runner: UpdateForHelloRetryRequest cannot fail.

Also avoid unnecessarily stashing a copy of the serialized old
ClientHello.

Change-Id: I699299f0ce767ba059fbb08e8f2140793a649322
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46628
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 7858ede..116e2be 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -758,10 +758,7 @@
 
 	hs.finishedHash.WriteHandshake(helloBytes, hs.c.sendHandshakeSeq-1)
 	if haveHelloRetryRequest {
-		err = hs.finishedHash.UpdateForHelloRetryRequest()
-		if err != nil {
-			return err
-		}
+		hs.finishedHash.UpdateForHelloRetryRequest()
 		hs.writeServerHash(helloRetryRequest.marshal())
 		hs.writeClientHash(secondHelloBytes)
 	}
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 491b030..ecc4078 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -621,11 +621,7 @@
 	}
 
 	if sendHelloRetryRequest {
-		if err := hs.finishedHash.UpdateForHelloRetryRequest(); err != nil {
-			return err
-		}
-
-		oldClientHelloBytes := hs.clientHello.marshal()
+		hs.finishedHash.UpdateForHelloRetryRequest()
 		hs.writeServerHash(helloRetryRequest.marshal())
 		if c.config.Bugs.PartialServerHelloWithHelloRetryRequest {
 			data := helloRetryRequest.marshal()
@@ -711,7 +707,7 @@
 			}
 			if found {
 				binderToVerify := newClientHello.pskBinders[pskIndex]
-				if err := verifyPSKBinder(c.wireVersion, newClientHello, hs.sessionState, binderToVerify, oldClientHelloBytes, helloRetryRequest.marshal()); err != nil {
+				if err := verifyPSKBinder(c.wireVersion, newClientHello, hs.sessionState, binderToVerify, hs.clientHello.marshal(), helloRetryRequest.marshal()); err != nil {
 					return err
 				}
 			} else if !config.Bugs.AcceptAnySession {
diff --git a/ssl/test/runner/prf.go b/ssl/test/runner/prf.go
index 478d402..66c427f 100644
--- a/ssl/test/runner/prf.go
+++ b/ssl/test/runner/prf.go
@@ -227,7 +227,7 @@
 	secret []byte
 }
 
-func (h *finishedHash) UpdateForHelloRetryRequest() (err error) {
+func (h *finishedHash) UpdateForHelloRetryRequest() {
 	data := newByteBuilder()
 	data.addU8(typeMessageHash)
 	data.addU24(h.hash.Size())
@@ -237,7 +237,6 @@
 		h.buffer = []byte{}
 	}
 	h.Write(data.finish())
-	return nil
 }
 
 func (h *finishedHash) Write(msg []byte) (n int, err error) {