Improve documentation of ssl_populate_transform()
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
parent
c0eefa8b92
commit
447558df12
1 changed files with 6 additions and 3 deletions
|
@ -973,9 +973,12 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform,
|
|||
transform->taglen =
|
||||
ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16;
|
||||
|
||||
/* All modes haves 96-bit IVs;
|
||||
* GCM and CCM has 4 implicit and 8 explicit bytes
|
||||
* ChachaPoly has all 12 bytes implicit
|
||||
/* All modes haves 96-bit IVs, but the length of the static parts vary
|
||||
* with mode and version:
|
||||
* - For GCM and CCM in TLS 1.2, there's a static IV of 4 Bytes
|
||||
* (to be concatenated with a dynamically chosen IV of 8 Bytes)
|
||||
* - For ChaChaPoly in TLS 1.2, there's a static IV of 12 Bytes
|
||||
* (to be XOR'ed with the 8 Byte record sequence number).
|
||||
*/
|
||||
transform->ivlen = 12;
|
||||
if( cipher_info->mode == MBEDTLS_MODE_CHACHAPOLY )
|
||||
|
|
Loading…
Reference in a new issue