tls13: Improve declaration and doc of early data status
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
parent
b9a9b1f5a5
commit
d6d32b9210
3 changed files with 52 additions and 43 deletions
|
@ -734,6 +734,51 @@ typedef enum {
|
|||
}
|
||||
mbedtls_ssl_states;
|
||||
|
||||
/*
|
||||
* Early data status, client side only.
|
||||
*/
|
||||
|
||||
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
|
||||
typedef enum {
|
||||
/*
|
||||
* The client has not sent the first ClientHello yet, it is unknown if the
|
||||
* client will send an early data indication extension or not.
|
||||
*/
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN,
|
||||
|
||||
/*
|
||||
* See documentation of mbedtls_ssl_get_early_data_status().
|
||||
*/
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT,
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED,
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED,
|
||||
|
||||
/*
|
||||
* The client has sent an early data indication extension in its first
|
||||
* ClientHello, it has not received the response (ServerHello or
|
||||
* HelloRetryRequest) from the server yet. The transform to protect early data
|
||||
* is not set and early data cannot be sent yet.
|
||||
*/
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_SENT,
|
||||
|
||||
/*
|
||||
* The client has sent an early data indication extension in its first
|
||||
* ClientHello, it has not received the response (ServerHello or
|
||||
* HelloRetryRequest) from the server yet. The transform to protect early data
|
||||
* has been set and early data can be written now.
|
||||
*/
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE,
|
||||
|
||||
/*
|
||||
* The client has sent an early data indication extension in its first
|
||||
* ClientHello, the server has accepted them and the client has received the
|
||||
* server Finished message. It cannot send early data to the server anymore.
|
||||
*/
|
||||
MBEDTLS_SSL_EARLY_DATA_STATUS_SERVER_FINISHED_RECEIVED,
|
||||
} mbedtls_ssl_early_data_status;
|
||||
|
||||
#endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_CLI_C */
|
||||
|
||||
/**
|
||||
* \brief Callback type: send data on the network.
|
||||
*
|
||||
|
@ -1676,14 +1721,10 @@ struct mbedtls_ssl_context {
|
|||
|
||||
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
|
||||
/**
|
||||
* Status of the negotiation of the use of early data.
|
||||
* See the documentation of mbedtls_ssl_get_early_data_status() for more
|
||||
* information.
|
||||
*
|
||||
* Reset to #MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN when the context is
|
||||
* reset.
|
||||
* Status of the negotiation of the use of early data. Reset to
|
||||
* MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN when the context is reset.
|
||||
*/
|
||||
int MBEDTLS_PRIVATE(early_data_status);
|
||||
mbedtls_ssl_early_data_status MBEDTLS_PRIVATE(early_data_status);
|
||||
#endif
|
||||
|
||||
unsigned MBEDTLS_PRIVATE(badmac_seen); /*!< records with a bad MAC received */
|
||||
|
@ -5106,10 +5147,6 @@ int mbedtls_ssl_close_notify(mbedtls_ssl_context *ssl);
|
|||
|
||||
#if defined(MBEDTLS_SSL_EARLY_DATA)
|
||||
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT 1
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED 2
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED 3
|
||||
|
||||
#if defined(MBEDTLS_SSL_SRV_C)
|
||||
/**
|
||||
* \brief Read at most 'len' bytes of early data
|
||||
|
|
|
@ -21,6 +21,10 @@
|
|||
|
||||
const char *mbedtls_ssl_states_str(mbedtls_ssl_states in);
|
||||
|
||||
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
|
||||
const char *mbedtls_ssl_early_data_status_str(mbedtls_ssl_early_data_status in);
|
||||
#endif
|
||||
|
||||
const char *mbedtls_ssl_protocol_version_str(mbedtls_ssl_protocol_version in);
|
||||
|
||||
const char *mbedtls_tls_prf_types_str(mbedtls_tls_prf_types in);
|
||||
|
|
|
@ -2150,38 +2150,6 @@ int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl,
|
|||
unsigned char *buf,
|
||||
const unsigned char *end,
|
||||
size_t *out_len);
|
||||
|
||||
#if defined(MBEDTLS_SSL_CLI_C)
|
||||
/*
|
||||
* The client has not sent the first ClientHello yet, it is unknown if the
|
||||
* client will send an early data indication extension or not.
|
||||
*/
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN 0
|
||||
|
||||
/*
|
||||
* The client has sent an early data indication extension in its first
|
||||
* ClientHello, it has not received the response (ServerHello or
|
||||
* HelloRetryRequest) from the server yet. The transform to protect early data
|
||||
* is not set and early data cannot be sent yet.
|
||||
*/
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_SENT 4
|
||||
|
||||
/*
|
||||
* The client has sent an early data indication extension in its first
|
||||
* ClientHello, it has not received the response (ServerHello or
|
||||
* HelloRetryRequest) from the server yet. The transform to protect early data
|
||||
* has been set and early data can be written now.
|
||||
*/
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE 5
|
||||
|
||||
/*
|
||||
* The client has sent an early data indication extension in its first
|
||||
* ClientHello, the server has accepted them and the client has received the
|
||||
* server Finished message. It cannot send early data to the server anymore.
|
||||
*/
|
||||
#define MBEDTLS_SSL_EARLY_DATA_STATUS_SERVER_FINISHED_RECEIVED 6
|
||||
#endif /* MBEDTLS_SSL_CLI_C */
|
||||
|
||||
#endif /* MBEDTLS_SSL_EARLY_DATA */
|
||||
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
|
Loading…
Reference in a new issue