ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-10 00:49:04 +08:00
Code Issues Releases Wiki Activity

tls13: early_data: cli: improve comment

Browse Source 
This commit improves comment of the check for handshake parameters
in Encrypted Extension.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This commit is contained in:
Yanray Wang 2023-12-01 17:40:19 +08:00
parent e72dfff1d6
commit 03a00768c0
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
library/ssl_tls13_client.c
View File

@ -2182,14 +2182,15 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
* - The selected cipher suite * - The selected cipher suite
* - The selected ALPN [RFC7301] protocol, if any * - The selected ALPN [RFC7301] protocol, if any
* *
* When parsing EncryptedExtensions, the client does not know if * The server has sent an early data extension in its Encrypted
* the server will accept early data and select the first proposed * Extension message thus accepted to receive early data. We
* pre-shared key with a cipher suite that is different from the * check here that the additional constraints on the handshake
* cipher suite associated to the selected pre-shared key. To address * parameters, when early data are exchanged, are met,
* aforementioned case, when early data is involved, we check: * namely:
* - the selected pre-shared key is the first proposed one * - the selected PSK for the handshake was the first one proposed
* - the selected cipher suite same as the one associated with the * by the client.
* pre-shared key. * - the selected ciphersuite for the handshake is the ciphersuite
* associated with the selected PSK.
*/ */
if (handshake->selected_identity != 0 || if (handshake->selected_identity != 0 ||
handshake->ciphersuite_info->id != handshake->ciphersuite_info->id !=