eden-emu/mbedtls
19
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add max_early_data_size into ticket

Browse source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-12-12 15:13:20 +08:00
parent 9b0c8164eb
commit 02e3a074a3
2 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
include/mbedtls/ssl.h
View file

@ -1252,6 +1252,10 @@ struct mbedtls_ssl_session {
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_EARLY_DATA)
uint32_t MBEDTLS_PRIVATE(max_early_data_size); /*!< max_early_data_size of ticket */
#endif
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */ int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */
#endif #endif

18
library/ssl_tls.c
View file

@ -2466,6 +2466,7 @@ mbedtls_ssl_mode_t mbedtls_ssl_get_mode_from_ciphersuite(
* uint32 ticket_age_add; * uint32 ticket_age_add;
* uint8 ticket_flags; * uint8 ticket_flags;
* opaque resumption_key<0..255>; * opaque resumption_key<0..255>;
* uint32 max_early_data_size;
* select ( endpoint ) { * select ( endpoint ) {
* case client: ClientOnlyData; * case client: ClientOnlyData;
* case server: uint64 start_time; * case server: uint64 start_time;
@ -2498,6 +2499,10 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session,
} }
needed += session->resumption_key_len; /* resumption_key */ needed += session->resumption_key_len; /* resumption_key */
#if defined(MBEDTLS_SSL_EARLY_DATA)
needed += 4; /* max_early_data_size */
#endif
#if defined(MBEDTLS_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
needed += 8; /* start_time or ticket_received */ needed += 8; /* start_time or ticket_received */
#endif #endif
@ -2537,6 +2542,11 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session,
memcpy(p, session->resumption_key, session->resumption_key_len); memcpy(p, session->resumption_key, session->resumption_key_len);
p += session->resumption_key_len; p += session->resumption_key_len;
#if defined(MBEDTLS_SSL_EARLY_DATA)
MBEDTLS_PUT_UINT32_BE(session->max_early_data_size, p, 0);
p += 4;
#endif
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
MBEDTLS_PUT_UINT64_BE((uint64_t) session->start, p, 0); MBEDTLS_PUT_UINT64_BE((uint64_t) session->start, p, 0);
@ -2605,6 +2615,14 @@ static int ssl_tls13_session_load(mbedtls_ssl_session *session,
memcpy(session->resumption_key, p, session->resumption_key_len); memcpy(session->resumption_key, p, session->resumption_key_len);
p += session->resumption_key_len; p += session->resumption_key_len;
#if defined(MBEDTLS_SSL_EARLY_DATA)
if (end - p < 4) {
return MBEDTLS_ERR_SSL_BAD_INPUT_DATA;
}
session->max_early_data_size = MBEDTLS_GET_UINT32_BE(p, 0);
p += 4;
#endif
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) #if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C)
if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { if (session->endpoint == MBEDTLS_SSL_IS_SERVER) {
if (end - p < 8) { if (end - p < 8) {