tls13: early_data: cli: remove nst_ prefix
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index a62d2bc..fec4a7d 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -2658,10 +2658,16 @@
* } EarlyDataIndication;
*/
MBEDTLS_CHECK_RETURN_CRITICAL
-static int ssl_tls13_parse_nst_early_data_ext(mbedtls_ssl_context *ssl,
- const unsigned char *buf,
- const unsigned char *end)
+static int ssl_tls13_parse_early_data_ext(mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ const unsigned char *end)
{
+ /* Make sure early data indication extension is received from
+ * NewSessionTicket. */
+ if (!mbedtls_ssl_is_handshake_over(ssl)) {
+ return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
+ }
+
mbedtls_ssl_session *session = ssl->session;
MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 4);
@@ -2710,11 +2716,11 @@
switch (extension_type) {
#if defined(MBEDTLS_SSL_EARLY_DATA)
case MBEDTLS_TLS_EXT_EARLY_DATA:
- ret = ssl_tls13_parse_nst_early_data_ext(
+ ret = ssl_tls13_parse_early_data_ext(
ssl, p, p + extension_data_len);
if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(
- 1, "ssl_tls13_parse_nst_early_data_ext", ret);
+ 1, "ssl_tls13_parse_early_data_ext", ret);
}
break;
#endif /* MBEDTLS_SSL_EARLY_DATA */