diff options
-rw-r--r-- | ssl/record/methods/tls_common.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index ea763d93b6..730e4f7d63 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1548,14 +1548,6 @@ int tls_prepare_record_header_default(OSSL_RECORD_LAYER *rl, return 1; } -/* - * Encryption growth may result from padding in CBC ciphersuites (never more - * than SSL_RT_MAX_CIPHER_BLOCK_SIZE bytes), or from an AEAD tag (never more - * than EVP_MAX_MD_SIZE bytes). In the case of stitched ciphersuites growth can - * come from both of these. - */ -#define MAX_ENCRYPTION_GROWTH (EVP_MAX_MD_SIZE + SSL_RT_MAX_CIPHER_BLOCK_SIZE) - int tls_prepare_for_encryption_default(OSSL_RECORD_LAYER *rl, size_t mac_size, WPACKET *thispkt, @@ -1580,8 +1572,14 @@ int tls_prepare_for_encryption_default(OSSL_RECORD_LAYER *rl, } } - /* Reserve some bytes for any growth that may occur during encryption. */ - if (!WPACKET_reserve_bytes(thispkt, MAX_ENCRYPTION_GROWTH, NULL) + /* + * Reserve some bytes for any growth that may occur during encryption. If + * we are adding the MAC independently of the cipher algorithm, then the + * max encrypted overhead does not need to include an allocation for that + * MAC + */ + if (!WPACKET_reserve_bytes(thispkt, SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + - mac_size, NULL) /* * We also need next the amount of bytes written to this * sub-packet @@ -1613,7 +1611,8 @@ int tls_post_encryption_processing_default(OSSL_RECORD_LAYER *rl, /* Allocate bytes for the encryption overhead */ if (!WPACKET_get_length(thispkt, &origlen) /* Check we allowed enough room for the encryption growth */ - || !ossl_assert(origlen + MAX_ENCRYPTION_GROWTH >= thiswr->length) + || !ossl_assert(origlen + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + - mac_size >= thiswr->length) /* Encryption should never shrink the data! */ || origlen > thiswr->length || (thiswr->length > origlen |