runner: UpdateForHelloRetryRequest cannot fail.
Also avoid unnecessarily stashing a copy of the serialized old
ClientHello.
Change-Id: I699299f0ce767ba059fbb08e8f2140793a649322
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/46628
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 7858ede..116e2be 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go
@@ -758,10 +758,7 @@
hs.finishedHash.WriteHandshake(helloBytes, hs.c.sendHandshakeSeq-1)
if haveHelloRetryRequest {
- err = hs.finishedHash.UpdateForHelloRetryRequest()
- if err != nil {
- return err
- }
+ hs.finishedHash.UpdateForHelloRetryRequest()
hs.writeServerHash(helloRetryRequest.marshal())
hs.writeClientHash(secondHelloBytes)
}
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 491b030..ecc4078 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -621,11 +621,7 @@
}
if sendHelloRetryRequest {
- if err := hs.finishedHash.UpdateForHelloRetryRequest(); err != nil {
- return err
- }
-
- oldClientHelloBytes := hs.clientHello.marshal()
+ hs.finishedHash.UpdateForHelloRetryRequest()
hs.writeServerHash(helloRetryRequest.marshal())
if c.config.Bugs.PartialServerHelloWithHelloRetryRequest {
data := helloRetryRequest.marshal()
@@ -711,7 +707,7 @@
}
if found {
binderToVerify := newClientHello.pskBinders[pskIndex]
- if err := verifyPSKBinder(c.wireVersion, newClientHello, hs.sessionState, binderToVerify, oldClientHelloBytes, helloRetryRequest.marshal()); err != nil {
+ if err := verifyPSKBinder(c.wireVersion, newClientHello, hs.sessionState, binderToVerify, hs.clientHello.marshal(), helloRetryRequest.marshal()); err != nil {
return err
}
} else if !config.Bugs.AcceptAnySession {
diff --git a/ssl/test/runner/prf.go b/ssl/test/runner/prf.go
index 478d402..66c427f 100644
--- a/ssl/test/runner/prf.go
+++ b/ssl/test/runner/prf.go
@@ -227,7 +227,7 @@
secret []byte
}
-func (h *finishedHash) UpdateForHelloRetryRequest() (err error) {
+func (h *finishedHash) UpdateForHelloRetryRequest() {
data := newByteBuilder()
data.addU8(typeMessageHash)
data.addU24(h.hash.Size())
@@ -237,7 +237,6 @@
h.buffer = []byte{}
}
h.Write(data.finish())
- return nil
}
func (h *finishedHash) Write(msg []byte) (n int, err error) {