boringssl/include/openssl
David Benjamin 2a0b391ac9 Rewrite ssl3_send_server_key_exchange to use CBB.
There is some messiness around saving and restoring the CBB, but this is
still significantly clearer.

Note that the BUF_MEM_grow line is gone in favor of a fixed CBB like the
other functions ported thus far. This line was never necessary as
init_buf is initialized to 16k and none of our key exchanges get that
large. (The largest one can get is DHE_RSA. Even so, it'd take a roughly
30k-bit DH group with a 30k-bit RSA key.)

Having such limits and tight assumptions on init_buf's initial size is
poor (but on par for the old code which usually just blindly assumed the
message would not get too large) and the size of the certificate chain
is much less obviously bounded, so those BUF_MEM_grows can't easily go.

My current plan is convert everything but those which legitimately need
BUF_MEM_grow to CBB, then atomically convert the rest, remove init_buf,
and switch everything to non-fixed CBBs. This will hopefully also
simplify async resumption. In the meantime, having a story for
resumption means the future atomic change is smaller and, more
importantly, relieves some complexity budget in the ServerKeyExchange
code for adding Curve25519.

Change-Id: I1de6af9856caaed353453d92a502ba461a938fbd
Reviewed-on: https://boringssl-review.googlesource.com/6770
Reviewed-by: Adam Langley <agl@google.com>
2015-12-22 17:23:58 +00:00
..
aead.h Point EVP_aead_chacha20_poly1305 at the standardized version. 2015-12-16 21:22:11 +00:00
aes.h Fix documentation typo. 2015-07-01 21:33:29 +00:00
arm_arch.h Allow ARM capabilities to be set at compile time. 2015-10-20 22:40:15 +00:00
asn1_mac.h Ditch remaining filename comments from public headers and ssl/ 2015-10-20 18:40:05 +00:00
asn1.h Remove ASN1_R_MALLOC_FAILURE. 2015-12-22 00:12:24 +00:00
asn1t.h Ditch remaining filename comments from public headers and ssl/ 2015-10-20 18:40:05 +00:00
base64.h Deprecate basically the entire base64 implementation. 2015-09-28 21:53:39 +00:00
base.h Define BORINGSSL_201510. 2015-11-06 21:44:17 +00:00
bio.h Use typedef names, not struct names. 2015-11-06 21:44:06 +00:00
blowfish.h
bn.h Convert ssl3_send_client_key_exchange to CBB. 2015-12-22 17:00:56 +00:00
buf.h
buffer.h
bytestring.h Rewrite ssl3_send_server_key_exchange to use CBB. 2015-12-22 17:23:58 +00:00
cast.h
chacha.h Change |CRYPTO_chacha_20| to use 96-bit nonces, 32-bit counters. 2015-10-26 23:58:46 +00:00
cipher.h Fix up several comments and detect problems in the future. 2015-11-05 20:12:45 +00:00
cmac.h Style: fix some header guards 2015-10-26 18:47:51 +00:00
conf.h
cpu.h Allow |CRYPTO_is_NEON_capable| to be known at compile time, if possible. 2015-11-19 00:15:11 +00:00
crypto.h Add no-op functions |CRYPTO_malloc_init| and |ENGINE_load_builtin_engines|. 2015-10-27 16:41:40 +00:00
curve25519.h Add #defines for ED25519 key and signature lengths. 2015-12-22 16:06:07 +00:00
des.h Fix shared library build on OS X. 2015-10-26 23:39:47 +00:00
dh.h Remove the CRYPTO_EX_new callback. 2015-12-15 21:29:46 +00:00
digest.h Documentation typo. 2015-09-28 22:18:40 +00:00
dsa.h Remove the CRYPTO_EX_new callback. 2015-12-15 21:29:46 +00:00
dtls1.h
ec_key.h Remove the CRYPTO_EX_new callback. 2015-12-15 21:29:46 +00:00
ec.h Add |EC_GROUP_get0_order| to replace |EC_GROUP_get_order|. 2015-12-15 18:18:13 +00:00
ecdh.h Clean up |ECDH_compute_key|. 2015-10-27 17:00:25 +00:00
ecdsa.h Fix up several comments and detect problems in the future. 2015-11-05 20:12:45 +00:00
engine.h Unwind DH_METHOD and DSA_METHOD. 2015-11-03 22:54:36 +00:00
err.h Fix up several comments and detect problems in the future. 2015-11-05 20:12:45 +00:00
evp.h Remove DH EVP_PKEY hooks. 2015-12-16 17:38:06 +00:00
ex_data.h Skip free callbacks on empty CRYPTO_EX_DATAs. 2015-12-15 21:32:14 +00:00
hkdf.h
hmac.h
lhash_macros.h
lhash.h Style: fix some header guards 2015-10-26 18:47:51 +00:00
md4.h Store the partial block as uint8_t, not uint32_t. 2015-12-16 19:59:29 +00:00
md5.h Store the partial block as uint8_t, not uint32_t. 2015-12-16 19:59:29 +00:00
mem.h
obj_mac.h
obj.h Fix up several comments and detect problems in the future. 2015-11-05 20:12:45 +00:00
objects.h
opensslfeatures.h
opensslv.h
ossl_typ.h
pem.h Resolve a few old TODOs. 2015-12-22 00:14:35 +00:00
pkcs7.h
pkcs8.h Add |PKCS12_verify_mac|. 2015-09-29 20:30:35 +00:00
pkcs12.h
poly1305.h Fix several minor points noticed by Kenny. 2015-09-24 22:08:50 +00:00
pqueue.h
rand.h Make RAND_seed read a byte of random data. 2015-11-16 21:58:46 +00:00
rc4.h
rsa.h Simplify RSA key exchange padding check. 2015-12-22 00:10:14 +00:00
safestack.h
sha.h Store the partial block as uint8_t, not uint32_t. 2015-12-16 19:59:29 +00:00
srtp.h
ssl3.h Remove SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER. 2015-12-15 19:14:00 +00:00
ssl.h Implement draft-ietf-tls-chacha20-poly1305-04. 2015-12-16 23:34:56 +00:00
stack_macros.h Remove stack macros for nonexistent types. 2015-12-22 00:12:38 +00:00
stack.h Remove stack macros for nonexistent types. 2015-12-22 00:12:38 +00:00
thread.h
time_support.h Style: fix some header guards 2015-10-26 18:47:51 +00:00
tls1.h Implement draft-ietf-tls-chacha20-poly1305-04. 2015-12-16 23:34:56 +00:00
type_check.h
x509_vfy.h Remove the CRYPTO_EX_new callback. 2015-12-15 21:29:46 +00:00
x509.h Resolve a few old TODOs. 2015-12-22 00:14:35 +00:00
x509v3.h