add early data extension of NST

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-12-12 15:09:22 +08:00
parent 40f3f1c36f
commit 01da35e2c8

View file

@ -3195,6 +3195,49 @@ static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl,
return 0;
}
#if defined(MBEDTLS_SSL_EARLY_DATA)
/* RFC 8446 section 4.2.10
*
* struct {
* select ( Handshake.msg_type ) {
* case new_session_ticket: uint32 max_early_data_size;
* ...
* };
* } EarlyDataIndication;
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_write_early_data_ext_of_nst(mbedtls_ssl_context *ssl,
unsigned char *buf,
const unsigned char *end,
size_t *out_len)
{
unsigned char *p = buf;
*out_len = 0;
if ((ssl->session->ticket_flags &
MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA) == 0) {
MBEDTLS_SSL_DEBUG_MSG(
4, ("Skip early_data extension in NST for it is not allowed."));
return 0;
}
MBEDTLS_SSL_CHK_BUF_PTR(p, end, 8);
MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_EARLY_DATA, p, 0);
MBEDTLS_PUT_UINT16_BE(4, p, 2);
MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4);
MBEDTLS_SSL_DEBUG_MSG(
4, ("Sent max_early_data_size=%u",
(unsigned int) ssl->conf->max_early_data_size));
*out_len = 8;
mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_EARLY_DATA);
return 0;
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
/* This function creates a NewSessionTicket message in the following format:
*
* struct {
@ -3232,10 +3275,20 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl,
mbedtls_ssl_session *session = ssl->session;
size_t ticket_len;
uint32_t ticket_lifetime;
unsigned char *p_extensions_len;
size_t output_len;
((void) output_len);
*out_len = 0;
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write NewSessionTicket msg"));
#if defined(MBEDTLS_SSL_EARLY_DATA)
if (ssl->conf->early_data_enabled == MBEDTLS_SSL_EARLY_DATA_ENABLED) {
session->ticket_flags |= MBEDTLS_SSL_TLS1_3_TICKET_ALLOW_EARLY_DATA;
}
#endif /* MBEDTLS_SSL_EARLY_DATA */
/*
* ticket_lifetime 4 bytes
* ticket_age_add 4 bytes
@ -3293,15 +3346,25 @@ static int ssl_tls13_write_new_session_ticket_body(mbedtls_ssl_context *ssl,
/* Ticket Extensions
*
* Note: We currently don't have any extensions.
* Set length to zero.
* Extension extensions<0..2^16-2>;
*/
ssl->handshake->sent_extensions = MBEDTLS_SSL_EXT_MASK_NONE;
MBEDTLS_SSL_CHK_BUF_PTR(p, end, 2);
MBEDTLS_PUT_UINT16_BE(0, p, 0);
p_extensions_len = p;
p += 2;
#if defined(MBEDTLS_SSL_EARLY_DATA)
if ((ret = ssl_tls13_write_early_data_ext_of_nst(
ssl, p, end, &output_len)) != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "ssl_tls13_write_early_data_ext_of_nst", ret);
return ret;
}
p += output_len;
#endif /* MBEDTLS_SSL_EARLY_DATA */
MBEDTLS_PUT_UINT16_BE(p - p_extensions_len - 2, p_extensions_len, 0);
*out_len = p - buf;
MBEDTLS_SSL_DEBUG_BUF(4, "ticket", buf, *out_len);
MBEDTLS_SSL_DEBUG_MSG(2, ("<= write new session ticket"));