LCOV - code coverage report
Current view: top level - tls - s2n_early_data.c (source / functions) Hit Total Coverage
Test: unit_test_coverage.info Lines: 268 269 99.6 %
Date: 2026-07-04 07:27:58 Functions: 24 24 100.0 %
Branches: 256 370 69.2 %

           Branch data     Line data    Source code
       1                 :            : /*
       2                 :            :  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
       3                 :            :  *
       4                 :            :  * Licensed under the Apache License, Version 2.0 (the "License").
       5                 :            :  * You may not use this file except in compliance with the License.
       6                 :            :  * A copy of the License is located at
       7                 :            :  *
       8                 :            :  *  http://aws.amazon.com/apache2.0
       9                 :            :  *
      10                 :            :  * or in the "license" file accompanying this file. This file is distributed
      11                 :            :  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
      12                 :            :  * express or implied. See the License for the specific language governing
      13                 :            :  * permissions and limitations under the License.
      14                 :            :  */
      15                 :            : 
      16                 :            : #include "tls/s2n_early_data.h"
      17                 :            : 
      18                 :            : #include "tls/s2n_cipher_suites.h"
      19                 :            : #include "tls/s2n_connection.h"
      20                 :            : #include "tls/s2n_psk.h"
      21                 :            : #include "utils/s2n_mem.h"
      22                 :            : #include "utils/s2n_safety.h"
      23                 :            : 
      24                 :            : const s2n_early_data_state valid_previous_states[] = {
      25                 :            :     [S2N_EARLY_DATA_REQUESTED] = S2N_UNKNOWN_EARLY_DATA_STATE,
      26                 :            :     [S2N_EARLY_DATA_NOT_REQUESTED] = S2N_UNKNOWN_EARLY_DATA_STATE,
      27                 :            :     [S2N_EARLY_DATA_REJECTED] = S2N_EARLY_DATA_REQUESTED,
      28                 :            :     [S2N_EARLY_DATA_ACCEPTED] = S2N_EARLY_DATA_REQUESTED,
      29                 :            :     [S2N_END_OF_EARLY_DATA] = S2N_EARLY_DATA_ACCEPTED,
      30                 :            : };
      31                 :            : 
      32                 :            : S2N_RESULT s2n_connection_set_early_data_state(struct s2n_connection *conn, s2n_early_data_state next_state)
      33                 :      15572 : {
      34 [ +  - ][ +  + ]:      15572 :     RESULT_ENSURE_REF(conn);
      35         [ +  + ]:      15571 :     if (conn->early_data_state == next_state) {
      36                 :        195 :         return S2N_RESULT_OK;
      37                 :        195 :     }
      38 [ +  + ][ +  - ]:      15376 :     RESULT_ENSURE(next_state < S2N_EARLY_DATA_STATES_COUNT, S2N_ERR_INVALID_EARLY_DATA_STATE);
      39 [ +  - ][ +  + ]:      15374 :     RESULT_ENSURE(next_state != S2N_UNKNOWN_EARLY_DATA_STATE, S2N_ERR_INVALID_EARLY_DATA_STATE);
      40 [ +  - ][ +  + ]:      15361 :     RESULT_ENSURE(conn->early_data_state == valid_previous_states[next_state], S2N_ERR_INVALID_EARLY_DATA_STATE);
      41                 :      15313 :     conn->early_data_state = next_state;
      42                 :      15313 :     return S2N_RESULT_OK;
      43                 :      15361 : }
      44                 :            : 
      45                 :            : int s2n_connection_set_early_data_expected(struct s2n_connection *conn)
      46                 :       6584 : {
      47 [ +  + ][ +  - ]:       6584 :     POSIX_ENSURE_REF(conn);
      48                 :       6583 :     conn->early_data_expected = true;
      49                 :       6583 :     return S2N_SUCCESS;
      50                 :       6584 : }
      51                 :            : 
      52                 :            : int s2n_connection_set_end_of_early_data(struct s2n_connection *conn)
      53                 :       6069 : {
      54 [ -  + ][ #  # ]:       6069 :     POSIX_ENSURE_REF(conn);
      55                 :       6069 :     conn->early_data_expected = false;
      56                 :       6069 :     return S2N_SUCCESS;
      57                 :       6069 : }
      58                 :            : 
      59                 :            : static S2N_RESULT s2n_early_data_validate(struct s2n_connection *conn)
      60                 :        218 : {
      61 [ +  + ][ +  - ]:        218 :     RESULT_ENSURE_REF(conn);
      62 [ -  + ][ #  # ]:        217 :     RESULT_ENSURE_REF(conn->secure);
      63                 :            : 
      64                 :            :     /**
      65                 :            :      *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10
      66                 :            :      *# In order to accept early data, the server MUST have accepted a PSK
      67                 :            :      *# cipher suite and selected the first key offered in the client's
      68                 :            :      *# "pre_shared_key" extension.
      69                 :            :      **/
      70 [ +  + ][ +  - ]:        217 :     RESULT_ENSURE_REF(conn->psk_params.chosen_psk);
      71 [ +  + ][ +  - ]:        212 :     RESULT_ENSURE_EQ(conn->psk_params.chosen_psk_wire_index, 0);
      72                 :            : 
      73                 :        211 :     struct s2n_early_data_config *config = &conn->psk_params.chosen_psk->early_data_config;
      74 [ +  + ][ +  - ]:        211 :     RESULT_ENSURE_GT(config->max_early_data_size, 0);
      75                 :            : 
      76                 :            :     /**
      77                 :            :      *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10
      78                 :            :      *# In addition, it MUST verify that the
      79                 :            :      *# following values are the same as those associated with the
      80                 :            :      *# selected PSK:
      81                 :            :      *#
      82                 :            :      *# -  The TLS version number
      83                 :            :      **/
      84 [ +  + ][ +  - ]:        207 :     RESULT_ENSURE_EQ(config->protocol_version, s2n_connection_get_protocol_version(conn));
      85                 :            :     /**
      86                 :            :      *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10
      87                 :            :      *# -  The selected cipher suite
      88                 :            :      **/
      89 [ +  + ][ +  - ]:        204 :     RESULT_ENSURE_EQ(config->cipher_suite, conn->secure->cipher_suite);
      90                 :            :     /**
      91                 :            :      *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10
      92                 :            :      *# -  The selected ALPN [RFC7301] protocol, if any
      93                 :            :      **/
      94                 :        199 :     const size_t app_protocol_size = strlen(conn->application_protocol);
      95 [ +  + ][ +  + ]:        199 :     if (app_protocol_size > 0 || config->application_protocol.size > 0) {
      96 [ +  + ][ +  - ]:          4 :         RESULT_ENSURE_EQ(config->application_protocol.size, app_protocol_size + 1 /* null-terminating char */);
      97 [ -  + ][ #  # ]:          1 :         RESULT_ENSURE(s2n_constant_time_equals(config->application_protocol.data, (uint8_t *) conn->application_protocol, app_protocol_size), S2N_ERR_SAFETY);
      98                 :          1 :     }
      99                 :            : 
     100                 :        196 :     return S2N_RESULT_OK;
     101                 :        199 : }
     102                 :            : 
     103                 :            : bool s2n_early_data_is_valid_for_connection(struct s2n_connection *conn)
     104                 :        218 : {
     105                 :        218 :     return s2n_result_is_ok(s2n_early_data_validate(conn));
     106                 :        218 : }
     107                 :            : 
     108                 :            : S2N_RESULT s2n_early_data_accept_or_reject(struct s2n_connection *conn)
     109                 :      15191 : {
     110 [ +  - ][ +  + ]:      15191 :     RESULT_ENSURE_REF(conn);
     111         [ +  + ]:      15190 :     if (conn->early_data_state != S2N_EARLY_DATA_REQUESTED) {
     112                 :      15027 :         return S2N_RESULT_OK;
     113                 :      15027 :     }
     114                 :            : 
     115         [ +  + ]:        163 :     if (conn->handshake.early_data_async_state.conn) {
     116         [ +  - ]:          3 :         RESULT_BAIL(S2N_ERR_ASYNC_BLOCKED);
     117                 :          3 :     }
     118                 :            : 
     119                 :            :     /**
     120                 :            :      *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10
     121                 :            :      *# If any of these checks fail, the server MUST NOT respond with the
     122                 :            :      *# extension
     123                 :            :      **/
     124         [ +  + ]:        160 :     if (!s2n_early_data_is_valid_for_connection(conn)) {
     125         [ -  + ]:         13 :         RESULT_GUARD(s2n_connection_set_early_data_state(conn, S2N_EARLY_DATA_REJECTED));
     126                 :         13 :         return S2N_RESULT_OK;
     127                 :         13 :     }
     128                 :            : 
     129                 :            :     /* Even if the connection is valid for early data, the client can't consider
     130                 :            :      * early data accepted until the server sends the early data indication. */
     131         [ +  + ]:        147 :     if (conn->mode == S2N_CLIENT) {
     132                 :         71 :         return S2N_RESULT_OK;
     133                 :         71 :     }
     134                 :            : 
     135                 :            :     /* The server should reject early data if the application is not prepared to handle it. */
     136         [ +  + ]:         76 :     if (!conn->early_data_expected) {
     137         [ -  + ]:         23 :         RESULT_GUARD(s2n_connection_set_early_data_state(conn, S2N_EARLY_DATA_REJECTED));
     138                 :         23 :         return S2N_RESULT_OK;
     139                 :         23 :     }
     140                 :            : 
     141                 :            :     /* If early data would otherwise be accepted, let the application apply any additional restrictions.
     142                 :            :      * For example, an application could use this callback to implement anti-replay protections.
     143                 :            :      *
     144                 :            :      * This callback can be either synchronous or asynchronous. The handshake will not proceed until
     145                 :            :      * the application either accepts or rejects early data.
     146                 :            :      */
     147 [ -  + ][ #  # ]:         53 :     RESULT_ENSURE_REF(conn->config);
     148         [ +  + ]:         53 :     if (conn->config->early_data_cb) {
     149                 :          5 :         conn->handshake.early_data_async_state.conn = conn;
     150 [ -  + ][ #  # ]:          5 :         RESULT_ENSURE(conn->config->early_data_cb(conn, &conn->handshake.early_data_async_state) >= S2N_SUCCESS,
     151                 :          5 :                 S2N_ERR_CANCELLED);
     152         [ +  + ]:          5 :         if (conn->early_data_state == S2N_EARLY_DATA_REQUESTED) {
     153         [ +  - ]:          3 :             RESULT_BAIL(S2N_ERR_ASYNC_BLOCKED);
     154                 :          3 :         }
     155                 :         48 :     } else {
     156         [ -  + ]:         48 :         RESULT_GUARD(s2n_connection_set_early_data_state(conn, S2N_EARLY_DATA_ACCEPTED));
     157                 :         48 :     }
     158                 :         50 :     return S2N_RESULT_OK;
     159                 :         53 : }
     160                 :            : 
     161                 :            : int s2n_config_set_server_max_early_data_size(struct s2n_config *config, uint32_t max_early_data_size)
     162                 :          4 : {
     163 [ +  + ][ +  - ]:          4 :     POSIX_ENSURE_REF(config);
     164                 :          3 :     config->server_max_early_data_size = max_early_data_size;
     165                 :          3 :     return S2N_SUCCESS;
     166                 :          4 : }
     167                 :            : 
     168                 :            : int s2n_connection_set_server_max_early_data_size(struct s2n_connection *conn, uint32_t max_early_data_size)
     169                 :        747 : {
     170 [ +  - ][ +  + ]:        747 :     POSIX_ENSURE_REF(conn);
     171                 :        746 :     conn->server_max_early_data_size = max_early_data_size;
     172                 :        746 :     conn->server_max_early_data_size_overridden = true;
     173                 :        746 :     return S2N_SUCCESS;
     174                 :        747 : }
     175                 :            : 
     176                 :            : S2N_RESULT s2n_early_data_get_server_max_size(struct s2n_connection *conn, uint32_t *max_early_data_size)
     177                 :      14223 : {
     178 [ +  - ][ +  + ]:      14223 :     RESULT_ENSURE_REF(conn);
     179 [ +  - ][ +  + ]:      14220 :     RESULT_ENSURE_REF(max_early_data_size);
     180         [ +  + ]:      14219 :     if (conn->server_max_early_data_size_overridden) {
     181                 :       2437 :         *max_early_data_size = conn->server_max_early_data_size;
     182                 :      11782 :     } else {
     183 [ +  + ][ +  - ]:      11782 :         RESULT_ENSURE_REF(conn->config);
     184                 :      11781 :         *max_early_data_size = conn->config->server_max_early_data_size;
     185                 :      11781 :     }
     186                 :      14218 :     return S2N_RESULT_OK;
     187                 :      14219 : }
     188                 :            : 
     189                 :            : int s2n_connection_set_server_early_data_context(struct s2n_connection *conn, const uint8_t *context, uint16_t context_size)
     190                 :         12 : {
     191 [ +  - ][ +  + ]:         12 :     POSIX_ENSURE_REF(conn);
     192         [ +  + ]:         11 :     if (context_size > 0) {
     193 [ +  + ][ +  - ]:         10 :         POSIX_ENSURE_REF(context);
     194                 :         10 :     }
     195                 :            : 
     196         [ -  + ]:         10 :     POSIX_GUARD(s2n_realloc(&conn->server_early_data_context, context_size));
     197 [ -  + ][ #  # ]:         10 :     POSIX_CHECKED_MEMCPY(conn->server_early_data_context.data, context, context_size);
                 [ +  + ]
     198                 :         10 :     return S2N_SUCCESS;
     199                 :         10 : }
     200                 :            : 
     201                 :            : S2N_CLEANUP_RESULT s2n_early_data_config_free(struct s2n_early_data_config *config)
     202                 :       4569 : {
     203         [ +  + ]:       4569 :     if (config == NULL) {
     204                 :          1 :         return S2N_RESULT_OK;
     205                 :          1 :     }
     206         [ -  + ]:       4568 :     RESULT_GUARD_POSIX(s2n_free(&config->application_protocol));
     207         [ -  + ]:       4568 :     RESULT_GUARD_POSIX(s2n_free(&config->context));
     208                 :       4568 :     return S2N_RESULT_OK;
     209                 :       4568 : }
     210                 :            : 
     211                 :            : int s2n_psk_configure_early_data(struct s2n_psk *psk, uint32_t max_early_data_size,
     212                 :            :         uint8_t cipher_suite_first_byte, uint8_t cipher_suite_second_byte)
     213                 :        177 : {
     214 [ +  - ][ +  + ]:        177 :     POSIX_ENSURE_REF(psk);
     215                 :            : 
     216                 :        176 :     const uint8_t cipher_suite_iana[] = { cipher_suite_first_byte, cipher_suite_second_byte };
     217                 :        176 :     struct s2n_cipher_suite *cipher_suite = NULL;
     218         [ -  + ]:        176 :     POSIX_GUARD_RESULT(s2n_cipher_suite_from_iana(cipher_suite_iana, sizeof(cipher_suite_iana), &cipher_suite));
     219 [ #  # ][ -  + ]:        176 :     POSIX_ENSURE_REF(cipher_suite);
     220 [ +  - ][ +  + ]:        176 :     POSIX_ENSURE(cipher_suite->prf_alg == psk->hmac_alg, S2N_ERR_INVALID_ARGUMENT);
     221                 :            : 
     222                 :        175 :     psk->early_data_config.max_early_data_size = max_early_data_size;
     223                 :        175 :     psk->early_data_config.protocol_version = S2N_TLS13;
     224                 :        175 :     psk->early_data_config.cipher_suite = cipher_suite;
     225                 :        175 :     return S2N_SUCCESS;
     226                 :        176 : }
     227                 :            : 
     228                 :            : int s2n_psk_set_application_protocol(struct s2n_psk *psk, const uint8_t *application_protocol, uint8_t size)
     229                 :       1456 : {
     230 [ +  + ][ +  - ]:       1456 :     POSIX_ENSURE_REF(psk);
     231         [ +  + ]:       1455 :     if (size > 0) {
     232 [ +  + ][ +  - ]:         24 :         POSIX_ENSURE_REF(application_protocol);
     233                 :         24 :     }
     234                 :       1454 :     struct s2n_blob *protocol_blob = &psk->early_data_config.application_protocol;
     235         [ -  + ]:       1454 :     POSIX_GUARD(s2n_realloc(protocol_blob, size));
     236 [ -  + ][ #  # ]:       1454 :     POSIX_CHECKED_MEMCPY(protocol_blob->data, application_protocol, size);
                 [ +  + ]
     237                 :       1454 :     return S2N_SUCCESS;
     238                 :       1454 : }
     239                 :            : 
     240                 :            : int s2n_psk_set_early_data_context(struct s2n_psk *psk, const uint8_t *context, uint16_t size)
     241                 :       1450 : {
     242 [ +  - ][ +  + ]:       1450 :     POSIX_ENSURE_REF(psk);
     243         [ +  + ]:       1449 :     if (size > 0) {
     244 [ +  - ][ +  + ]:         18 :         POSIX_ENSURE_REF(context);
     245                 :         18 :     }
     246                 :       1448 :     struct s2n_blob *context_blob = &psk->early_data_config.context;
     247         [ -  + ]:       1448 :     POSIX_GUARD(s2n_realloc(context_blob, size));
     248 [ -  + ][ #  # ]:       1448 :     POSIX_CHECKED_MEMCPY(context_blob->data, context, size);
                 [ +  + ]
     249                 :       1448 :     return S2N_SUCCESS;
     250                 :       1448 : }
     251                 :            : 
     252                 :            : S2N_RESULT s2n_early_data_config_clone(struct s2n_psk *new_psk, struct s2n_early_data_config *old_config)
     253                 :       1338 : {
     254 [ -  + ][ #  # ]:       1338 :     RESULT_ENSURE_REF(old_config);
     255 [ #  # ][ -  + ]:       1338 :     RESULT_ENSURE_REF(new_psk);
     256                 :            : 
     257                 :       1338 :     struct s2n_early_data_config config_copy = new_psk->early_data_config;
     258                 :            : 
     259                 :            :     /* Copy all fields from the old_config EXCEPT the blobs, which we need to reallocate. */
     260                 :       1338 :     new_psk->early_data_config = *old_config;
     261                 :       1338 :     new_psk->early_data_config.application_protocol = config_copy.application_protocol;
     262                 :       1338 :     new_psk->early_data_config.context = config_copy.context;
     263                 :            : 
     264                 :            :     /* Clone / realloc blobs */
     265         [ -  + ]:       1338 :     RESULT_GUARD_POSIX(s2n_psk_set_application_protocol(new_psk, old_config->application_protocol.data,
     266                 :       1338 :             old_config->application_protocol.size));
     267         [ -  + ]:       1338 :     RESULT_GUARD_POSIX(s2n_psk_set_early_data_context(new_psk, old_config->context.data,
     268                 :       1338 :             old_config->context.size));
     269                 :            : 
     270                 :       1338 :     return S2N_RESULT_OK;
     271                 :       1338 : }
     272                 :            : 
     273                 :            : int s2n_connection_get_early_data_status(struct s2n_connection *conn, s2n_early_data_status_t *status)
     274                 :         29 : {
     275 [ +  - ][ +  + ]:         29 :     POSIX_ENSURE_REF(conn);
     276 [ +  - ][ +  + ]:         28 :     POSIX_ENSURE_REF(status);
     277                 :            : 
     278         [ -  + ]:         27 :     switch (conn->early_data_state) {
     279         [ +  + ]:          1 :         case S2N_EARLY_DATA_STATES_COUNT:
     280                 :          1 :             break;
     281         [ +  + ]:          5 :         case S2N_EARLY_DATA_NOT_REQUESTED:
     282                 :          5 :             *status = S2N_EARLY_DATA_STATUS_NOT_REQUESTED;
     283                 :          5 :             return S2N_SUCCESS;
     284         [ +  + ]:          5 :         case S2N_EARLY_DATA_REJECTED:
     285                 :          5 :             *status = S2N_EARLY_DATA_STATUS_REJECTED;
     286                 :          5 :             return S2N_SUCCESS;
     287         [ +  + ]:          3 :         case S2N_END_OF_EARLY_DATA:
     288                 :          3 :             *status = S2N_EARLY_DATA_STATUS_END;
     289                 :          3 :             return S2N_SUCCESS;
     290         [ +  + ]:          2 :         case S2N_UNKNOWN_EARLY_DATA_STATE:
     291         [ +  + ]:          8 :         case S2N_EARLY_DATA_REQUESTED:
     292         [ +  + ]:         13 :         case S2N_EARLY_DATA_ACCEPTED:
     293                 :         13 :             *status = S2N_EARLY_DATA_STATUS_OK;
     294                 :         13 :             return S2N_SUCCESS;
     295                 :         27 :     }
     296         [ +  - ]:          1 :     POSIX_BAIL(S2N_ERR_INVALID_EARLY_DATA_STATE);
     297                 :          1 : }
     298                 :            : 
     299                 :            : static S2N_RESULT s2n_get_remaining_early_data_bytes(struct s2n_connection *conn, uint32_t *early_data_allowed)
     300                 :      10425 : {
     301 [ #  # ][ -  + ]:      10425 :     RESULT_ENSURE_REF(conn);
     302 [ -  + ][ #  # ]:      10425 :     RESULT_ENSURE_REF(early_data_allowed);
     303                 :      10425 :     *early_data_allowed = 0;
     304                 :            : 
     305                 :      10425 :     uint32_t max_early_data_size = 0;
     306         [ -  + ]:      10425 :     RESULT_GUARD_POSIX(s2n_connection_get_max_early_data_size(conn, &max_early_data_size));
     307                 :            : 
     308 [ +  + ][ +  - ]:      10425 :     RESULT_ENSURE(max_early_data_size >= conn->early_data_bytes, S2N_ERR_MAX_EARLY_DATA_SIZE);
     309                 :      10424 :     *early_data_allowed = (max_early_data_size - conn->early_data_bytes);
     310                 :            : 
     311                 :      10424 :     return S2N_RESULT_OK;
     312                 :      10425 : }
     313                 :            : 
     314                 :            : int s2n_connection_get_remaining_early_data_size(struct s2n_connection *conn, uint32_t *allowed_early_data_size)
     315                 :      10510 : {
     316 [ +  + ][ +  - ]:      10510 :     POSIX_ENSURE_REF(conn);
     317 [ +  - ][ +  + ]:      10509 :     POSIX_ENSURE_REF(allowed_early_data_size);
     318                 :      10508 :     *allowed_early_data_size = 0;
     319                 :            : 
     320         [ -  + ]:      10508 :     switch (conn->early_data_state) {
     321         [ -  + ]:          0 :         case S2N_EARLY_DATA_STATES_COUNT:
     322         [ +  + ]:         40 :         case S2N_EARLY_DATA_NOT_REQUESTED:
     323         [ +  + ]:         75 :         case S2N_EARLY_DATA_REJECTED:
     324         [ +  + ]:         83 :         case S2N_END_OF_EARLY_DATA:
     325                 :         83 :             *allowed_early_data_size = 0;
     326                 :         83 :             break;
     327         [ +  + ]:       5097 :         case S2N_UNKNOWN_EARLY_DATA_STATE:
     328         [ +  + ]:       7244 :         case S2N_EARLY_DATA_REQUESTED:
     329         [ +  + ]:      10425 :         case S2N_EARLY_DATA_ACCEPTED:
     330         [ +  + ]:      10425 :             POSIX_GUARD_RESULT(s2n_get_remaining_early_data_bytes(conn, allowed_early_data_size));
     331                 :      10424 :             break;
     332                 :      10508 :     }
     333                 :      10507 :     return S2N_SUCCESS;
     334                 :      10508 : }
     335                 :            : 
     336                 :            : int s2n_connection_get_max_early_data_size(struct s2n_connection *conn, uint32_t *max_early_data_size)
     337                 :      11608 : {
     338 [ +  - ][ +  + ]:      11608 :     POSIX_ENSURE_REF(conn);
     339 [ +  - ][ +  + ]:      11607 :     POSIX_ENSURE_REF(max_early_data_size);
     340                 :      11606 :     *max_early_data_size = 0;
     341                 :            : 
     342                 :      11606 :     uint32_t server_max_early_data_size = 0;
     343         [ -  + ]:      11606 :     POSIX_GUARD_RESULT(s2n_early_data_get_server_max_size(conn, &server_max_early_data_size));
     344                 :            : 
     345         [ +  + ]:      11606 :     if (conn->psk_params.psk_list.len == 0) {
     346                 :            :         /* This method may be called by the server before loading its PSKs.
     347                 :            :          * The server can load its PSKs during the handshake, either via the PSK selection callback
     348                 :            :          * or by receiving a stateless session ticket.
     349                 :            :          *
     350                 :            :          * Before that happens, we should make an optimistic assumption of the early data size.
     351                 :            :          * That way, the max early data size always decreases (for example, it won't go from 0 -> UINT32_MAX
     352                 :            :          * after receiving a PSK in the ClientHello).
     353                 :            :          */
     354 [ +  + ][ +  + ]:        186 :         if (conn->mode == S2N_SERVER && !IS_NEGOTIATED(conn)) {
     355                 :        165 :             *max_early_data_size = server_max_early_data_size;
     356                 :        165 :         }
     357                 :        186 :         return S2N_SUCCESS;
     358                 :        186 :     }
     359                 :            : 
     360                 :      11420 :     struct s2n_psk *first_psk = NULL;
     361         [ -  + ]:      11420 :     POSIX_GUARD_RESULT(s2n_array_get(&conn->psk_params.psk_list, 0, (void **) &first_psk));
     362 [ #  # ][ -  + ]:      11420 :     POSIX_ENSURE_REF(first_psk);
     363                 :      11420 :     *max_early_data_size = first_psk->early_data_config.max_early_data_size;
     364                 :            : 
     365                 :            :     /* For the server, we should use the minimum of the limit retrieved from the ticket
     366                 :            :      * and the current limit being set for new tickets.
     367                 :            :      *
     368                 :            :      * This is defensive: even if more early data was previously allowed, the server may not be
     369                 :            :      * willing or able to handle that much early data now.
     370                 :            :      *
     371                 :            :      * We don't do this for external PSKs because the server has intentionally set the limit
     372                 :            :      * while setting up this connection, not during a previous connection.
     373                 :            :      */
     374 [ +  + ][ +  + ]:      11420 :     if (conn->mode == S2N_SERVER && first_psk->type == S2N_PSK_TYPE_RESUMPTION) {
     375         [ +  + ]:        124 :         *max_early_data_size = S2N_MIN(*max_early_data_size, server_max_early_data_size);
     376                 :        124 :     }
     377                 :            : 
     378                 :      11420 :     return S2N_SUCCESS;
     379                 :      11420 : }
     380                 :            : 
     381                 :            : int s2n_config_set_early_data_cb(struct s2n_config *config, s2n_early_data_cb cb)
     382                 :          7 : {
     383 [ +  + ][ +  - ]:          7 :     POSIX_ENSURE_REF(config);
     384                 :          6 :     config->early_data_cb = cb;
     385                 :          6 :     return S2N_SUCCESS;
     386                 :          7 : }
     387                 :            : 
     388                 :            : int s2n_offered_early_data_get_context_length(struct s2n_offered_early_data *early_data, uint16_t *context_len)
     389                 :          8 : {
     390 [ +  + ][ +  - ]:          8 :     POSIX_ENSURE_REF(context_len);
     391 [ +  + ][ +  - ]:          7 :     POSIX_ENSURE_REF(early_data);
     392                 :          6 :     struct s2n_connection *conn = early_data->conn;
     393                 :            : 
     394 [ +  + ][ +  - ]:          6 :     POSIX_ENSURE_REF(conn);
     395 [ +  - ][ +  + ]:          5 :     POSIX_ENSURE_REF(conn->psk_params.chosen_psk);
     396                 :          4 :     struct s2n_early_data_config *early_data_config = &conn->psk_params.chosen_psk->early_data_config;
     397                 :            : 
     398                 :          4 :     *context_len = early_data_config->context.size;
     399                 :            : 
     400                 :          4 :     return S2N_SUCCESS;
     401                 :          5 : }
     402                 :            : 
     403                 :            : int s2n_offered_early_data_get_context(struct s2n_offered_early_data *early_data, uint8_t *context, uint16_t max_len)
     404                 :         10 : {
     405 [ +  + ][ +  - ]:         10 :     POSIX_ENSURE_REF(context);
     406 [ +  - ][ +  + ]:          9 :     POSIX_ENSURE_REF(early_data);
     407                 :          8 :     struct s2n_connection *conn = early_data->conn;
     408                 :            : 
     409 [ +  + ][ +  - ]:          8 :     POSIX_ENSURE_REF(conn);
     410 [ +  + ][ +  - ]:          7 :     POSIX_ENSURE_REF(conn->psk_params.chosen_psk);
     411                 :          6 :     struct s2n_early_data_config *early_data_config = &conn->psk_params.chosen_psk->early_data_config;
     412                 :            : 
     413 [ +  + ][ +  - ]:          6 :     POSIX_ENSURE(early_data_config->context.size <= max_len, S2N_ERR_INSUFFICIENT_MEM_SIZE);
     414 [ -  + ][ #  # ]:          5 :     POSIX_CHECKED_MEMCPY(context, early_data_config->context.data, early_data_config->context.size);
                 [ +  + ]
     415                 :            : 
     416                 :          5 :     return S2N_SUCCESS;
     417                 :          5 : }
     418                 :            : 
     419                 :            : int s2n_offered_early_data_reject(struct s2n_offered_early_data *early_data)
     420                 :          6 : {
     421 [ +  + ][ +  - ]:          6 :     POSIX_ENSURE_REF(early_data);
     422                 :          5 :     struct s2n_connection *conn = early_data->conn;
     423 [ +  - ][ +  + ]:          5 :     POSIX_ENSURE_REF(conn);
     424         [ -  + ]:          4 :     POSIX_GUARD_RESULT(s2n_connection_set_early_data_state(conn, S2N_EARLY_DATA_REJECTED));
     425                 :          4 :     return S2N_SUCCESS;
     426                 :          4 : }
     427                 :            : 
     428                 :            : int s2n_offered_early_data_accept(struct s2n_offered_early_data *early_data)
     429                 :          5 : {
     430 [ +  + ][ +  - ]:          5 :     POSIX_ENSURE_REF(early_data);
     431                 :          4 :     struct s2n_connection *conn = early_data->conn;
     432 [ +  + ][ +  - ]:          4 :     POSIX_ENSURE_REF(conn);
     433         [ -  + ]:          3 :     POSIX_GUARD_RESULT(s2n_connection_set_early_data_state(conn, S2N_EARLY_DATA_ACCEPTED));
     434                 :          3 :     return S2N_SUCCESS;
     435                 :          3 : }

Generated by: LCOV version 1.14