From: Vakul Garg <vakul.g...@nxp.com>
Date: Tue, 19 Mar 2019 05:15:20 +0000
> @@ -479,11 +477,18 @@ static int tls_do_encryption(struct sock *sk,
> struct tls_rec *rec = ctx->open_rec;
> struct sk_msg *msg_en = &rec->msg_encrypted;
> struct scatterlist *sge = sk_msg_elem(msg_en, start);
> - int rc;
> + int rc, iv_offset = 0;
> +
> + /* For CCM based ciphers, first byte of nonce+iv is always '2' */
> + if (prot->cipher_type == TLS_CIPHER_AES_CCM_128) {
> + rec->iv_data[0] = 2;
> + iv_offset = 1;
> + }
...
> iv = aad + prot->aad_size;
>
> + /* For CCM based ciphers, first byte of nonce+iv is always '2' */
> + if (prot->cipher_type == TLS_CIPHER_AES_CCM_128) {
> + iv[0] = 2;
> + iv_offset = 1;
> + }
Your explanation to Stephen about this '2' is great but belongs in the code
somehow so that the next person reading this will understand too.
Why not make a CPP macro for this value of '2', and explain it in a big
comment about the macro's definition?
