commit 6dc8bf62627b81a53f300d968a50cdc90ea722c4
author David Benjamin <davidben@google.com> Wed Jul 19 16:38:21 2017 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Jul 20 21:10:02 2017 +0000
tree f529b635fdfcc8621fdd4130ec1381223b295c62
parent bf1117d1fd755188d2562c7b32bd00ab3a7bd5d1

Convert SSL_TRANSCRIPT to C++.

Bug: 132
Change-Id: I2d7cb45d56e8dcb223fbc5838922fdbe6f28ded7
Reviewed-on: https://boringssl-review.googlesource.com/18264
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/handshake_server.cc

diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index 48d3426..b57b67a 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -930,8 +930,8 @@
 
   /* Now that all parameters are known, initialize the handshake hash and hash
    * the ClientHello. */
-  if (!SSL_TRANSCRIPT_init_hash(&hs->transcript, ssl3_protocol_version(ssl),
-                                hs->new_cipher->algorithm_prf) ||
+  if (!hs->transcript.InitHash(ssl3_protocol_version(ssl),
+                               hs->new_cipher->algorithm_prf) ||
       !ssl_hash_current_message(hs)) {
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
     return -1;
@@ -939,7 +939,7 @@
 
   /* Release the handshake buffer if client authentication isn't required. */
   if (!hs->cert_request) {
-    SSL_TRANSCRIPT_free_buffer(&hs->transcript);
+    hs->transcript.FreeBuffer();
   }
 
   return 1;
@@ -1251,7 +1251,7 @@
 
   if (sk_CRYPTO_BUFFER_num(hs->new_session->certs) == 0) {
     /* No client certificate so the handshake buffer may be discarded. */
-    SSL_TRANSCRIPT_free_buffer(&hs->transcript);
+    hs->transcript.FreeBuffer();
 
     /* In SSL 3.0, sending no certificate is signaled by omitting the
      * Certificate message. */
@@ -1540,7 +1540,7 @@
    * CertificateVerify is required if and only if there's a client certificate.
    * */
   if (!hs->peer_pubkey) {
-    SSL_TRANSCRIPT_free_buffer(&hs->transcript);
+    hs->transcript.FreeBuffer();
     return 1;
   }
 
@@ -1590,9 +1590,8 @@
   if (ssl3_protocol_version(ssl) == SSL3_VERSION) {
     uint8_t digest[EVP_MAX_MD_SIZE];
     size_t digest_len;
-    if (!SSL_TRANSCRIPT_ssl3_cert_verify_hash(
-            &hs->transcript, digest, &digest_len, hs->new_session.get(),
-            signature_algorithm)) {
+    if (!hs->transcript.GetSSL3CertVerifyHash(
+            digest, &digest_len, hs->new_session.get(), signature_algorithm)) {
       return -1;
     }
 
@@ -1605,8 +1604,8 @@
   } else {
     sig_ok = ssl_public_key_verify(
         ssl, CBS_data(&signature), CBS_len(&signature), signature_algorithm,
-        hs->peer_pubkey.get(), (const uint8_t *)hs->transcript.buffer->data,
-        hs->transcript.buffer->length);
+        hs->peer_pubkey.get(), hs->transcript.buffer_data(),
+        hs->transcript.buffer_len());
   }
 
 #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
@@ -1621,7 +1620,7 @@
 
   /* The handshake buffer is no longer necessary, and we may hash the current
    * message.*/
-  SSL_TRANSCRIPT_free_buffer(&hs->transcript);
+  hs->transcript.FreeBuffer();
   if (!ssl_hash_current_message(hs)) {
     return -1;
   }