by: Adam Langley <agl@google.com>

commit: 0080d83b9faf8dd325f5f5f92eb56faa93864e4c [log] [tgz]
author: Adam Langley <agl@google.com> Thu Jun 07 16:39:49 2018 -0700
committer: Adam Langley <agl@google.com> Mon Jun 18 22:16:11 2018 +0000
tree: 461fb2eed0bbb68dcf54a7db47d9050fee9ae0e3
parent: f6e5d0d5a16e1bbb4116606c1fc04dd31502fa14 [diff] [blame]
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index 49f528b..b8bd546 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc

@@ -547,8 +547,13 @@
   if (!ssl->method->get_message(ssl, &msg)) {
     return ssl_hs_read_message;
   }
-  if (!ssl_check_message_type(ssl, msg, SSL3_MT_CERTIFICATE) ||
-      !tls13_process_certificate(hs, msg, 0 /* certificate required */) ||
+
+  if (msg.type != SSL3_MT_COMPRESSED_CERTIFICATE &&
+      !ssl_check_message_type(ssl, msg, SSL3_MT_CERTIFICATE)) {
+    return ssl_hs_error;
+  }
+
+  if (!tls13_process_certificate(hs, msg, 0 /* certificate required */) ||
       !ssl_hash_message(hs, msg)) {
     return ssl_hs_error;
   }
commit	0080d83b9faf8dd325f5f5f92eb56faa93864e4c	[log] [tgz]
author	Adam Langley <agl@google.com>	Thu Jun 07 16:39:49 2018 -0700
committer	Adam Langley <agl@google.com>	Mon Jun 18 22:16:11 2018 +0000
tree	461fb2eed0bbb68dcf54a7db47d9050fee9ae0e3
parent	f6e5d0d5a16e1bbb4116606c1fc04dd31502fa14 [diff] [blame]