Combine MBEDTLS_SSL_<CID-TLS1_3>_PADDING_GRANULARITY options
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
This commit is contained in:
parent
b7abba28e3
commit
e8dd7097c3
5 changed files with 12 additions and 29 deletions
4
ChangeLog.d/issue4335.txt
Normal file
4
ChangeLog.d/issue4335.txt
Normal file
|
@ -0,0 +1,4 @@
|
|||
Changes
|
||||
* Replace MBEDTLS_SSL_CID_PADDING_GRANULARITY and
|
||||
MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY with a single unified option
|
||||
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY. Fixes #4335.
|
|
@ -3497,27 +3497,10 @@
|
|||
*/
|
||||
//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
|
||||
|
||||
/** \def MBEDTLS_SSL_CID_PADDING_GRANULARITY
|
||||
/** \def MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY
|
||||
*
|
||||
* This option controls the use of record plaintext padding
|
||||
* when using the Connection ID extension in DTLS 1.2.
|
||||
*
|
||||
* The padding will always be chosen so that the length of the
|
||||
* padded plaintext is a multiple of the value of this option.
|
||||
*
|
||||
* Note: A value of \c 1 means that no padding will be used
|
||||
* for outgoing records.
|
||||
*
|
||||
* Note: On systems lacking division instructions,
|
||||
* a power of two should be preferred.
|
||||
*
|
||||
*/
|
||||
//#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
|
||||
|
||||
/** \def MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY
|
||||
*
|
||||
* This option controls the use of record plaintext padding
|
||||
* in TLS 1.3.
|
||||
* when using the Connection ID extension in DTLS 1.2 and TLS 1.3.
|
||||
*
|
||||
* The padding will always be chosen so that the length of the
|
||||
* padded plaintext is a multiple of the value of this option.
|
||||
|
@ -3528,7 +3511,7 @@
|
|||
* Note: On systems lacking division instructions,
|
||||
* a power of two should be preferred.
|
||||
*/
|
||||
//#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
|
||||
//#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
|
||||
|
||||
/** \def MBEDTLS_SSL_OUT_CONTENT_LEN
|
||||
*
|
||||
|
|
|
@ -257,12 +257,8 @@
|
|||
#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_CID_PADDING_GRANULARITY)
|
||||
#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
|
||||
#endif
|
||||
|
||||
#if !defined(MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY)
|
||||
#define MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY 1
|
||||
#if !defined(MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY)
|
||||
#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
|
||||
#endif
|
||||
|
||||
/* \} name SECTION: Module settings */
|
||||
|
|
|
@ -164,7 +164,7 @@
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_PADDING_GRANULARITY
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY
|
||||
#else
|
||||
#define MBEDTLS_SSL_MAX_CID_EXPANSION 0
|
||||
#endif
|
||||
|
|
|
@ -579,7 +579,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
{
|
||||
size_t padding =
|
||||
ssl_compute_padding_length( rec->data_len,
|
||||
MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY );
|
||||
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY );
|
||||
if( ssl_build_inner_plaintext( data,
|
||||
&rec->data_len,
|
||||
post_avail,
|
||||
|
@ -605,7 +605,7 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
|||
{
|
||||
size_t padding =
|
||||
ssl_compute_padding_length( rec->data_len,
|
||||
MBEDTLS_SSL_CID_PADDING_GRANULARITY );
|
||||
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY );
|
||||
/*
|
||||
* Wrap plaintext into DTLSInnerPlaintext structure.
|
||||
* See ssl_build_inner_plaintext() for more information.
|
||||
|
|
Loading…
Reference in a new issue