59 + maxDataSize // data |
59 + maxDataSize // data |
60 + maxPadding // padding |
60 + maxPadding // padding |
61 + maxMacSize; // MAC or AEAD tag |
61 + maxMacSize; // MAC or AEAD tag |
62 |
62 |
63 /* |
63 /* |
64 * For CBC protection in SSL3/TLS1, we break some plaintext into two |
|
65 * packets. Max application data size for the second packet. |
|
66 */ |
|
67 static final int maxDataSizeMinusOneByteRecord = |
|
68 maxDataSize // max data size |
|
69 - ( // max one byte record size |
|
70 headerPlusMaxIVSize // header + iv |
|
71 + 1 // one byte data |
|
72 + maxPadding // padding |
|
73 + maxMacSize // MAC |
|
74 ); |
|
75 |
|
76 /* |
|
77 * Maximum record size for alert and change cipher spec records. |
|
78 * They only contain 2 and 1 bytes of data, respectively. |
|
79 * Allocate a smaller array. |
|
80 */ |
|
81 static final int maxAlertRecordSize = |
|
82 headerPlusMaxIVSize // header + iv |
|
83 + 2 // alert |
|
84 + maxPadding // padding |
|
85 + maxMacSize; // MAC |
|
86 |
|
87 /* |
|
88 * Minimum record size of Certificate handshake message. |
64 * Minimum record size of Certificate handshake message. |
89 * Client sends a certificate message containing no certificates if no |
65 * Client sends a certificate message containing no certificates if no |
90 * suitable certificate is available. That is, the certificate_list |
66 * suitable certificate is available. That is, the certificate_list |
91 * structure has a length of zero. |
67 * structure has a length of zero. |
92 * |
68 * |