tls13: cli: Enforce maximum size of early data

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-02-11 00:40:05 +00:00 · 2024-02-23 08:24:12 +01:00 · 2024-02-23 08:24:12 +01:00 · 62f971aa60
commit 62f971aa60
parent a4f0a71a01
1 changed files with 22 additions and 6 deletions
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -6065,6 +6065,7 @@ int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl,
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    const struct mbedtls_ssl_config *conf;
    int written_data_len = 0;
+    uint32_t remaining;

    MBEDTLS_SSL_DEBUG_MSG(2, ("=> write early_data"));

@ -6114,18 +6115,27 @@ int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl,
                return ret;
            }
        }
+        remaining = ssl->session_negotiate->max_early_data_size;
    } else {
        /*
-         * If we are past the point where we can send early data, return
-         * immediatly. Otherwise, progress the handshake as much as possible to
-         * not delay it too much. If we reach a point where we can still send
-         * early data, then we will send some.
+         * If we are past the point where we can send early data or we have
+         * already reached the maximum early data size, return immediatly.
+         * Otherwise, progress the handshake as much as possible to not delay
+         * it too much. If we reach a point where we can still send early data,
+         * then we will send some.
         */
        if ((ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE) &&
            (ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED)) {
            return MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA;
        }

+        remaining = ssl->session_negotiate->max_early_data_size -
+                    ssl->early_data_count;
+
+        if (remaining == 0) {
+            return MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA;
+        }
+
        ret = mbedtls_ssl_handshake(ssl);
        if ((ret != 0) && (ret != MBEDTLS_ERR_SSL_WANT_READ)) {
            MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_handshake", ret);
@ -6133,12 +6143,18 @@ int mbedtls_ssl_write_early_data(mbedtls_ssl_context *ssl,
        }
    }

-    if ((ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE) &&
-        (ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED)) {
+    if (((ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_CAN_WRITE) &&
+         (ssl->early_data_status != MBEDTLS_SSL_EARLY_DATA_STATUS_ACCEPTED))
+        || (remaining == 0)) {
        return MBEDTLS_ERR_SSL_CANNOT_WRITE_EARLY_DATA;
    }

+    if (len > remaining) {
+        len = remaining;
+    }
+
    written_data_len = ssl_write_real(ssl, buf, len);
+    ssl->early_data_count += written_data_len;

    MBEDTLS_SSL_DEBUG_MSG(2, ("<= write early_data, len=%d", written_data_len));