Reset KeyUpdate counter on AppData

ctz · ctz · commit 667a71d51365 · 2025-10-17T09:32:05.000Z
diff --git a/rustls/src/common_state.rs b/rustls/src/common_state.rs
@@ -481,6 +481,7 @@ impl CommonState {
     }
 
     pub(crate) fn take_received_plaintext(&mut self, bytes: Payload<'_>) {
+        self.temper_counters.received_app_data();
         self.received_plaintext
             .append(bytes.into_vec());
     }
@@ -964,6 +965,14 @@ impl TemperCounters {
             }
         }
     }
+
+    fn received_app_data(&mut self) {
+        self.allowed_key_update_requests = Self::INITIAL_KEY_UPDATE_REQUESTS;
+    }
+
+    // cf. BoringSSL `kMaxKeyUpdates`
+    // <https://github.com/google/boringssl/blob/dec5989b793c56ad4dd32173bd2d8595ca78b398/ssl/tls13_both.cc#L35-L38>
+    const INITIAL_KEY_UPDATE_REQUESTS: u8 = 32;
 }
 
 impl Default for TemperCounters {
@@ -977,9 +986,7 @@ impl Default for TemperCounters {
             // a second request after this is fatal.
             allowed_renegotiation_requests: 1,
 
-            // cf. BoringSSL `kMaxKeyUpdates`
-            // <https://github.com/google/boringssl/blob/dec5989b793c56ad4dd32173bd2d8595ca78b398/ssl/tls13_both.cc#L35-L38>
-            allowed_key_update_requests: 32,
+            allowed_key_update_requests: Self::INITIAL_KEY_UPDATE_REQUESTS,
 
             // At most two CCS are allowed: one after each ClientHello (recall a second
             // ClientHello happens after a HelloRetryRequest).

Original file line number	Diff line number	Diff line change
`@@ -481,6 +481,7 @@ impl CommonState {`
`481`	`481`	`}`
`482`	`482`
`483`	`483`	`pub(crate) fn take_received_plaintext(&mut self, bytes: Payload<'_>) {`
	`484`	`+ self.temper_counters.received_app_data();`
`484`	`485`	`self.received_plaintext`
`485`	`486`	`.append(bytes.into_vec());`
`486`	`487`	`}`
`@@ -964,6 +965,14 @@ impl TemperCounters {`
`964`	`965`	`}`
`965`	`966`	`}`
`966`	`967`	`}`
	`968`	`+`
	`969`	`+ fn received_app_data(&mut self) {`
	`970`	`+ self.allowed_key_update_requests = Self::INITIAL_KEY_UPDATE_REQUESTS;`
	`971`	`+ }`
	`972`	`+`
	`973`	+ // cf. BoringSSL `kMaxKeyUpdates`
	`974`	`+ // <https://github.com/google/boringssl/blob/dec5989b793c56ad4dd32173bd2d8595ca78b398/ssl/tls13_both.cc#L35-L38>`
	`975`	`+ const INITIAL_KEY_UPDATE_REQUESTS: u8 = 32;`
`967`	`976`	`}`
`968`	`977`
`969`	`978`	`impl Default for TemperCounters {`
`@@ -977,9 +986,7 @@ impl Default for TemperCounters {`
`977`	`986`	`// a second request after this is fatal.`
`978`	`987`	`allowed_renegotiation_requests: 1,`
`979`	`988`
`980`		- // cf. BoringSSL `kMaxKeyUpdates`
`981`		`- // <https://github.com/google/boringssl/blob/dec5989b793c56ad4dd32173bd2d8595ca78b398/ssl/tls13_both.cc#L35-L38>`
`982`		`- allowed_key_update_requests: 32,`
	`989`	`+ allowed_key_update_requests: Self::INITIAL_KEY_UPDATE_REQUESTS,`
`983`	`990`
`984`	`991`	`// At most two CCS are allowed: one after each ClientHello (recall a second`
`985`	`992`	`// ClientHello happens after a HelloRetryRequest).`