Update early data doument and config dependencies
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index 71f5bff..f1bb527 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -119,10 +119,6 @@
#undef MBEDTLS_SSL_EARLY_DATA
#endif
-#if !defined(MBEDTLS_SSL_SESSION_TICKETS)
-#undef MBEDTLS_SSL_EARLY_DATA
-#endif
-
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) || \
defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
#define MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 4eb1528..4c4bde4 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -842,11 +842,8 @@
"but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx"
#endif
-/* Early data requires PSK related mode defined */
-#if defined(MBEDTLS_SSL_EARLY_DATA) && \
- ( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \
- ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \
- !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED) ) )
+/* Early data requires MBEDTLS_SSL_SESSION_TICKETS defined */
+#if defined(MBEDTLS_SSL_EARLY_DATA) && !defined(MBEDTLS_SSL_SESSION_TICKETS)
#error "MBEDTLS_SSL_EARLY_DATA defined, but not all prerequisites"
#endif
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index e3bae2c..3c46971 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1637,15 +1637,12 @@
*
* Enable support for RFC 8446 TLS 1.3 early data.
*
-* Requires: MBEDTLS_SSL_SESSION_TICKETS and either
-* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
-* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
+* Requires: MBEDTLS_SSL_SESSION_TICKETS
*
* Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
* is not enabled or both MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED and
-* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED are disabled or
-* MBEDTLS_SSL_SESSION_TICKETS is not enabled, this option does not have any
-* effect on the build.
+* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED are disabled,
+* this option does not have any effect on the build.
*
* This feature is experimental, not completed and thus not ready for
* production.
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8b1ed23..16de0f8 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -802,15 +802,6 @@
#endif
#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_CLI_C)
-/* Define the status of early data.
- * MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN : Initilized.
- * MBEDTLS_SSL_EARLY_DATA_STATUS_INDICATION_SENT: Have sent early data
- * indication in client hello successfully.
- * MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT: Have sent client hello without
- * data indication.
- * MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED: Server side reject the early data.
- * MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED: Server side accept the early data.
- */
#define MBEDTLS_SSL_EARLY_DATA_STATUS_UNKNOWN 0
#define MBEDTLS_SSL_EARLY_DATA_STATUS_NOT_SENT 1
#define MBEDTLS_SSL_EARLY_DATA_STATUS_INDICATION_SENT 2
@@ -822,8 +813,8 @@
typedef uint8_t mbedtls_ssl_tls13_ticket_flags;
#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_RESUMPTION ( 1u << 0 )
-#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION ( 1u << 2 )
-#define MBEDTLS_SSL_TLS1_3_TICKET_HAS_EARLY_DATA_INDACTION ( 1u << 3 )
+#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_PSK_EPHEMERAL_RESUMPTION ( 1u << 1 )
+#define MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA ( 1u << 2 )
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
/**
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index aea7ada..405cce0 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -707,7 +707,7 @@
return( ssl->handshake->resume &&
session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
( session->ticket_flags &
- MBEDTLS_SSL_TLS1_3_TICKET_HAS_EARLY_DATA_INDACTION ) &&
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA ) &&
mbedtls_ssl_tls13_cipher_suite_is_offered(
ssl, session->ciphersuite ) );
}
@@ -1184,7 +1184,7 @@
p += ext_len;
/* Initializes the status to `indication sent`. It will be updated to
- * `accepted` or `rejected` depend on whether the EncryptedExtension
+ * `accepted` or `rejected` depending on whether the EncryptedExtension
* message will contain an early data indication extension or not.
*/
ssl->early_data_status = MBEDTLS_SSL_EARLY_DATA_STATUS_INDICATION_SENT;
@@ -2553,7 +2553,7 @@
if( ssl->session != NULL )
{
ssl->session->ticket_flags |=
- MBEDTLS_SSL_TLS1_3_TICKET_HAS_EARLY_DATA_INDACTION;
+ MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA;
}
break;