diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 6c508d6234..a8ff1c1a15 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -4135,7 +4135,12 @@ static int ssl_prepare_record_content(mbedtls_ssl_context *ssl, if (rec->type == MBEDTLS_SSL_MSG_APPLICATION_DATA) { MBEDTLS_SSL_DEBUG_MSG( 3, ("EarlyData: Ignore application message before 2nd ClientHello")); - /* TODO: Add max_early_data_size check here, see issue 6347 */ + + ret = mbedtls_ssl_tls13_check_early_data_len(ssl, rec->data_len); + if (ret != 0) { + return ret; + } + return MBEDTLS_ERR_SSL_CONTINUE_PROCESSING; } else if (rec->type == MBEDTLS_SSL_MSG_HANDSHAKE) { ssl->discard_early_data_record = MBEDTLS_SSL_EARLY_DATA_NO_DISCARD; diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 6fb3d837c0..03de4a99f6 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -3327,3 +3327,12 @@ tls13_srv_max_early_data_size:TEST_EARLY_DATA_SERVER_REJECTS:3 TLS 1.3 srv, max early data size, server rejects, max=97 tls13_srv_max_early_data_size:TEST_EARLY_DATA_SERVER_REJECTS:97 + +TLS 1.3 srv, max early data size, HRR, default +tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:-1 + +TLS 1.3 srv, max early data size, HRR, max=3 (very small) +tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:3 + +TLS 1.3 srv, max early data size, HRR, max=97 +tls13_srv_max_early_data_size:TEST_EARLY_DATA_HRR:97 diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 0c1d606909..fc1bc3ee85 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -4463,6 +4463,11 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg) mbedtls_test_handshake_test_options server_options; mbedtls_ssl_session saved_session; mbedtls_test_ssl_log_pattern server_pattern = { NULL, 0 }; + uint16_t group_list[3] = { + MBEDTLS_SSL_IANA_TLS_GROUP_SECP256R1, + MBEDTLS_SSL_IANA_TLS_GROUP_SECP384R1, + MBEDTLS_SSL_IANA_TLS_GROUP_NONE + }; char pattern[128]; unsigned char buf_write[64]; size_t early_data_len = sizeof(buf_write); @@ -4484,8 +4489,10 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg) */ client_options.pk_alg = MBEDTLS_PK_ECDSA; + client_options.group_list = group_list; client_options.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED; server_options.pk_alg = MBEDTLS_PK_ECDSA; + server_options.group_list = group_list; server_options.early_data = MBEDTLS_SSL_EARLY_DATA_ENABLED; server_options.max_early_data_size = max_early_data_size_arg; @@ -4512,6 +4519,15 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg) mbedtls_debug_set_threshold(3); break; + case TEST_EARLY_DATA_HRR: + server_options.group_list = group_list + 1; + ret = mbedtls_snprintf( + pattern, sizeof(pattern), + "EarlyData: Ignore application message before 2nd ClientHello"); + TEST_ASSERT(ret < (int) sizeof(pattern)); + mbedtls_debug_set_threshold(3); + break; + default: TEST_FAIL("Unknown scenario."); } @@ -4595,7 +4611,8 @@ void tls13_srv_max_early_data_size(int scenario, int max_early_data_size_arg) } break; - case TEST_EARLY_DATA_SERVER_REJECTS: + case TEST_EARLY_DATA_SERVER_REJECTS: /* Intentional fallthrough */ + case TEST_EARLY_DATA_HRR: ret = mbedtls_ssl_handshake(&(server_ep.ssl)); /* * Can be the case if max_early_data_size is smaller then the