Add counter length macro
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index ab36f5d..b22db47 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2820,10 +2820,13 @@
/* Remember current epoch settings for resending */
ssl->handshake->alt_transform_out = ssl->transform_out;
- memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr, 8 );
+ memcpy( ssl->handshake->alt_out_ctr, ssl->cur_out_ctr,
+ sizeof( ssl->cur_out_ctr ) );
/* Set sequence_number to zero */
- memset( ssl->cur_out_ctr + 2, 0, 6 );
+ mbedtls_platform_zeroize( &ssl->cur_out_ctr[2],
+ sizeof( ssl->cur_out_ctr ) - 2 );
+
/* Increment epoch */
for( i = 2; i > 0; i-- )
@@ -2839,7 +2842,7 @@
}
else
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- memset( ssl->cur_out_ctr, 0, 8 );
+ mbedtls_platform_zeroize( ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
ssl->transform_out = ssl->transform_negotiate;
ssl->session_out = ssl->session_negotiate;
@@ -3324,7 +3327,7 @@
ssl->out_msglen = 0;
ssl->out_left = 0;
memset( ssl->out_buf, 0, out_buf_len );
- memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) );
+ mbedtls_platform_zeroize( ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
ssl->transform_out = NULL;
#if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
@@ -5778,7 +5781,7 @@
used += 8;
if( used <= buf_len )
{
- memcpy( p, ssl->cur_out_ctr, 8 );
+ memcpy( p, ssl->cur_out_ctr, sizeof( ssl->cur_out_ctr ) );
p += 8;
}
@@ -6035,11 +6038,11 @@
ssl->disable_datagram_packing = *p++;
#endif /* MBEDTLS_SSL_PROTO_DTLS */
- if( (size_t)( end - p ) < 8 )
+ if( (size_t)( end - p ) < sizeof( ssl->cur_out_ctr ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- memcpy( ssl->cur_out_ctr, p, 8 );
- p += 8;
+ memcpy( ssl->cur_out_ctr, p, sizeof( ssl->cur_out_ctr ) );
+ p += sizeof( ssl->cur_out_ctr );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( (size_t)( end - p ) < 2 )