Hi Mat,

 >>
>>> +        len -= 2;
>>
>> This doesn't seem right.  By my reading the total bytes being written
>> here are key_size (in cipher_sign) and 2 bytes just above.
>
> This is accounting for the two bytes written to 'out' above, which
> happens in that block of the 'if' statement but not the 'else' block.
>

Ah yes, you're right.  We write key_size + 4 bytes in case of TLS 1.2.

>>
>> Why are you checking for len >= key_size + 2 below?
>
> The key_size bytes written by cipher_sign and the 2 bytes written by
> le_put_be16.

Yep, my bad.

Regards,
-Denis