From 03a00768c0dea338801e7966b263f5940151146f Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Fri, 1 Dec 2023 17:40:19 +0800 Subject: [PATCH] tls13: early_data: cli: improve comment This commit improves comment of the check for handshake parameters in Encrypted Extension. Signed-off-by: Yanray Wang --- library/ssl_tls13_client.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 62e99cfec8..0cdb02b6cc 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -2182,14 +2182,15 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl) * - The selected cipher suite * - The selected ALPN [RFC7301] protocol, if any * - * When parsing EncryptedExtensions, the client does not know if - * the server will accept early data and select the first proposed - * pre-shared key with a cipher suite that is different from the - * cipher suite associated to the selected pre-shared key. To address - * aforementioned case, when early data is involved, we check: - * - the selected pre-shared key is the first proposed one - * - the selected cipher suite same as the one associated with the - * pre-shared key. + * The server has sent an early data extension in its Encrypted + * Extension message thus accepted to receive early data. We + * check here that the additional constraints on the handshake + * parameters, when early data are exchanged, are met, + * namely: + * - the selected PSK for the handshake was the first one proposed + * by the client. + * - the selected ciphersuite for the handshake is the ciphersuite + * associated with the selected PSK. */ if (handshake->selected_identity != 0 || handshake->ciphersuite_info->id !=