Update end of early data processing for draft-19

    TLS_ST_SR_KEY_UPDATE,

    TLS_ST_CR_KEY_UPDATE,

    TLS_ST_EARLY_DATA,

    TLS_ST_PENDING_EARLY_DATA_END

    TLS_ST_PENDING_EARLY_DATA_END,

    TLS_ST_CW_END_OF_EARLY_DATA,

    TLS_ST_SR_END_OF_EARLY_DATA

} OSSL_HANDSHAKE_STATE;

/*

# define SSL_AD_INTERNAL_ERROR           TLS1_AD_INTERNAL_ERROR

# define SSL_AD_USER_CANCELLED           TLS1_AD_USER_CANCELLED

# define SSL_AD_NO_RENEGOTIATION         TLS1_AD_NO_RENEGOTIATION

# define SSL_AD_END_OF_EARLY_DATA        TLS13_AD_END_OF_EARLY_DATA

# define SSL_AD_MISSING_EXTENSION        TLS13_AD_MISSING_EXTENSION

# define SSL_AD_CERTIFICATE_REQUIRED     TLS13_AD_CERTIFICATE_REQUIRED

# define SSL_AD_UNSUPPORTED_EXTENSION    TLS1_AD_UNSUPPORTED_EXTENSION

# define SSL_F_TLS_CONSTRUCT_CTOS_USE_SRTP                482

# define SSL_F_TLS_CONSTRUCT_CTOS_VERIFY                  358

# define SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS         443

# define SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA            536

# define SSL_F_TLS_CONSTRUCT_EXTENSIONS                   447

# define SSL_F_TLS_CONSTRUCT_FINISHED                     359

# define SSL_F_TLS_CONSTRUCT_HELLO_REQUEST                373

# define SSL_F_TLS_PROCESS_CLIENT_HELLO                   381

# define SSL_F_TLS_PROCESS_CLIENT_KEY_EXCHANGE            382

# define SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS           444

# define SSL_F_TLS_PROCESS_END_OF_EARLY_DATA              537

# define SSL_F_TLS_PROCESS_FINISHED                       364

# define SSL_F_TLS_PROCESS_HELLO_REQ                      507

# define SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST            511

# define SSL3_MT_CLIENT_HELLO                    1

# define SSL3_MT_SERVER_HELLO                    2

# define SSL3_MT_NEWSESSION_TICKET               4

# define SSL3_MT_END_OF_EARLY_DATA               5

# define SSL3_MT_HELLO_RETRY_REQUEST             6

# define SSL3_MT_ENCRYPTED_EXTENSIONS            8

# define SSL3_MT_CERTIFICATE                     11

        SSL3_RECORD_set_length(thiswr, len);

    }

    if (s->early_data_state == SSL_EARLY_DATA_WRITING) {

    if (s->early_data_state == SSL_EARLY_DATA_WRITING

            || s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {

        /*

         * We haven't actually negotiated the version yet, but we're trying to

         * send early data - so we need to use the the tls13enc function.

                n = SSL3_RECORD_get_length(rr); /* available bytes */

            /* now move 'n' bytes: */

            while (n-- > 0) {

                dest[(*dest_len)++] =

                    SSL3_RECORD_get_data(rr)[SSL3_RECORD_get_off(rr)];

                SSL3_RECORD_add_off(rr, 1);

                SSL3_RECORD_add_length(rr, -1);

            }

            if (*dest_len < dest_maxlen) {

            memcpy(dest + *dest_len,

                   SSL3_RECORD_get_data(rr) + SSL3_RECORD_get_off(rr), n);

            SSL3_RECORD_add_off(rr, n);

            SSL3_RECORD_add_length(rr, -n);

            *dest_len += n;

            if (SSL3_RECORD_get_length(rr) == 0)

                SSL3_RECORD_set_read(rr);

            if (*dest_len < dest_maxlen)

                goto start;     /* fragment was too small */

        }

    }

    }

    /*-

     * s->rlayer.handshake_fragment_len == 4  iff  rr->type == SSL3_RT_HANDSHAKE;

                al = SSL_AD_HANDSHAKE_FAILURE;

                SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_NO_RENEGOTIATION);

                goto f_err;

            } else if (alert_descr == SSL_AD_END_OF_EARLY_DATA) {

                if (!ssl_end_of_early_data_seen(s)) {

                    al = SSL_AD_UNEXPECTED_MESSAGE;

                    SSLerr(SSL_F_SSL3_READ_BYTES,

                           SSL_R_UNEXPECTED_END_OF_EARLY_DATA);

                    goto f_err;

                }

                return 0;

            }

        } else if (alert_level == SSL3_AL_FATAL) {

            char tmp[16];

     */

    if ((s->rlayer.handshake_fragment_len >= 4)

            && !ossl_statem_get_in_handshake(s)) {

        /*

         * To get here we must be trying to read app data but found handshake

         * data. But if we're trying to read app data, and we're not in init

         * (which is tested for at the top of this function) then init must be

         * finished

         */

        assert(SSL_is_init_finished(s));

        if (!SSL_is_init_finished(s)) {

            al = SSL_AD_INTERNAL_ERROR;

            SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);

            goto f_err;

        }

        /* We found handshake data, so we're going back into init */

        ossl_statem_set_in_init(s, 1);

    ivlen = EVP_CIPHER_CTX_iv_length(ctx);

    if (s->early_data_state == SSL_EARLY_DATA_WRITING) {

    if (s->early_data_state == SSL_EARLY_DATA_WRITING

            || s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) {

        alg_enc = s->session->cipher->algorithm_enc;

    } else {

        /*

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_CTOS_VERIFY), "TLS_CONSTRUCT_CTOS_VERIFY"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_ENCRYPTED_EXTENSIONS),

     "tls_construct_encrypted_extensions"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_END_OF_EARLY_DATA),

     "tls_construct_end_of_early_data"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_EXTENSIONS), "tls_construct_extensions"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_FINISHED), "tls_construct_finished"},

    {ERR_FUNC(SSL_F_TLS_CONSTRUCT_HELLO_REQUEST),

     "tls_process_client_key_exchange"},

    {ERR_FUNC(SSL_F_TLS_PROCESS_ENCRYPTED_EXTENSIONS),

     "tls_process_encrypted_extensions"},

    {ERR_FUNC(SSL_F_TLS_PROCESS_END_OF_EARLY_DATA),

     "tls_process_end_of_early_data"},

    {ERR_FUNC(SSL_F_TLS_PROCESS_FINISHED), "tls_process_finished"},

    {ERR_FUNC(SSL_F_TLS_PROCESS_HELLO_REQ), "tls_process_hello_req"},

    {ERR_FUNC(SSL_F_TLS_PROCESS_HELLO_RETRY_REQUEST),