Don't quote DTLSInnerPlaintext structure multiple times

2019-05-20 15:08:01 +01:00 · 2019-05-20 15:08:01 +01:00 · 07dc97db8c
commit 07dc97db8c
parent d3f8c79ea0
1 changed files with 6 additions and 21 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -2019,14 +2019,8 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content,
    return( 0 );
 }

-/* This function parses a DTLSInnerPlaintext structure
- *
- *        struct {
- *            opaque content[DTLSPlaintext.length];
- *            ContentType real_type;
- *            uint8 zeros[length_of_padding];
- *        } DTLSInnerPlaintext;
- */
+/* This function parses a DTLSInnerPlaintext structure.
+ * See ssl_cid_build_inner_plaintext() for details. */
 static int ssl_cid_parse_inner_plaintext( unsigned char const *content,
                                          size_t *content_size,
                                          uint8_t *rec_type )
@ -2162,20 +2156,11 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
    if( rec->cid_len != 0 )
    {
        /*
-         * Wrap plaintext into DTLSInnerPlaintext structure
+         * Wrap plaintext into DTLSInnerPlaintext structure.
+         * See ssl_cid_build_inner_plaintext() for more information.
         *
-         *  struct {
-         *      opaque content[DTLSPlaintext.length];
-         *      ContentType real_type;
-         *      uint8 zeros[length_of_padding];
-         *  } DTLSInnerPlaintext;
-         *
-         * and change the record content type.
-         *
-         * The rest of the record encryption stays
-         * unmodified (apart from the inclusion of
-         * the CID into the additional data for the
-         * record MAC).
+         * Note that this changes `rec->data_len`, and hence
+         * `post_avail` needs to be recalculated afterwards.
         */
        if( ssl_cid_build_inner_plaintext( data,
                        &rec->data_len,