commit 75a1f23684e6f776d6081b1565f0cb1f04b0e288
author David Benjamin <davidben@google.com> Wed Oct 11 17:19:19 2017 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Oct 12 19:01:34 2017 +0000
tree 23f3598ca2b687c55e111ddf6fd45cc79738fc93
parent dbf12fc2ce1cac1af45f58cd3ec4302eed86566b

Have a bit more fun with Span.

Change-Id: Iba909603a72ec0d149d9898423c114304a5011fa
Reviewed-on: https://boringssl-review.googlesource.com/21644
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>

ssl/handshake_server.cc

diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index 74bfce9..7b282d8 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -876,8 +876,7 @@
 
     size_t sig_len;
     switch (ssl_private_key_sign(hs, ptr, &sig_len, max_sig_len,
-                                 signature_algorithm, hs->server_params.data(),
-                                 hs->server_params.size())) {
+                                 signature_algorithm, hs->server_params)) {
       case ssl_private_key_success:
         if (!CBB_did_write(&child, sig_len)) {
           return ssl_hs_error;
@@ -1113,8 +1112,7 @@
     size_t decrypt_len;
     switch (ssl_private_key_decrypt(hs, decrypt_buf.data(), &decrypt_len,
                                     decrypt_buf.size(),
-                                    CBS_data(&encrypted_premaster_secret),
-                                    CBS_len(&encrypted_premaster_secret))) {
+                                    encrypted_premaster_secret)) {
       case ssl_private_key_success:
         break;
       case ssl_private_key_failure:
@@ -1226,8 +1224,6 @@
 
     ScopedCBB new_premaster;
     CBB child;
-    uint8_t *new_data;
-    size_t new_len;
     if (!CBB_init(new_premaster.get(),
                   2 + psk_len + 2 + premaster_secret.size()) ||
         !CBB_add_u16_length_prefixed(new_premaster.get(), &child) ||
@@ -1235,12 +1231,10 @@
                        premaster_secret.size()) ||
         !CBB_add_u16_length_prefixed(new_premaster.get(), &child) ||
         !CBB_add_bytes(&child, psk, psk_len) ||
-        !CBB_finish(new_premaster.get(), &new_data, &new_len)) {
+        !CBBFinishArray(new_premaster.get(), &premaster_secret)) {
       OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
       return ssl_hs_error;
     }
-
-    premaster_secret.Reset(new_data, new_len);
   }
 
   if (!ssl_hash_message(hs, msg)) {
@@ -1312,7 +1306,7 @@
     return ssl_hs_error;
   }
 
-  int sig_ok;
+  bool sig_ok;
   // The SSL3 construction for CertificateVerify does not decompose into a
   // single final digest and signature, and must be special-cased.
   if (ssl_protocol_version(ssl) == SSL3_VERSION) {
@@ -1330,14 +1324,13 @@
              EVP_PKEY_verify(pctx.get(), CBS_data(&signature),
                              CBS_len(&signature), digest, digest_len);
   } else {
-    sig_ok = ssl_public_key_verify(
-        ssl, CBS_data(&signature), CBS_len(&signature), signature_algorithm,
-        hs->peer_pubkey.get(), hs->transcript.buffer_data(),
-        hs->transcript.buffer_len());
+    sig_ok =
+        ssl_public_key_verify(ssl, signature, signature_algorithm,
+                              hs->peer_pubkey.get(), hs->transcript.buffer());
   }
 
 #if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
-  sig_ok = 1;
+  sig_ok = true;
   ERR_clear_error();
 #endif
   if (!sig_ok) {