diff --git a/library/ssl_tls13_keys.c b/library/ssl_tls13_keys.c index 0977cabb3..8270009c7 100644 --- a/library/ssl_tls13_keys.c +++ b/library/ssl_tls13_keys.c @@ -808,9 +808,15 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform, transform->ivlen = traffic_keys->iv_len; transform->maclen = 0; transform->fixed_ivlen = transform->ivlen; - transform->minlen = transform->taglen + 1; transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4; + /* We add the true record content type (1 Byte) to the plaintext and + * then pad to the configured granularity. The mimimum length of the + * type-extended and padded plaintext is therefore the padding + * granularity. */ + transform->minlen = + transform->taglen + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY; + return( 0 ); }