Introduce configuration option for TLS 1.3 padding granularity TLS 1.3 record protection allows the addition of an arbitrary amount of padding. This commit introduces a configuration option ``` MBEDTLS_SSL_TLS13_PADDING_GRANULARITY ``` The semantics of this option is that padding is chosen in a minimal way so that the padded plaintext has a length which is a multiple of MBEDTLS_SSL_TLS13_PADDING_GRANULARITY. For example, setting MBEDTLS_SSL_TLS13_PADDING_GRANULARITY to 1024 means that padded plaintexts will have length 1024, 2048, ..., while setting it to 1 means that no padding will be used. Signed-off-by: Hanno Becker <hanno.becker@arm.com>

commit: 13996927cbb10615b0db4df2c1d6494ab3f3b29b [log] [tgz]
author: Hanno Becker <hanno.becker@arm.com> Thu May 28 16:15:19 2020 +0100
committer: Hanno Becker <hanno.becker@arm.com> Sun May 31 08:51:25 2020 +0100
tree: 6f55b262ef4f7cb5024c885c10bfad3fed81dc2e
parent: b54094bd7c083fbf555ad839f445573a4e8df045 [diff] [blame]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5869e15..4a6ea6c 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -277,6 +277,10 @@
 #define MBEDTLS_SSL_CID_PADDING_GRANULARITY 16
 #endif
 
+#if !defined(MBEDTLS_SSL_TLS13_PADDING_GRANULARITY)
+#define MBEDTLS_SSL_TLS13_PADDING_GRANULARITY 16
+#endif
+
 /* \} name SECTION: Module settings */
 
 /*
commit	13996927cbb10615b0db4df2c1d6494ab3f3b29b	[log] [tgz]
author	Hanno Becker <hanno.becker@arm.com>	Thu May 28 16:15:19 2020 +0100
committer	Hanno Becker <hanno.becker@arm.com>	Sun May 31 08:51:25 2020 +0100
tree	6f55b262ef4f7cb5024c885c10bfad3fed81dc2e
parent	b54094bd7c083fbf555ad839f445573a4e8df045 [diff] [blame]