TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 85718043820d3dd9bd8922e269332430278b820c^! / . / library / ssl_tls13_generic.c
commit85718043820d3dd9bd8922e269332430278b820c[log] [tgz]
authorRonald Cron <ronald.cron@arm.com>Thu Feb 22 10:22:09 2024 +0100
committerRonald Cron <ronald.cron@arm.com>Fri Mar 01 09:29:09 2024 +0100
tree34a4519ba08dc015391f69bdf999af7259f4465e
parentc2865197478cddf22572c774481fb90db2c2f461 [diff] [blame]
tls13: srv: Enforce maximum size of early data

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index bc73704..a3b4d35 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c

@@ -1454,6 +1454,47 @@
 
     return 0;
 }
+
+#if defined(MBEDTLS_SSL_SRV_C)
+int mbedtls_ssl_tls13_check_early_data_len(mbedtls_ssl_context *ssl,
+                                           size_t early_data_len)
+{
+    uint32_t uint32_early_data_len = (uint32_t) early_data_len;
+
+    /*
+     * This function should be called only while an handshake is in progress
+     * and thus a session under negotiation. Add a sanity check to detect a
+     * misuse.
+     */
+    if (ssl->session_negotiate == NULL) {
+        return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
+    }
+
+    /* RFC 8446 section 4.6.1
+     *
+     * A server receiving more than max_early_data_size bytes of 0-RTT data
+     * SHOULD terminate the connection with an "unexpected_message" alert.
+     */
+    if (uint32_early_data_len >
+        (ssl->session_negotiate->max_early_data_size -
+         ssl->early_data_count)) {
+
+        MBEDTLS_SSL_DEBUG_MSG(
+            2, ("EarlyData: Too many early data received, %u > %u",
+                ssl->early_data_count + uint32_early_data_len,
+                ssl->session_negotiate->max_early_data_size));
+
+        MBEDTLS_SSL_PEND_FATAL_ALERT(
+            MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE,
+            MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE);
+        return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
+    }
+
+    ssl->early_data_count += uint32_early_data_len;
+
+    return 0;
+}
+#endif /* MBEDTLS_SSL_SRV_C */
 #endif /* MBEDTLS_SSL_EARLY_DATA */
 
 /* Reset SSL context and update hash for handling HRR.