tls13: srv: Add discard_early_data_record SSL field

Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/ssl_tls13_server.c

@@ -1780,28 +1780,15 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
 }
 
 #if defined(MBEDTLS_SSL_EARLY_DATA)
-static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl,
-                                            int hrr_required)
+static int ssl_tls13_check_early_data_requirements(mbedtls_ssl_context *ssl)
 {
     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
 
-    if ((handshake->received_extensions &
-         MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) == 0) {
-        MBEDTLS_SSL_DEBUG_MSG(
-            1, ("EarlyData: no early data extension received."));
-        return 0;
-    }
-
     if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_DISABLED) {
         MBEDTLS_SSL_DEBUG_MSG(
             1,
             ("EarlyData: rejected, feature disabled in server configuration."));
-        return 0;
-    }
-
-    if (hrr_required) {
-        MBEDTLS_SSL_DEBUG_MSG(1, ("EarlyData: rejected, HRR required."));
-        return 0;
+        return -1;
     }
 
     if (!handshake->resume) {
@@ -1810,7 +1797,7 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl,
            resumption. */
         MBEDTLS_SSL_DEBUG_MSG(
             1, ("EarlyData: rejected, not a session resumption."));
-        return 0;
+        return -1;
     }
 
     /* RFC 8446 4.2.10
@@ -1833,7 +1820,7 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl,
         MBEDTLS_SSL_DEBUG_MSG(
             1, ("EarlyData: rejected, the selected key in "
                 "`pre_shared_key` is not the first one."));
-        return 0;
+        return -1;
     }
 
     if (handshake->ciphersuite_info->id !=
@@ -1841,7 +1828,7 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl,
         MBEDTLS_SSL_DEBUG_MSG(
             1, ("EarlyData: rejected, the selected ciphersuite is not the one "
                 "of the selected pre-shared key."));
-        return 0;
+        return -1;
 
     }
 
@@ -1850,10 +1837,10 @@ static int ssl_tls13_is_early_data_accepted(mbedtls_ssl_context *ssl,
             1,
             ("EarlyData: rejected, early_data not allowed in ticket "
              "permission bits."));
-        return 0;
+        return -1;
     }
 
-    return 1;
+    return 0;
 }
 #endif /* MBEDTLS_SSL_EARLY_DATA */
 
@@ -1885,15 +1872,24 @@ static int ssl_tls13_postprocess_client_hello(mbedtls_ssl_context *ssl,
     }
 
 #if defined(MBEDTLS_SSL_EARLY_DATA)
-    ssl->handshake->early_data_accepted =
-        ssl_tls13_is_early_data_accepted(ssl, hrr_required);
-
-    if (ssl->handshake->early_data_accepted) {
-        ret = mbedtls_ssl_tls13_compute_early_transform(ssl);
-        if (ret != 0) {
-            MBEDTLS_SSL_DEBUG_RET(
-                1, "mbedtls_ssl_tls13_compute_early_transform", ret);
-            return ret;
+    if (ssl->handshake->received_extensions & MBEDTLS_SSL_EXT_MASK(EARLY_DATA)) {
+        ssl->handshake->early_data_accepted = 0;
+        if (!hrr_required) {
+            ssl->handshake->early_data_accepted =
+                (ssl_tls13_check_early_data_requirements(ssl) == 0);
+        }
+        if (ssl->handshake->early_data_accepted) {
+            ret = mbedtls_ssl_tls13_compute_early_transform(ssl);
+            if (ret != 0) {
+                MBEDTLS_SSL_DEBUG_RET(
+                    1, "mbedtls_ssl_tls13_compute_early_transform", ret);
+                return ret;
+            }
+        } else {
+            ssl->discard_early_data_record =
+                hrr_required ?
+                MBEDTLS_SSL_EARLY_DATA_DISCARD :
+                MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD;
         }
     }
 #else