commit 16f6853b054d7551f8bacd5e5f00ebfa7ef8ab50
author Jerry Yu <jerry.h.yu@arm.com> Sat Nov 05 10:50:06 2022 +0800
committer Jerry Yu <jerry.h.yu@arm.com> Thu Dec 01 23:11:48 2022 +0800
tree 98610e47a0466fb3e9cb20cf4c3de739d5b26fca
parent a6934776c90a834a321daf7eeb35f2ad7d402c50

Add max_early_data_size config option

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>

include/mbedtls/check_config.h

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7f55580..6640708 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -32,6 +32,9 @@
 #error "mbed TLS requires a platform with 8-bit chars"
 #endif
 
+/* Need std integer definition for checking max_early_data_size */
+#include <stdint.h>
+
 #if defined(_WIN32)
 #if !defined(MBEDTLS_PLATFORM_C)
 #error "MBEDTLS_PLATFORM_C is required on Windows"
@@ -849,6 +852,13 @@
 #error "MBEDTLS_SSL_EARLY_DATA  defined, but not all prerequisites"
 #endif
 
+#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
+    ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE)     || \
+      ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE <= 0 )      || \
+      ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
+#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(1..UINT32_MAX)"
+#endif
+
 #if defined(MBEDTLS_SSL_PROTO_DTLS)     && \
     !defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites"

include/mbedtls/mbedtls_config.h

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index c719073..f33ce60 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1664,6 +1664,8 @@
 *           MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
 *           MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
 *
+* Requires: MBEDTLS_SSL_MAX_EARLY_DATA_SIZE >= 0
+*
 * Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
 * is not enabled, this option does not have any effect on the build.
 *
@@ -1674,6 +1676,19 @@
 //#define MBEDTLS_SSL_EARLY_DATA
 
 /**
+ * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
+ *
+ * The maximium amount of 0-RTT data(RFC8446 section 4.6.1).
+ * It only works when MBEDTLS_SSL_EARLY_DATA is enabled and MUST be in range
+ * 1...UINT32_MAX
+ *
+ * This feature is experimental, not completed and thus not ready for
+ * production.
+ *
+ */
+#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE        1024
+
+/**
  * \def MBEDTLS_SSL_PROTO_DTLS
  *
  * Enable support for DTLS (all available versions).