mirror of
https://github.com/ARMmbed/mbedtls.git
synced 2025-05-10 00:49:04 +08:00
tls13-early-data.md: Adapt code examples to new coding style
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron
parent
b372b2e5bb
commit
0fce958f17
@ -6,29 +6,28 @@ An application function to write and send a buffer of data to a server through
|
|||||||
TLS may plausibly look like:
|
TLS may plausibly look like:
|
||||||
|
|
||||||
```
|
```
|
||||||
int write_data( mbedtls_ssl_context *ssl,
|
int write_data(mbedtls_ssl_context *ssl,
|
||||||
const unsigned char *data_to_write,
|
const unsigned char *data_to_write,
|
||||||
size_t data_to_write_len,
|
size_t data_to_write_len,
|
||||||
size_t *data_written )
|
size_t *data_written)
|
||||||
{
|
{
|
||||||
|
int ret;
|
||||||
*data_written = 0;
|
*data_written = 0;
|
||||||
|
|
||||||
while( *data_written < data_to_write_len )
|
while (*data_written < data_to_write_len) {
|
||||||
{
|
ret = mbedtls_ssl_write(ssl, data_to_write + *data_written,
|
||||||
ret = mbedtls_ssl_write( ssl, data_to_write + *data_written,
|
data_to_write_len - *data_written);
|
||||||
data_to_write_len - *data_written );
|
|
||||||
|
|
||||||
if( ret < 0 &&
|
if (ret < 0 &&
|
||||||
ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
||||||
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
|
||||||
{
|
return ret;
|
||||||
return( ret );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
*data_written += ret;
|
*data_written += ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
return( 0 );
|
return 0;
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
where ssl is the SSL context to use, data_to_write the address of the data
|
where ssl is the SSL context to use, data_to_write the address of the data
|
||||||
@ -36,7 +35,7 @@ buffer and data_to_write_len the number of data bytes. The handshake may
|
|||||||
not be completed, not even started for the SSL context ssl when the function is
|
not be completed, not even started for the SSL context ssl when the function is
|
||||||
called and in that case the mbedtls_ssl_write() API takes care transparently of
|
called and in that case the mbedtls_ssl_write() API takes care transparently of
|
||||||
completing the handshake before to write and send data to the server. The
|
completing the handshake before to write and send data to the server. The
|
||||||
mbedtls_ssl_write() may not been able to write and send all data in one go thus
|
mbedtls_ssl_write() may not be able to write and send all data in one go thus
|
||||||
the need for a loop calling it as long as there are still data to write and
|
the need for a loop calling it as long as there are still data to write and
|
||||||
send.
|
send.
|
||||||
|
|
||||||
@ -45,29 +44,28 @@ data sent during the first flight of client messages while the handshake is in
|
|||||||
its initial phase, would look completely similar but the call to
|
its initial phase, would look completely similar but the call to
|
||||||
mbedtls_ssl_write_early_data() instead of mbedtls_ssl_write().
|
mbedtls_ssl_write_early_data() instead of mbedtls_ssl_write().
|
||||||
```
|
```
|
||||||
int write_early_data( mbedtls_ssl_context *ssl,
|
int write_early_data(mbedtls_ssl_context *ssl,
|
||||||
const unsigned char *data_to_write,
|
const unsigned char *data_to_write,
|
||||||
size_t data_to_write_len,
|
size_t data_to_write_len,
|
||||||
size_t *data_written )
|
size_t *data_written)
|
||||||
{
|
{
|
||||||
|
int ret;
|
||||||
*data_written = 0;
|
*data_written = 0;
|
||||||
|
|
||||||
while( *data_written < data_to_write_len )
|
while (*data_written < data_to_write_len) {
|
||||||
{
|
ret = mbedtls_ssl_write_early_data(ssl, data_to_write + *data_written,
|
||||||
ret = mbedtls_ssl_write_early_data( ssl, data_to_write + *data_written,
|
data_to_write_len - *data_written);
|
||||||
data_to_write_len - *data_written );
|
|
||||||
|
|
||||||
if( ret < 0 &&
|
if (ret < 0 &&
|
||||||
ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
||||||
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
|
||||||
{
|
return ret;
|
||||||
return( ret );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
*data_written += ret;
|
*data_written += ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
return( 0 );
|
return 0;
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
Note that compared to write_data(), write_early_data() can also return
|
Note that compared to write_data(), write_early_data() can also return
|
||||||
@ -81,18 +79,22 @@ early data and then as standard post-handshake application data could
|
|||||||
plausibly look like:
|
plausibly look like:
|
||||||
|
|
||||||
```
|
```
|
||||||
ret = write_early_data( ssl, data_to_write, data_to_write_len,
|
ret = write_early_data(ssl,
|
||||||
&early_data_written );
|
data_to_write,
|
||||||
if( ret < 0 &&
|
data_to_write_len,
|
||||||
ret != MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA )
|
&early_data_written);
|
||||||
{
|
if (ret < 0 &&
|
||||||
|
ret != MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA) {
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = write_data( ssl, data_to_write + early_data_written,
|
ret = write_data(ssl,
|
||||||
data_to_write_len - early_data_written, &data_written );
|
data_to_write + early_data_written,
|
||||||
if( ret < 0 )
|
data_to_write_len - early_data_written,
|
||||||
|
&data_written);
|
||||||
|
if (ret < 0) {
|
||||||
goto error;
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
data_written += early_data_written;
|
data_written += early_data_written;
|
||||||
```
|
```
|
||||||
@ -100,40 +102,44 @@ data_written += early_data_written;
|
|||||||
Finally, taking into account that the server may reject early data, application
|
Finally, taking into account that the server may reject early data, application
|
||||||
code to write and send a buffer of data could plausibly look like:
|
code to write and send a buffer of data could plausibly look like:
|
||||||
```
|
```
|
||||||
ret = write_early_data( ssl, data_to_write, data_to_write_len,
|
ret = write_early_data(ssl,
|
||||||
&early_data_written );
|
data_to_write,
|
||||||
if( ret < 0 &&
|
data_to_write_len,
|
||||||
ret != MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA )
|
&early_data_written);
|
||||||
{
|
if (ret < 0 &&
|
||||||
|
ret != MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA) {
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Make sure the handshake is completed as it is a requisite to
|
* Make sure the handshake is completed as it is a requisite of
|
||||||
* mbedtls_ssl_get_early_data_status().
|
* mbedtls_ssl_get_early_data_status().
|
||||||
*/
|
*/
|
||||||
while( !mbedtls_ssl_is_handshake_over( ssl ) )
|
while (!mbedtls_ssl_is_handshake_over(ssl)) {
|
||||||
{
|
ret = mbedtls_ssl_handshake(ssl);
|
||||||
ret = mbedtls_ssl_handshake( ssl );
|
if (ret < 0 &&
|
||||||
if( ret < 0 &&
|
|
||||||
ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
ret != MBEDTLS_ERR_SSL_WANT_READ &&
|
||||||
ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
ret != MBEDTLS_ERR_SSL_WANT_WRITE) {
|
||||||
{
|
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = mbedtls_ssl_get_early_data_status( ssl );
|
ret = mbedtls_ssl_get_early_data_status(ssl);
|
||||||
if( ret < 0 )
|
if (ret < 0) {
|
||||||
goto error;
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
if( ret == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED )
|
if (ret == MBEDTLS_SSL_EARLY_DATA_STATUS_REJECTED) {
|
||||||
early_data_written = 0;
|
early_data_written = 0;
|
||||||
|
}
|
||||||
|
|
||||||
ret = write_data( ssl, data_to_write + early_data_written,
|
ret = write_data(ssl,
|
||||||
data_to_write_len - early_data_written, &data_written );
|
data_to_write + early_data_written,
|
||||||
if( ret < 0 )
|
data_to_write_len - early_data_written,
|
||||||
|
&data_written);
|
||||||
|
if (ret < 0) {
|
||||||
goto error;
|
goto error;
|
||||||
|
}
|
||||||
|
|
||||||
data_written += early_data_written;
|
data_written += early_data_written;
|
||||||
```
|
```
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user