Change record size limit writing function

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2024-01-04 18:02:35 +00:00 · 2024-01-04 18:02:35 +00:00 · 148dfb6457
commit 148dfb6457
parent 598ea09dd5
3 changed files with 5 additions and 10 deletions
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -2713,7 +2713,6 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,

 MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl,
-                                                  uint16_t record_size_limit,
                                                  unsigned char *buf,
                                                  const unsigned char *end,
                                                  size_t *out_len);
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@ -1162,7 +1162,7 @@ int mbedtls_ssl_tls13_write_client_hello_exts(mbedtls_ssl_context *ssl,

 #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
    ret = mbedtls_ssl_tls13_write_record_size_limit_ext(
-        ssl, MBEDTLS_SSL_IN_CONTENT_LEN, p, end, &ext_len);
+        ssl, p, end, &ext_len);
    if (ret != 0) {
        return ret;
    }
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@ -1765,29 +1765,25 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,

 MBEDTLS_CHECK_RETURN_CRITICAL
 int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl,
-                                                  uint16_t record_size_limit,
                                                  unsigned char *buf,
                                                  const unsigned char *end,
                                                  size_t *out_len)
 {
-    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
    unsigned char *p = buf;
    *out_len = 0;

-    ret = mbedtls_ssl_is_record_size_limit_valid(ssl, record_size_limit);
-    if (ret != 0) {
-        return ret;
-    }
+    MBEDTLS_STATIC_ASSERT(MBEDTLS_SSL_IN_CONTENT_LEN >= MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN,
+                          "MBEDTLS_SSL_IN_CONTENT_LEN is less than the minimum record size limit");

    MBEDTLS_SSL_CHK_BUF_PTR(p, end, 6);

    MBEDTLS_PUT_UINT16_BE(MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT, p, 0);
    MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH, p, 2);
-    MBEDTLS_PUT_UINT16_BE(record_size_limit, p, 4);
+    MBEDTLS_PUT_UINT16_BE(MBEDTLS_SSL_IN_CONTENT_LEN, p, 4);

    *out_len = 6;

-    MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", record_size_limit));
+    MBEDTLS_SSL_DEBUG_MSG(2, ("Sent RecordSizeLimit: %u Bytes", MBEDTLS_SSL_IN_CONTENT_LEN));

    mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT);