Move function mbedtls_ssl_tls13_conf_early_data to ssl_tls.c

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2022-10-25 02:54:33 +00:00 · 2022-10-25 02:54:33 +00:00 · 72de95dcf5
commit 72de95dcf5
parent 600804b0e7
3 changed files with 19 additions and 18 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1500,9 +1500,9 @@ struct mbedtls_ssl_config
 #endif /* MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */

 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    int early_data_enabled;     /*!< Early data indication:
-                        *   - MBEDTLS_SSL_EARLY_DATA_DISABLED,
-                        *   - MBEDTLS_SSL_EARLY_DATA_ENABLED */
+    int MBEDTLS_PRIVATE(early_data_enabled);     /*!< Early data enablement:
+                                     *   - MBEDTLS_SSL_EARLY_DATA_DISABLED,
+                                     *   - MBEDTLS_SSL_EARLY_DATA_ENABLED */
 #endif /* MBEDTLS_SSL_EARLY_DATA */

 #if defined(MBEDTLS_SSL_ALPN)
@ -1915,15 +1915,14 @@ void mbedtls_ssl_conf_transport( mbedtls_ssl_config *conf, int transport );
 void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );

 /**
-* \brief          Set the early_data mode
-*                 Default: disabled on server and client
+* \brief    Set the early data mode
+*           Default: disabled on server and client
 *
-* \param conf     The SSL configuration to use.
+* \param conf   The SSL configuration to use.
 * \param early_data_enabled can be:
 *
-*  MBEDTLS_SSL_EARLY_DATA_DISABLED:  early data functionality will not be used
-*                        (default on server)
-*                        (default on client)
+*  MBEDTLS_SSL_EARLY_DATA_DISABLED:  early data functionality is disabled
+*                                    This is the default on client and server.
 *
 *  MBEDTLS_SSL_EARLY_DATA_ENABLED:  early data functionality is enabled and
 *                        may be negotiated in the handshake. Application using
@ -1931,9 +1930,11 @@ void mbedtls_ssl_conf_authmode( mbedtls_ssl_config *conf, int authmode );
 *                        lack of replay protection of the early data application
 *                        payloads.
 *
+* \warning This interface is experimental and may change without notice.
+*
 */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_EARLY_DATA)
-void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf,
+void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf,
                                  int early_data_enabled );
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA */

--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1425,6 +1425,14 @@ void mbedtls_ssl_conf_tls13_key_exchange_modes( mbedtls_ssl_config *conf,
 {
    conf->tls13_kex_modes = kex_modes & MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_ALL;
 }
+
+#if defined(MBEDTLS_SSL_EARLY_DATA)
+void mbedtls_ssl_tls13_conf_early_data( mbedtls_ssl_config *conf,
+                                  int early_data_enabled )
+{
+    conf->early_data_enabled = early_data_enabled;
+}
+#endif /* MBEDTLS_SSL_EARLY_DATA */
 #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

 #if defined(MBEDTLS_X509_CRT_PARSE_C)
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@ -1080,14 +1080,6 @@ cleanup:

 #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */

-#if defined(MBEDTLS_SSL_EARLY_DATA)
-void mbedtls_ssl_conf_early_data( mbedtls_ssl_config *conf,
-                                  int early_data_enabled )
-{
-    conf->early_data_enabled = early_data_enabled;
-}
-#endif /* MBEDTLS_SSL_EARLY_DATA */
-
 /*
 *
 * STATE HANDLING: Incoming Finished message.