Enforce maximum size of early data when rejected

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-04-10 06:44:28 +00:00 · 2024-02-08 15:48:29 +01:00 · 2024-02-08 15:48:29 +01:00 · 919e596c05
commit 919e596c05
parent 2160bfe4e2
3 changed files with 56 additions and 4 deletions
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@ -4005,7 +4005,11 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl,
                 MBEDTLS_SSL_EARLY_DATA_TRY_TO_DEPROTECT_AND_DISCARD)) {
                MBEDTLS_SSL_DEBUG_MSG(
                    3, ("EarlyData: deprotect and discard app data records."));
-                /* TODO: Add max_early_data_size check here, see issue 6347 */
+
+                ret = mbedtls_ssl_tls13_check_early_data_len(ssl, rec->data_len);
+                if (ret != 0) {
+                    return ret;
+                }
                ret = MBEDTLS_ERR_SSL_CONTINUE_PROCESSING;
            }
 #endif /* MBEDTLS_SSL_EARLY_DATA && MBEDTLS_SSL_SRV_C */
--- a/tests/suites/test_suite_ssl.data
+++ b/tests/suites/test_suite_ssl.data
@ -3318,3 +3318,12 @@ tls13_srv_max_early_data_size:TEST_EARLY_DATA_ACCEPTED:3

 TLS 1.3 srv, max early data size, max=97
 tls13_srv_max_early_data_size:TEST_EARLY_DATA_ACCEPTED:97
+
+TLS 1.3 srv, max early data size, server rejects, default
+tls13_srv_max_early_data_size:TEST_EARLY_DATA_SERVER_REJECTS:-1
+
+TLS 1.3 srv, max early data size, server rejects, max=3 (very small)
+tls13_srv_max_early_data_size:TEST_EARLY_DATA_SERVER_REJECTS:3
+
+TLS 1.3 srv, max early data size, server rejects, max=97
+tls13_srv_max_early_data_size:TEST_EARLY_DATA_SERVER_REJECTS:97
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@ -4466,6 +4466,7 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg)
    char pattern[128];
    unsigned char buf_write[64];
    size_t early_data_len = sizeof(buf_write);
+    uint32_t expended_early_data_len = 0;
    uint32_t written_early_data_size = 0;
    int write_early_data_flag = 1;
    uint32_t max_early_data_size;
@ -4503,6 +4504,14 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg)
        case TEST_EARLY_DATA_ACCEPTED:
            break;

+        case TEST_EARLY_DATA_SERVER_REJECTS:
+            server_options.early_data = MBEDTLS_SSL_EARLY_DATA_DISABLED;
+            ret = mbedtls_snprintf(pattern, sizeof(pattern),
+                                   "EarlyData: deprotect and discard app data records.");
+            TEST_ASSERT(ret < (int) sizeof(pattern));
+            mbedtls_debug_set_threshold(3);
+            break;
+
        default:
            TEST_FAIL("Unknown scenario.");
    }
@ -4552,7 +4561,7 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg)
        uint32_t remaining = max_early_data_size -
                             server_ep.ssl.early_data_count;

-        /* Reach maximum early data exactly */
+        /* In case of accepted early data, reach max_early_data_size exactly. */
        if (early_data_len >= remaining) {
            early_data_len = remaining;
            write_early_data_flag = 0;
@ -4585,13 +4594,43 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg)
                               written_early_data_size);
                }
                break;
+
+            case TEST_EARLY_DATA_SERVER_REJECTS:
+                ret = mbedtls_ssl_handshake(&(server_ep.ssl));
+                /*
+                 * Can be the case if max_early_data_size is smaller then the
+                 * smallest inner content or protected record.
+                 */
+                if (ret == MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE) {
+                    /* Beyond 64 for max_early_data_size it is suspicious */
+                    TEST_ASSERT(max_early_data_size < 64);
+                    goto exit;
+                }
+
+                TEST_ASSERT(ret == MBEDTLS_ERR_SSL_WANT_READ);
+
+                TEST_EQUAL(server_pattern.counter, 1);
+                server_pattern.counter = 0;
+                if (expended_early_data_len == 0) {
+                    expended_early_data_len = server_ep.ssl.early_data_count;
+                }
+                remaining = max_early_data_size - server_ep.ssl.early_data_count;
+
+                if (expended_early_data_len > remaining) {
+                    write_early_data_flag = 0;
+                }
+                break;
        }
        TEST_ASSERT(server_ep.ssl.early_data_count <= max_early_data_size);
    }

    mbedtls_debug_set_threshold(3);
-    ret = write_early_data(&(client_ep.ssl), buf_write, 1);
-    TEST_EQUAL(ret, 1);
+
+    early_data_len = (scenario == TEST_EARLY_DATA_ACCEPTED) ?
+                     1 : sizeof(buf_write);
+
+    ret = write_early_data(&(client_ep.ssl), buf_write, early_data_len);
+    TEST_EQUAL(ret, early_data_len);

    ret = mbedtls_snprintf(pattern, sizeof(pattern),
                           "EarlyData: Too many early data received");