From 95a0730f178980085c8f7acfd3b26c5c67511464 Mon Sep 17 00:00:00 2001
From: Xiaokang Qian <xiaokang.qian@arm.com>
Date: Tue, 25 Oct 2022 02:56:00 +0000
Subject: [PATCH] Change prerequisites of MBEDTLS_SSL_EARLY_DATA and add
 related check

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
---
 include/mbedtls/check_config.h   | 7 +++++++
 include/mbedtls/mbedtls_config.h | 4 ++++
 2 files changed, 11 insertions(+)

diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 6a9647994..d36db4a9e 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -842,6 +842,13 @@
         "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx"
 #endif
 
+/* Early data requires PSK related mode defined */
+#if defined(MBEDTLS_SSL_EARLY_DATA) && \
+        ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \
+          !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED))
+#error "MBEDTLS_SSL_EARLY_DATA  defined, but not all prerequisites"
+#endif
+
 #if defined(MBEDTLS_SSL_PROTO_DTLS)     && \
     !defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites"
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 9480de006..7ce8083d4 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1640,6 +1640,10 @@
 * Requires: MBEDTLS_SSL_PROTO_TLS1_3
 *
 * Comment this to disable support for early data.
+*
+* This feature is experimental, not completed and thus not ready for
+* production.
+*
 */
 //#define MBEDTLS_SSL_EARLY_DATA