crypto: explain TLS 1.2 version in TLS 1.3 message encrypters

Without the context of RFC 8446 in your mind the use of the `ProtocolVersion::TLSv1_2` constant in the TLS 1.3 `MessageEncrypter` implementations appears like an oversight or copy/paste error. This commit adds a brief explanatory comment.
2023-12-06 13:27:58 -05:00 · 2023-12-06 13:27:58 -05:00 · f05fd1e9be
parent 73f490f7ff
commit f05fd1e9be
2 changed files with 4 additions and 0 deletions
--- a/rustls/src/crypto/aws_lc_rs/tls13.rs
+++ b/rustls/src/crypto/aws_lc_rs/tls13.rs
@ -222,6 +222,8 @@ impl MessageEncrypter for AeadMessageEncrypter {

        Ok(OpaqueMessage::new(
            ContentType::ApplicationData,
+            // Note: all TLS 1.3 application data records use TLSv1_2 (0x0303) as the legacy record
+            // protocol version, see https://www.rfc-editor.org/rfc/rfc8446#section-5.1
            ProtocolVersion::TLSv1_2,
            payload,
        ))
--- a/rustls/src/crypto/ring/tls13.rs
+++ b/rustls/src/crypto/ring/tls13.rs
@ -194,6 +194,8 @@ impl MessageEncrypter for Tls13MessageEncrypter {

        Ok(OpaqueMessage::new(
            ContentType::ApplicationData,
+            // Note: all TLS 1.3 application data records use TLSv1_2 (0x0303) as the legacy record
+            // protocol version, see https://www.rfc-editor.org/rfc/rfc8446#section-5.1
            ProtocolVersion::TLSv1_2,
            payload,
        ))