tls13: srv: Do not use early_data_status
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9439408..c9632f9 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -650,6 +650,10 @@
/* Flag indicating if a CertificateRequest message has been sent
* to the client or not. */
uint8_t certificate_request_sent;
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+ /* Flag indicating if the server has accepted early data or not. */
+ uint8_t early_data_accepted;
+#endif
#endif /* MBEDTLS_SSL_SRV_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
@@ -2130,30 +2134,6 @@
unsigned char *buf,
const unsigned char *end,
size_t *out_len);
-
-#if defined(MBEDTLS_SSL_SRV_C)
-/* Additional internal early data status, server side only. */
-/*
- * The server has not received the ClientHello yet, the status of early data
- * is thus unknown.
- */
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN \
- MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT
-
-/*
- * The server has received the ClientHello, it contained no early data
- * extension.
- */
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED 3
-
-/*
- * The server has received the early data extension, it has accepted early
- * data and received the end of early data message from the client marking the
- * end of early data reception.
- */
-#define MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED 4
-#endif /* MBEDTLS_SSL_SRV_C */
-
#endif /* MBEDTLS_SSL_EARLY_DATA */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 72db821..c952add 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1098,14 +1098,8 @@
return MBEDTLS_ERR_SSL_ALLOC_FAILED;
}
-#if defined(MBEDTLS_SSL_EARLY_DATA)
-#if defined(MBEDTLS_SSL_SRV_C)
- MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN == 0,
- "MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN not equal to 0");
-#endif
- MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT == 0,
- "MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT not equal to 0");
- ssl->early_data_status = 0;
+#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
+ ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT;
#endif
/* Initialize structures */
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 4bdb7e7..8bd70ef 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1780,8 +1780,8 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
-static void ssl_tls13_update_early_data_status(mbedtls_ssl_context *ssl,
- int hrr_required)
+static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl,
+ int hrr_required)
{
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
@@ -1789,22 +1789,19 @@
MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) {
MBEDTLS_SSL_DEBUG_MSG(
1, ("EarlyData: no early data extension received."));
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_RECEIVED;
- return;
+ return 0;
}
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED;
-
if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) {
MBEDTLS_SSL_DEBUG_MSG(
1,
("EarlyData: rejected, feature disabled in server configuration."));
- return;
+ return 0;
}
if (hrr_required) {
MBEDTLS_SSL_DEBUG_MSG(1, ("EarlyData: rejected, HRR required."));
- return;
+ return 0;
}
if (!handshake->resume) {
@@ -1813,7 +1810,7 @@
resumption. */
MBEDTLS_SSL_DEBUG_MSG(
1, ("EarlyData: rejected, not a session resumption."));
- return;
+ return 0;
}
/* RFC 8446 4.2.10
@@ -1836,7 +1833,7 @@
MBEDTLS_SSL_DEBUG_MSG(
1, ("EarlyData: rejected, the selected key in "
"`pre_shared_key` is not the first one."));
- return;
+ return 0;
}
if (handshake->ciphersuite_info->id !=
@@ -1844,7 +1841,7 @@
MBEDTLS_SSL_DEBUG_MSG(
1, ("EarlyData: rejected, the selected ciphersuite is not the one "
"of the selected pre-shared key."));
- return;
+ return 0;
}
@@ -1853,11 +1850,10 @@
1,
("EarlyData: rejected, early_data not allowed in ticket "
"permission bits."));
- return;
+ return 0;
}
- ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED;
-
+ return 1;
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
@@ -1889,10 +1885,10 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
- /* There is enough information, update early data status. */
- ssl_tls13_update_early_data_status(ssl, hrr_required);
+ ssl->handshake->early_data_accepted =
+ ssl_tls13_is_early_data_accepted(ssl, hrr_required);
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->handshake->early_data_accepted) {
ret = mbedtls_ssl_tls13_compute_early_transform(ssl);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(
@@ -2541,7 +2537,7 @@
#endif /* MBEDTLS_SSL_ALPN */
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->handshake->early_data_accepted) {
ret = mbedtls_ssl_tls13_write_early_data_ext(
ssl, 0, p, end, &output_len);
if (ret != 0) {
@@ -2868,7 +2864,7 @@
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
- if (ssl->early_data_status == MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED) {
+ if (ssl->handshake->early_data_accepted) {
/* See RFC 8446 section A.2 for more information */
MBEDTLS_SSL_DEBUG_MSG(
1, ("Switch to early keys for inbound traffic. "
@@ -3015,9 +3011,6 @@
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_end_of_early_data(
ssl, buf, buf + buf_len));
- ssl->early_data_status =
- MBEDTLS_SSL_EARLY_DATA_STATUS_END_OF_EARLY_DATA_RECEIVED;
-
MBEDTLS_SSL_DEBUG_MSG(
1, ("Switch to handshake keys for inbound traffic"
"( K_recv = handshake )"));