From 7842609e3b904bea50d627eb86078e678e280ae9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Mon, 13 May 2019 15:31:17 +0100 Subject: [PATCH] Remove restriction on value of MBEDTLS_SSL_CID_PADDING_GRANULARITY --- include/mbedtls/config.h | 3 ++- library/ssl_tls.c | 6 +++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index aa6b59744..07da8f59f 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3211,7 +3211,8 @@ * Note: A value of \c 1 means that no padding will be used * for outgoing records. * - * The value MUST be a power of 2. + * Note: On systems lacking division instructions, + * a power of two should be preferred. * */ //#define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16 diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 62db47424..fdfd53774 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1591,9 +1591,9 @@ static int ssl_cid_build_inner_plaintext( unsigned char *content, uint8_t rec_type ) { size_t len = *content_size; - - /* MBEDTLS_SSL_CID_PADDING_GRANULARITY must be a power of 2. */ - size_t pad = ~len & ( MBEDTLS_SSL_CID_PADDING_GRANULARITY - 1 ); + size_t pad = ( MBEDTLS_SSL_CID_PADDING_GRANULARITY - + ( len + 1 ) % MBEDTLS_SSL_CID_PADDING_GRANULARITY ) % + MBEDTLS_SSL_CID_PADDING_GRANULARITY; /* Write real content type */ if( remaining == 0 )