Document precondition of nonce-generating function in ssl_msg.c Signed-off-by: Hanno Becker <hanno.becker@arm.com>

commit: f486e286948bb96fcaf746f440a1cf936ba048f2 [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Thu Jun 04 13:33:08 2020 +0100
committer: Hanno Becker <hanno.becker@arm.com> Thu Jun 04 13:33:08 2020 +0100
tree: 9827ea2e87bc201238817724b1608d8d5bf2ad1a
parent: 15952814d837cc5687230861d1defed0458ce0aa [diff] [blame]
diff --git a/library/ssl_msg.c b/library/ssl_msg.c
index 32bbc97..ae8d076 100644
--- a/library/ssl_msg.c
+++ b/library/ssl_msg.c

@@ -565,6 +565,13 @@
  *    This variant occurs in TLS 1.3 and for TLS 1.2 when using ChaChaPoly.
  *
  * See also the documentation of mbedtls_ssl_transform.
+ *
+ * This function has the precondition that
+ *
+ *     dst_iv_len >= max( fixed_iv_len, dynamic_iv_len )
+ *
+ * which has to be ensured by the caller. If this precondition
+ * violated, the behavior of this function is undefined.
  */
 static void ssl_build_record_nonce( unsigned char *dst_iv,
                                     size_t dst_iv_len,
commit	f486e286948bb96fcaf746f440a1cf936ba048f2	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Thu Jun 04 13:33:08 2020 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Thu Jun 04 13:33:08 2020 +0100
tree	9827ea2e87bc201238817724b1608d8d5bf2ad1a
parent	15952814d837cc5687230861d1defed0458ce0aa [diff] [blame]