1 /*
2  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License").
5  * You may not use this file except in compliance with the License.
6  * A copy of the License is located at
7  *
8  *  http://aws.amazon.com/apache2.0
9  *
10  * or in the "license" file accompanying this file. This file is distributed
11  * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12  * express or implied. See the License for the specific language governing
13  * permissions and limitations under the License.
14  */
15 
16 #pragma once
17 
18 #include <s2n.h>
19 
20 #include "tls/s2n_crypto_constants.h"
21 #include "utils/s2n_blob.h"
22 #include "utils/s2n_result.h"
23 
24 struct s2n_psk;
25 
26 typedef enum {
27     S2N_UNKNOWN_EARLY_DATA_STATE = 0,
28     S2N_EARLY_DATA_REQUESTED,
29     S2N_EARLY_DATA_NOT_REQUESTED,
30     S2N_EARLY_DATA_ACCEPTED,
31     S2N_EARLY_DATA_REJECTED,
32     S2N_END_OF_EARLY_DATA,
33     S2N_EARLY_DATA_STATES_COUNT
34 } s2n_early_data_state;
35 
36 S2N_RESULT s2n_connection_set_early_data_state(struct s2n_connection *conn, s2n_early_data_state state);
37 
38 struct s2n_early_data_config {
39     uint32_t max_early_data_size;
40     uint8_t protocol_version;
41     struct s2n_cipher_suite *cipher_suite;
42     struct s2n_blob application_protocol;
43     struct s2n_blob context;
44 };
45 S2N_CLEANUP_RESULT s2n_early_data_config_free(struct s2n_early_data_config *config);
46 S2N_RESULT s2n_early_data_config_clone(struct s2n_psk *new_psk, struct s2n_early_data_config *old_config);
47 
48 struct s2n_offered_early_data {
49     struct s2n_connection *conn;
50 };
51 
52 bool s2n_early_data_is_valid_for_connection(struct s2n_connection *conn);
53 S2N_RESULT s2n_early_data_accept_or_reject(struct s2n_connection *conn);
54 
55 S2N_RESULT s2n_early_data_get_server_max_size(struct s2n_connection *conn, uint32_t *max_early_data_size);
56 
57 S2N_RESULT s2n_early_data_record_bytes(struct s2n_connection *conn, ssize_t data_len);
58 S2N_RESULT s2n_early_data_validate_send(struct s2n_connection *conn, uint32_t bytes_to_send);
59 S2N_RESULT s2n_early_data_validate_recv(struct s2n_connection *conn);
60 bool s2n_early_data_is_trial_decryption_allowed(struct s2n_connection *conn, uint8_t record_type);
61 
62 int s2n_connection_set_early_data_expected(struct s2n_connection *conn);
63 int s2n_connection_set_end_of_early_data(struct s2n_connection *conn);
64