Improve code readability

+micro optimization +style Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
2025-11-04 04:32:24 -05:00 · 2020-09-22 21:21:39 +02:00 · 2020-09-22 21:21:39 +02:00 · aae4d22b16
commit aae4d22b16
parent e79c1e8121
3 changed files with 15 additions and 6 deletions
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -873,6 +873,7 @@ typedef void mbedtls_ssl_async_cancel_t( mbedtls_ssl_context *ssl );

 #define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH    60
 #define MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH             255
+#define MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH    4
 /*
 * For code readability use a typedef for DTLS-SRTP profiles
 * The supported profiles are defines as macro above:
@ -3229,6 +3230,8 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
 *                          for later reference as required, so the lifetime
 *                          of the table must be at least as long as the lifetime
 *                          of the SSL configuration structure.
+ *                          The list must not hold more than
+ *                          MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH elements
 *
 * \return                  0 on success
 * \return                  #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -800,8 +800,14 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
    *p++ = (unsigned char)( ext_len & 0xFF );

    /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
-    *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
-                              >> 8 ) & 0xFF );
+    /* micro-optimization:
+     * the list size is limited to MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH
+     * which is lower than 127, so the upper byte of the length is always 0
+     * For the documentation, the more generic code is left in comments
+     * *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
+     *                        >> 8 ) & 0xFF );
+     */
+    *p++ = 0;
    *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
                            & 0xFF );

--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -4723,7 +4723,7 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf,

    /* check the profiles list: all entry must be valid,
     * its size cannot be more than the total number of supported profiles, currently 4 */
-    for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && list_size < 5; p++ )
+    for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH; p++ )
    {
        switch( *p )
        {
@ -4734,11 +4734,11 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf,
                    list_size++;
                break;
            default: /* unsupported value, stop parsing and set the size to an error value */
-                list_size = 5;
+                list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH+1;
        }
    }

-    if ( list_size > 4 ) {
+    if ( list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH ) {
                conf->dtls_srtp_profile_list = NULL;
                conf->dtls_srtp_profile_list_len = 0;
                return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );