tls13: Introduce early_data_state SSL context field
Introduce early_data_state SSL context field to
distinguish better this internal state from
the status values defined for the
mbedtls_ssl_get_early_data_status() API.
Distinguish also between the client and
server states. Note that the client state
are going to be documented and reworked
as part of the implementation of
mbedtls_ssl_write_early_data().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/ssl_debug_helpers.h b/library/ssl_debug_helpers.h
index 2b0e737..3410c90 100644
--- a/library/ssl_debug_helpers.h
+++ b/library/ssl_debug_helpers.h
@@ -49,6 +49,11 @@
unsigned int flags);
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+const char *mbedtls_ssl_cli_early_data_state_str(enum mbedtls_ssl_cli_early_data_state in);
+const char *mbedtls_ssl_srv_early_data_state_str(enum mbedtls_ssl_srv_early_data_state in);
+#endif
+
#define MBEDTLS_SSL_PRINT_EXTS(level, hs_msg_type, extensions_mask) \
mbedtls_ssl_print_extensions(ssl, level, __FILE__, __LINE__, \
hs_msg_type, extensions_mask, NULL)
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9439408..2a488bb 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2130,30 +2130,6 @@
unsigned char *buf,
const unsigned char *end,
size_t *out_len);
-
-#if defined(MBEDTLS_SSL_SRV_C)
-/* Additional internal early data status, server side only. */
-/*
- * The server has not received the ClientHello yet, the status of early data
- * is thus unknown.
- */
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \
- MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT
-
-/*
- * The server has received the ClientHello, it contained no early data
- * extension.
- */
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3
-
-/*
- * The server has received the early data extension, it has accepted early
- * data and received the end of early data message from the client marking the
- * end of early data reception.
- */
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4
-#endif /* MBEDTLS_SSL_SRV_C */
-
#endif /* MBEDTLS_SSL_EARLY_DATA */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 825ca8f..c6ba115 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -5888,8 +5888,10 @@
return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA;
}
- if ((ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN) &&
- (ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED)) {
+ if ((ssl->early_data_state.srv !=
+ MBEDTLS_SSL_SRV_EARLY_DATA_STATE_WAITING_CH) &&
+ (ssl->early_data_state.srv !=
+ MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING)) {
return MBEDTLS_ERR_SSL_CANNOT_READ_EARLY_DATA;
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 72db821..50a8cd2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1099,13 +1099,7 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
-#if defined(MBEDTLS_SSL_SRV_C)
- MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0,
- "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0");
-#endif
- MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0,
- "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0");
- ssl->early_data_status = 0;
+ ssl->early_data_state.cli = 0;
#endif
/* Initialize structures */
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 76f0f18..94bbfe8 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -1195,10 +1195,10 @@
* `accepted` if the EncryptedExtension message contain an early data
* indication extension.
*/
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED;
+ ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED;
} else {
MBEDTLS_SSL_DEBUG_MSG(2, ("<= skip write early_data extension"));
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT;
+ ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT;
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -1235,7 +1235,7 @@
size_t psk_len;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) {
+ if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED) {
MBEDTLS_SSL_DEBUG_MSG(
1, ("Set hs psk for early data when writing the first psk"));
@@ -1916,7 +1916,7 @@
* cases we compute it here.
*/
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT ||
+ if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_NOT_SENT ||
handshake->key_exchange_mode ==
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL)
#endif
@@ -2228,7 +2228,7 @@
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
}
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED;
+ ssl->early_data_state.cli = MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED;
}
#endif
@@ -2565,9 +2565,9 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_ACCEPTED) {
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_END_OF_EARLY_DATA);
- } else if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) {
+ } else if (ssl->early_data_state.cli == MBEDTLS_SSL_CLI_EARLY_DATA_STATE_REJECTED) {
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
} else
#endif /* MBEDTLS_SSL_EARLY_DATA */
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 6933d1a..9fcea58 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1780,8 +1780,8 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
-static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl,
- int hrr_required)
+static void ssl_tls13_update_early_data_state(mbedtls_ssl_context *ssl,
+ int hrr_required)
{
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@@ -1789,11 +1789,11 @@
MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) {
MBEDTLS_SSL_DEBUG_MSG(
1, ("EarlyData: no early data extension received."));
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED;
+ ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_NOT_RECEIVED;
return;
}
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED;
+ ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_REJECTED;
if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) {
MBEDTLS_SSL_DEBUG_MSG(
@@ -1856,7 +1856,7 @@
return;
}
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED;
+ ssl->early_data_state.srv = MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING;
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -1890,9 +1890,9 @@
#if defined(MBEDTLS_SSL_EARLY_DATA)
/* There is enough information, update early data status. */
- ssl_tls13_update_early_data_status(ssl, hrr_required);
+ ssl_tls13_update_early_data_state(ssl, hrr_required);
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) {
ret = mbedtls_ssl_tls13_compute_early_transform(ssl);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(
@@ -2541,7 +2541,7 @@
#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) {
ret = mbedtls_ssl_tls13_write_early_data_ext(
ssl, 0, p, end, &output_len);
if (ret != 0) {
@@ -2868,7 +2868,7 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->early_data_state.srv == MBEDTLS_SSL_SRV_EARLY_DATA_STATE_ACCEPTING) {
/* See RFC 8446 section A.2 for more information */
MBEDTLS_SSL_DEBUG_MSG(
1, ("Switch to early keys for inbound traffic. "
@@ -3011,8 +3011,8 @@
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data(
ssl, buf, buf + buf_len));
- ssl->early_data_status =
- MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED;
+ ssl->early_data_state.srv =
+ MBEDTLS_SSL_SRV_EARLY_DATA_STATE_EOED_RECEIVED;
MBEDTLS_SSL_DEBUG_MSG(
1, ("Switch to handshake keys for inbound traffic"