On Wed, Jan 20, 2016 at 06:47:12PM +0000, Hodges, Jeff wrote: > On 1/13/16, 12:53 PM, "Benjamin Kaduk" <bka...@akamai.com> wrote: > >On 01/13/2016 02:44 PM, Jong-Shian Wu wrote: > >> I have a question about the even-vs-odd restrictions on the length of > >> a valid variable-length vector defined in TLS specification after > >> reading the section 4.3 of RFC 5246 [1] which states that: > > >>"The length of an encoded vector must be an even multiple of the length > >>of a single element (for example, a 17-byte vector of uint16 would be > >> illegal)." > >> > > > >It means "whole-number" as opposed to fractional, i.e., there should not > >be unused "junk bytes" at the end. > > In case it's helpful, here's a suggested re-write of that quoted sentence > above.. > > The length of an encoded variable-length vector must be an > exact multiple of the length of a single element. For example, > an encoded 17-byte vector of uint16 would be illegal, and an > encoded variable-length vector of four 32 byte elements, > having a ceiling of 2^16-1, will be 130 bytes long overall > (2 byte length field followed by 128 bytes of data). > > ..assuming I'm correctly understanding variable-length vectors :)
The length of length is inferred from the upper limit: - 1-255 bytes => 1 Byte - 256-65535 bytes => 2 Bytes - 65536-16777215 bytes => 3 bytes - 16777216-2^32-1 bytes => 4 bytes (not used anywhere) ... And so on. So yes, 4x32 byte elements in vector with upper limit of 2^16-1 (or 2^16-32 rounded) is 130 bytes total: 2 byte length and 4*32=128 byte value. But I think that all lengths above 255 are either specified to be one byte shy of power of 255 or rounding thereof to integral multiple of elements (the only exception I offhand remember is session IDs in TLS 1.0-1.2, which have maximum length of 32). Then there are vectors with variable length elements. Those can be created by putting in a vector or discriminant/case in the element type (the latter can easily lead to interop problems later). -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
