Don't quote DTLSInnerPlaintext structure multiple times

2024-11-27 03:44:24 +01:00 · 2019-05-20 15:08:01 +01:00 · 2019-05-20 15:08:01 +01:00 · 7dc2577f01
commit 7dc2577f01
parent 8969369a83
1 changed files with 6 additions and 21 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -1597,14 +1597,8 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content,
    return( 0 );
 }

-/* This function parses a DTLSInnerPlaintext structure
- *
- *        struct {
- *            opaque content[DTLSPlaintext.length];
- *            ContentType real_type;
- *            uint8 zeros[length_of_padding];
- *        } DTLSInnerPlaintext;
- */
+/* This function parses a DTLSInnerPlaintext structure.
+ * See ssl_cid_build_inner_plaintext() for details. */
 static int ssl_cid_parse_inner_plaintext( unsigned char const *content,
                                          size_t *content_size,
                                          uint8_t *rec_type )
@ -1740,20 +1734,11 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
    if( rec->cid_len != 0 )
    {
        /*
-         * Wrap plaintext into DTLSInnerPlaintext structure
+         * Wrap plaintext into DTLSInnerPlaintext structure.
+         * See ssl_cid_build_inner_plaintext() for more information.
         *
-         *  struct {
-         *      opaque content[DTLSPlaintext.length];
-         *      ContentType real_type;
-         *      uint8 zeros[length_of_padding];
-         *  } DTLSInnerPlaintext;
-         *
-         * and change the record content type.
-         *
-         * The rest of the record encryption stays
-         * unmodified (apart from the inclusion of
-         * the CID into the additional data for the
-         * record MAC).
+         * Note that this changes `rec->data_len`, and hence
+         * `post_avail` needs to be recalculated afterwards.
         */
        if( ssl_cid_build_inner_plaintext( data,
                        &rec->data_len,