Add max_early_data_size config option
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 7f55580..6640708 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -32,6 +32,9 @@
#error "mbed TLS requires a platform with 8-bit chars"
#endif
+/* Need std integer definition for checking max_early_data_size */
+#include <stdint.h>
+
#if defined(_WIN32)
#if !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_C is required on Windows"
@@ -849,6 +852,13 @@
#error "MBEDTLS_SSL_EARLY_DATA defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_SRV_C) && \
+ ( !defined(MBEDTLS_SSL_MAX_EARLY_DATA_SIZE) || \
+ ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE <= 0 ) || \
+ ( MBEDTLS_SSL_MAX_EARLY_DATA_SIZE > UINT32_MAX ) )
+#error "MBEDTLS_SSL_MAX_EARLY_DATA_SIZE MUST be defined and in range(1..UINT32_MAX)"
+#endif
+
#if defined(MBEDTLS_SSL_PROTO_DTLS) && \
!defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites"
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index c719073..f33ce60 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1664,6 +1664,8 @@
* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED or
* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
*
+* Requires: MBEDTLS_SSL_MAX_EARLY_DATA_SIZE >= 0
+*
* Comment this to disable support for early data. If MBEDTLS_SSL_PROTO_TLS1_3
* is not enabled, this option does not have any effect on the build.
*
@@ -1674,6 +1676,19 @@
//#define MBEDTLS_SSL_EARLY_DATA
/**
+ * \def MBEDTLS_SSL_MAX_EARLY_DATA_SIZE
+ *
+ * The maximium amount of 0-RTT data(RFC8446 section 4.6.1).
+ * It only works when MBEDTLS_SSL_EARLY_DATA is enabled and MUST be in range
+ * 1...UINT32_MAX
+ *
+ * This feature is experimental, not completed and thus not ready for
+ * production.
+ *
+ */
+#define MBEDTLS_SSL_MAX_EARLY_DATA_SIZE 1024
+
+/**
* \def MBEDTLS_SSL_PROTO_DTLS
*
* Enable support for DTLS (all available versions).