kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
f31e681acf
boringssl/ssl
History
David Benjamin f31e681acf Clean up ssl_set_cert_masks. 
It doesn't depend on the cipher now that export ciphers are gone. It need only
be called once. Also remove the valid bit; nothing ever reads it. Its output is
also only used within a function, so make mask_k and mask_a local variables.

So all the configuration-based checks are in one place, change the input
parameter from CERT to SSL and move the PSK and ECDHE checks to the mask
computation. This avoids having to evaluate the temporary EC key for each
cipher.

The remaining uses are on the client which uses them differently (disabled
features rather than enabled ones). Those too may as well be local variables,
so leave a TODO.

Change-Id: Ibcb574341795d4016ea749f0290a793eed798874
Reviewed-on: https://boringssl-review.googlesource.com/2287
Reviewed-by: Adam Langley <agl@google.com>
2014-11-18 22:21:52 +00:00
..
pqueue Test insertion of duplicates in pqueue_test. 2014-11-06 01:46:57 +00:00
test Add DTLS-SRTP tests. 2014-11-18 22:16:53 +00:00
CMakeLists.txt Merge the get_ssl_method hooks between TLS and SSLv3. 2014-09-30 22:58:59 +00:00
d1_both.c Remove DTLSv1_listen. 2014-11-10 22:39:24 +00:00
d1_clnt.c Remove SSL3_FLAGS_POP_BUFFER. 2014-11-10 23:59:13 +00:00
d1_enc.c Remove KSSL_DEBUG. 2014-11-04 19:35:38 +00:00
d1_lib.c Remove DTLSv1_listen. 2014-11-10 22:39:24 +00:00
d1_meth.c
d1_pkt.c Remove #if 0'd code documenting an old bug. 2014-11-10 22:45:17 +00:00
d1_srtp.c Add less dangerous versions of SRTP functions. 2014-10-27 21:58:09 +00:00
d1_srvr.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
s3_both.c Remove remnant of MS SGC second ClientHello. 2014-11-04 00:25:13 +00:00
s3_cbc.c Add a few more constant-time utility functions. 2014-11-10 13:45:32 -08:00
s3_clnt.c Remove TLS strict mode. 2014-11-18 22:20:33 +00:00
s3_enc.c Extended master secret support. 2014-10-24 21:19:44 +00:00
s3_lib.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
s3_meth.c Merge the get_ssl_method hooks between TLS and SSLv3. 2014-09-30 22:58:59 +00:00
s3_pkt.c Remove support for processing fragmented alerts 2014-11-13 22:58:30 +00:00
s3_srvr.c Don't resume sessions if the negotiated version doesn't match. 2014-11-13 22:05:12 +00:00
s23_clnt.c Remove some remnants of SSLv2. 2014-11-17 20:27:13 +00:00
s23_lib.c
s23_meth.c unifdef a bunch of OPENSSL_NO_* ifdefs. 2014-08-28 00:41:34 +00:00
s23_pkt.c
s23_srvr.c
ssl_algs.c Remove indirection in loading ciphers. 2014-09-15 21:06:10 +00:00
ssl_asn1.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
ssl_cert.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
ssl_ciph.c Remove client-side support for ServerKeyExchange in the RSA key exchange. 2014-11-10 23:00:09 +00:00
ssl_error.c Remove support for processing fragmented alerts 2014-11-13 22:58:30 +00:00
ssl_lib.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
ssl_locl.h Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
ssl_rsa.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
ssl_sess.c Remove some remnants of SSLv2. 2014-11-17 20:27:13 +00:00
ssl_stat.c unifdef a bunch of OPENSSL_NO_* ifdefs. 2014-08-28 00:41:34 +00:00
ssl_test.c Remove psk_identity_hint from SSL_SESSION. 2014-11-10 23:59:47 +00:00
ssl_txt.c Remove some remnants of SSLv2. 2014-11-17 20:27:13 +00:00
t1_enc.c Remove KSSL_DEBUG. 2014-11-04 19:35:38 +00:00
t1_lib.c Clean up ssl_set_cert_masks. 2014-11-18 22:21:52 +00:00
t1_reneg.c