Improve comments across record size limit changes
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 7195d63..2e621be 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2704,6 +2704,7 @@
#if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT)
#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH (2)
+/* This value is defined by RFC 8449 */
#define MBEDTLS_SSL_RECORD_SIZE_LIMIT_MIN (64)
MBEDTLS_CHECK_RETURN_CRITICAL
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f92e40a..517af78 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3521,15 +3521,15 @@
if (ssl->transform_out != NULL &&
ssl->transform_out->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) {
- /* RFC 8449, section 4:
- *
- * This value [record_size_limit] is the length of the plaintext
- * of a protected record.
- * The value includes the content type and padding added in TLS 1.3
- * (that is, the complete length of TLSInnerPlaintext).
- *
- * Thus, round down to a multiple of MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY
- * and subtract 1 (for the content type that will be added later)
+ /*
+ * In TLS 1.3 case, when records are protected, `max_len` as computed
+ * above is the maximum length of the TLSInnerPlaintext structure that
+ * along the plaintext payload contains the inner content type (one byte)
+ * and some zero padding. Given the algorithm used for padding
+ * in mbedtls_ssl_encrypt_buf(), compute the maximum length for
+ * the plaintext payload. Round down to a multiple of
+ * MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY and
+ * subtract 1.
*/
max_len = ((max_len / MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) *
MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY) - 1;