commit 4dfb0e7c90ff6079c323bba13f15297d8a157b6c
author Waleed Elmelegy <waleed.elmelegy@arm.com> Thu Mar 14 01:48:40 2024 +0000
committer Waleed Elmelegy <waleed.elmelegy@arm.com> Fri Mar 15 12:12:15 2024 +0000
tree 8490f9b1dd4d45a87208c050b0c7b1f579ed4c2d
parent 131b2ffd8962dae3264d98064886b83a660b6668

Add ALPN checking when accepting early data

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

library/ssl_tls13_server.c

diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index 2c30da8..e8afe45 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -1819,7 +1819,6 @@
      * NOTE:
      *  - The TLS version number is checked in
      *    ssl_tls13_offered_psks_check_identity_match_ticket().
-     *  - ALPN is not checked for the time being (TODO).
      */
 
     if (handshake->selected_identity != 0) {
@@ -1846,6 +1845,28 @@
         return -1;
     }
 
+#if defined(MBEDTLS_SSL_ALPN)
+    const char *alpn = mbedtls_ssl_get_alpn_protocol(ssl);
+    size_t alpn_len;
+
+    if (alpn == NULL && ssl->session_negotiate->ticket_alpn == NULL) {
+        return 0;
+    }
+
+    if (alpn != NULL) {
+        alpn_len = strlen(alpn);
+    }
+
+    if (alpn == NULL ||
+        ssl->session_negotiate->ticket_alpn == NULL ||
+        alpn_len != strlen(ssl->session_negotiate->ticket_alpn) ||
+        (memcmp(alpn, ssl->session_negotiate->ticket_alpn, alpn_len) != 0)) {
+        MBEDTLS_SSL_DEBUG_MSG(1, ("EarlyData: rejected, the selected ALPN is different "
+                                  "from the one associated with the pre-shared key."));
+        return -1;
+    }
+#endif
+
     return 0;
 }
 #endif /* MBEDTLS_SSL_EARLY_DATA */