1 /* 2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"). 5 * You may not use this file except in compliance with the License. 6 * A copy of the License is located at 7 * 8 * http://aws.amazon.com/apache2.0 9 * 10 * or in the "license" file accompanying this file. This file is distributed 11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 12 * express or implied. See the License for the specific language governing 13 * permissions and limitations under the License. 14 */ 15 16 #pragma once 17 18 #include <s2n.h> 19 20 #include "tls/s2n_crypto_constants.h" 21 #include "utils/s2n_blob.h" 22 #include "utils/s2n_result.h" 23 24 struct s2n_psk; 25 26 typedef enum { 27 S2N_UNKNOWN_EARLY_DATA_STATE = 0, 28 S2N_EARLY_DATA_REQUESTED, 29 S2N_EARLY_DATA_NOT_REQUESTED, 30 S2N_EARLY_DATA_ACCEPTED, 31 S2N_EARLY_DATA_REJECTED, 32 S2N_END_OF_EARLY_DATA, 33 S2N_EARLY_DATA_STATES_COUNT 34 } s2n_early_data_state; 35 36 S2N_RESULT s2n_connection_set_early_data_state(struct s2n_connection *conn, s2n_early_data_state state); 37 38 struct s2n_early_data_config { 39 uint32_t max_early_data_size; 40 uint8_t protocol_version; 41 struct s2n_cipher_suite *cipher_suite; 42 struct s2n_blob application_protocol; 43 struct s2n_blob context; 44 }; 45 S2N_CLEANUP_RESULT s2n_early_data_config_free(struct s2n_early_data_config *config); 46 S2N_RESULT s2n_early_data_config_clone(struct s2n_psk *new_psk, struct s2n_early_data_config *old_config); 47 48 struct s2n_offered_early_data { 49 struct s2n_connection *conn; 50 }; 51 52 bool s2n_early_data_is_valid_for_connection(struct s2n_connection *conn); 53 S2N_RESULT s2n_early_data_accept_or_reject(struct s2n_connection *conn); 54 55 S2N_RESULT s2n_early_data_get_server_max_size(struct s2n_connection *conn, uint32_t *max_early_data_size); 56 57 S2N_RESULT s2n_early_data_record_bytes(struct s2n_connection *conn, ssize_t data_len); 58 S2N_RESULT s2n_early_data_validate_send(struct s2n_connection *conn, uint32_t bytes_to_send); 59 S2N_RESULT s2n_early_data_validate_recv(struct s2n_connection *conn); 60 bool s2n_early_data_is_trial_decryption_allowed(struct s2n_connection *conn, uint8_t record_type); 61 62 int s2n_connection_set_early_data_expected(struct s2n_connection *conn); 63 int s2n_connection_set_end_of_early_data(struct s2n_connection *conn); 64