Fix and document minimum length of record ciphertext in TLS 1.3

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
This commit is contained in:
Hanno Becker 2021-04-20 05:32:16 +01:00
parent 7887a77c25
commit edd5bf0a95

View file

@ -808,9 +808,15 @@ int mbedtls_ssl_tls13_populate_transform( mbedtls_ssl_transform *transform,
transform->ivlen = traffic_keys->iv_len;
transform->maclen = 0;
transform->fixed_ivlen = transform->ivlen;
transform->minlen = transform->taglen + 1;
transform->minor_ver = MBEDTLS_SSL_MINOR_VERSION_4;
/* We add the true record content type (1 Byte) to the plaintext and
* then pad to the configured granularity. The mimimum length of the
* type-extended and padded plaintext is therefore the padding
* granularity. */
transform->minlen =
transform->taglen + MBEDTLS_SSL_TLS1_3_PADDING_GRANULARITY;
return( 0 );
}