Add early data status update

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-02-08 13:55:24 +08:00 · 2023-02-08 13:55:24 +08:00 · ab0da370a4
commit ab0da370a4
parent 1eb0bd557d
1 changed files with 40 additions and 0 deletions
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -1749,6 +1749,40 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
    return hrr_required ? SSL_CLIENT_HELLO_HRR_REQUIRED : SSL_CLIENT_HELLO_OK;
 }

+#if defined(MBEDTLS_SSL_EARLY_DATA)
+static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl)
+{
+    mbedtls_ssl_handshake_params *handshake = ssl->handshake;
+
+    if ((handshake->received_extensions &
+         MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) {
+        MBEDTLS_SSL_DEBUG_MSG(
+            1, ("EarlyData: early data extension is not received."));
+        ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED;
+        return;
+    }
+
+    ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED;
+
+    if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) {
+        MBEDTLS_SSL_DEBUG_MSG(
+            1, ("EarlyData: rejected. configured disabled."));
+        return;
+    }
+
+    MBEDTLS_SSL_DEBUG_MSG(
+        3, ("EarlyData: conf->max_early_data_size = %u",
+            (unsigned int) ssl->conf->max_early_data_size));
+
+    /* TODO: Add more checks here. */
+
+    MBEDTLS_SSL_DEBUG_MSG(
+        1, ("EarlyData: For time being, it should not happen."));
+    ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED;
+
+}
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
 /* Update the handshake state machine */

 MBEDTLS_CHECK_RETURN_CRITICAL
@ -1775,6 +1809,12 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl)
        return ret;
    }

+#if defined(MBEDTLS_SSL_EARLY_DATA)
+    /* There is enough information, update early data state. */
+    ssl_tls13_update_early_data_status(ssl);
+
+#endif /* MBEDTLS_SSL_EARLY_DATA */
+
    return 0;

 }