projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Provide an SSL_read_early() function for reading early data
[openssl.git] / ssl / ssl_locl.h
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 86603a07c5168e94cdb1d669dd8ef151b1eac099..db1d7cfad3e8b8a027779a8941110f1f0ebe422a 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -618,7 +618,12 @@ typedef enum {
     SSL_EARLY_DATA_CONNECTING,
     SSL_EARLY_DATA_WRITE_RETRY,
     SSL_EARLY_DATA_WRITING,
-    SSL_EARLY_DATA_FINISHED_WRITING
+    SSL_EARLY_DATA_FINISHED_WRITING,
+    SSL_EARLY_DATA_ACCEPT_RETRY,
+    SSL_EARLY_DATA_ACCEPTING,
+    SSL_EARLY_DATA_READ_RETRY,
+    SSL_EARLY_DATA_READING,
+    SSL_EARLY_DATA_FINISHED_READING
 } SSL_EARLY_DATA_STATE;
 
 #define MAX_COMPRESSIONS_SIZE   255
@@ -1176,6 +1181,9 @@ struct ssl_st {
 
         /* Set to one if we have negotiated ETM */
         int use_etm;
+
+        /* Set to 1 if we are expecting to receive early data */
+        int expect_early_data;
     } ext;
 
     /* Parsed form of the ClientHello, kept around across early_cb calls. */
@@ -1746,6 +1754,7 @@ typedef enum tlsext_index_en {
     TLSEXT_IDX_server_name,
     TLSEXT_IDX_srp,
     TLSEXT_IDX_early_data_info,
+    TLSEXT_IDX_early_data,
     TLSEXT_IDX_ec_point_formats,
     TLSEXT_IDX_supported_groups,
     TLSEXT_IDX_session_ticket,
@@ -1983,6 +1992,7 @@ static ossl_inline int ssl_has_cert(const SSL *s, int idx)
 
 # ifndef OPENSSL_UNIT_TEST
 
+int ssl_end_of_early_data_seen(SSL *s);
 __owur int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes);
 __owur int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written);
 void ssl_clear_cipher_ctx(SSL *s);
@@ -2192,10 +2202,12 @@ __owur int tls13_hkdf_expand(SSL *s, const EVP_MD *md,
                              const unsigned char *label, size_t labellen,
                              const unsigned char *hash,
                              unsigned char *out, size_t outlen);
-__owur int tls13_derive_key(SSL *s, const unsigned char *secret,
-                            unsigned char *key, size_t keylen);
-__owur int tls13_derive_iv(SSL *s, const unsigned char *secret,
-                           unsigned char *iv, size_t ivlen);
+__owur int tls13_derive_key(SSL *s, const EVP_MD *md,
+                            const unsigned char *secret, unsigned char *key,
+                            size_t keylen);
+__owur int tls13_derive_iv(SSL *s, const EVP_MD *md,
+                           const unsigned char *secret, unsigned char *iv,
+                           size_t ivlen);
 __owur int tls13_derive_finishedkey(SSL *s, const EVP_MD *md,
                                     const unsigned char *secret,
                                     unsigned char *fin, size_t finlen);
@@ -2348,6 +2360,7 @@ __owur int ssl_log_secret(SSL *ssl, const char *label,
                           const uint8_t *secret, size_t secret_len);
 
 #define MASTER_SECRET_LABEL "CLIENT_RANDOM"
+#define CLIENT_EARLY_LABEL "CLIENT_EARLY_TRAFFIC_SECRET"
 #define CLIENT_HANDSHAKE_LABEL "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
 #define SERVER_HANDSHAKE_LABEL "SERVER_HANDSHAKE_TRAFFIC_SECRET"
 #define CLIENT_APPLICATION_LABEL "CLIENT_TRAFFIC_SECRET_0"
Unnamed repository; edit this file 'description' to name the repository.