commit 9231340d7176e5f10db6b92b810d66394301b56e
author Hanno Becker <hanno.becker@arm.com> Wed May 20 13:58:58 2020 +0100
committer Hanno Becker <hanno.becker@arm.com> Thu May 28 10:32:23 2020 +0100
tree 23de4fb9a5c3633c039eef217403739764f15e65
parent 3c358d4e12bd48f1fae13d891b8d5f2f168ec7a2

Improve documentation of (D)TLSInnerPlaintext handling

Signed-off-by: Hanno Becker <hanno.becker@arm.com>

library/ssl_msg.c

diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index e739e2f..6151cbd 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c
@@ -578,16 +578,21 @@
         return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
     }
 
+    /* The following two code paths implement the (D)TLSInnerPlaintext
+     * structure present in TLS 1.3 and DTLS 1.2 + CID.
+     *
+     * See ssl_build_inner_plaintext() for more information.
+     *
+     * Note that this changes `rec->data_len`, and hence
+     * `post_avail` needs to be recalculated afterwards.
+     *
+     * Note also that the two code paths cannot occur simultaneously
+     * since they apply to different versions of the protocol. There
+     * is hence no risk of double-addition of the inner plaintext.
+     */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
     if( transform->minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
     {
-        /*
-         * Wrap plaintext into TLSInnerPlaintext structure.
-         * See ssl_build_inner_plaintext() for more information.
-         *
-         * Note that this changes `rec->data_len`, and hence
-         * `post_avail` needs to be recalculated afterwards.
-         */
         if( ssl_build_inner_plaintext( data,
                         &rec->data_len,
                         post_avail,