2a0b391ac9
There is some messiness around saving and restoring the CBB, but this is still significantly clearer. Note that the BUF_MEM_grow line is gone in favor of a fixed CBB like the other functions ported thus far. This line was never necessary as init_buf is initialized to 16k and none of our key exchanges get that large. (The largest one can get is DHE_RSA. Even so, it'd take a roughly 30k-bit DH group with a 30k-bit RSA key.) Having such limits and tight assumptions on init_buf's initial size is poor (but on par for the old code which usually just blindly assumed the message would not get too large) and the size of the certificate chain is much less obviously bounded, so those BUF_MEM_grows can't easily go. My current plan is convert everything but those which legitimately need BUF_MEM_grow to CBB, then atomically convert the rest, remove init_buf, and switch everything to non-fixed CBBs. This will hopefully also simplify async resumption. In the meantime, having a story for resumption means the future atomic change is smaller and, more importantly, relieves some complexity budget in the ServerKeyExchange code for adding Curve25519. Change-Id: I1de6af9856caaed353453d92a502ba461a938fbd Reviewed-on: https://boringssl-review.googlesource.com/6770 Reviewed-by: Adam Langley <agl@google.com> |
||
---|---|---|
.. | ||
aead.h | ||
aes.h | ||
arm_arch.h | ||
asn1_mac.h | ||
asn1.h | ||
asn1t.h | ||
base64.h | ||
base.h | ||
bio.h | ||
blowfish.h | ||
bn.h | ||
buf.h | ||
buffer.h | ||
bytestring.h | ||
cast.h | ||
chacha.h | ||
cipher.h | ||
cmac.h | ||
conf.h | ||
cpu.h | ||
crypto.h | ||
curve25519.h | ||
des.h | ||
dh.h | ||
digest.h | ||
dsa.h | ||
dtls1.h | ||
ec_key.h | ||
ec.h | ||
ecdh.h | ||
ecdsa.h | ||
engine.h | ||
err.h | ||
evp.h | ||
ex_data.h | ||
hkdf.h | ||
hmac.h | ||
lhash_macros.h | ||
lhash.h | ||
md4.h | ||
md5.h | ||
mem.h | ||
obj_mac.h | ||
obj.h | ||
objects.h | ||
opensslfeatures.h | ||
opensslv.h | ||
ossl_typ.h | ||
pem.h | ||
pkcs7.h | ||
pkcs8.h | ||
pkcs12.h | ||
poly1305.h | ||
pqueue.h | ||
rand.h | ||
rc4.h | ||
rsa.h | ||
safestack.h | ||
sha.h | ||
srtp.h | ||
ssl3.h | ||
ssl.h | ||
stack_macros.h | ||
stack.h | ||
thread.h | ||
time_support.h | ||
tls1.h | ||
type_check.h | ||
x509_vfy.h | ||
x509.h | ||
x509v3.h |